How to Integrate with GitHub + Sigstore for Image Signature Validation
Overview
Sigstore provides a way to sign and verify container images using short-lived, identity-bound certificates through OIDC.
GitHub integrates with Sigstoreβs public services, allowing images built in GitHub Actions to be signed keylessly.
With Sysdig Secure, verification occurs automatically during cluster admission based on policy rules you define in the backend. No Sigstore service deployment is required.
Purpose of Integration
Use GitHub and Sigstore to ensure that only images signed by trusted GitHub workflows are admitted to your Kubernetes or OpenShift clusters. Admission control rejects unsigned or incorrectly signed images, improving provenance, compliance, and supply chain security.
Benefits
| Capability | Description |
|---|---|
| Policy-driven verification | Trust rules are defined in the Sysdig Image Signature Validation policy. |
| Keyless OIDC signing | Trust GitHub Actions identities without managing long-lived private keys. |
| No infrastructure to host | Uses public Sigstore services; Fulcio, Rekor, or TUF hosting is not required. |
| Admission enforcement | Blocks non-conforming images before deployment. |
Summary
This integration verifies container images signed in GitHub Actions using OIDC identities.
Verification criteria are defined in the Sysdig Image Signature Validation policy, and Cluster Shield enforces those rules during admission.
Configuration
Cluster Shield
No GitHub or Sigstore configuration is required in Helm values.
You can enable signature checks globally. The backend policy determines verification behavior.
features:
supply_chain:
enabled: true
image_signature:
cosign:
enabled: true
Policy Configuration
Use the Image Signature Validation Policy to define how Sysdig verifies image signatures. You can choose between two mutually exclusive verification mechanisms:
Public Key verification (PKI-based)
- Provide a PEM-encoded public key.
- Sysdig verifies images signed with the corresponding private key.
- Use this method when you control your own signing keys, such as in a non-keyless CI setup.
Example
-----BEGIN PUBLIC KEY-----
MFswDQYJKoZIhvcNAQEBBQADSgAwRwJAXWRPQyGlEY+SXz8Uslhe+MLjTgWd8lf/
nA0hgCm9JFKC1tq1S73cQ9naClNXsMqY7pwPt1bSY8jYRqHHbdoUvwIDAQAB
-----END PUBLIC KEY-----
OIDC Provider (GitHub/Sigstore keyless verification)
- Specify the OIDC Issuer, for example https://token.actions.githubusercontent.com.
- Define the Certificate Identity using a regular expression that matches the signer identity (for example, a GitHub repo/workflow path, service account, or email).
- Optionally, provide a Certificate Chain (PEM) to override the default chain.
- This is useful if you have a custom TUF root or want to pin or override a chain for the policy.
Examples
- OIDC Issuer (regexp supported):
^https://token.actions.githubusercontent.com$ - Certificate Identity (regexp supported):
^https://github.com/my-org/my-repo/.github/workflows/build\.yml@refs/heads/main$or^https://github.com/my-org/.*or^system:serviceaccount:my-ns:my-sa$or^user@example\.com$
Choose either Public Key or OIDC Provider in a single policy. They are mutually exclusive.
Example Use Cases
- Allow only images signed by the
my-org/my-repomain branch workflow in production namespaces. - Block all third-party images unless signed by your central build key (Public Key mode).
- Allow platform namespaces to deploy images signed by a service account identity via OIDC.
