# Pattern: Signed Image Admission Status: seed Readiness target: RL3 production Primary owners: Railiance platform, artifact-store, product repos Genesis family: Kubernetes and platform ## Problem Clusters cannot trust that an image came from reviewed source or an approved build unless admission verifies signature and provenance. ## Context Use this pattern for Kubernetes admission, container registries, artifact-store, release promotion, and supply-chain evidence. ## Forces - Developers need fast image builds. - Production needs evidence of review and provenance. - Not every image source is equally trusted. - Emergency rollback must still use trusted artifacts. ## Solution Require production workloads to use signed images from approved registries. Admission verifies signature, digest, provenance, and policy before the workload runs. ## Verification - Unsigned images are rejected in production namespaces. - Admission pins by digest or verifies immutable references. - Signatures and provenance link to reviewed source and build identity. - Emergency images follow the same trust policy. ## Related Patterns - Supply-Chain Provenance. - Signed Container Images. - SLSA Build Provenance. - Policy-as-Code Admission Control.