This repository has been archived on 2026-07-08. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
infospace-bench/infospaces/patterns-of-it-securita-architecture/artifacts/entities/pattern-signed-container-images.md

1.1 KiB

Pattern: Signed Container Images

Status: seed Readiness target: RL3 production Primary owners: artifact-store, Railiance platform, product repos Genesis family: Supply chain

Problem

Container images can be replaced, confused, or deployed from untrusted origins unless image identity is cryptographically verifiable.

Context

Use this pattern for production container images, platform controllers, tenant workloads, and deployment admission.

Forces

  • Tags are mutable unless controlled.
  • Signatures need trusted keys or identities.
  • Admission must verify the image that actually runs.
  • Rollbacks need signed artifacts too.

Solution

Sign container image digests after trusted builds and require production deployments to reference images whose signatures and provenance satisfy policy.

Verification

  • Images are signed by trusted build or release identities.
  • Admission rejects unsigned or untrusted images.
  • Deployments pin or verify immutable digests.
  • Signature rotation and key compromise processes exist.
  • Signed Image Admission.
  • SLSA Build Provenance.
  • SBOM-per-Release.
  • Quarantined Build Runner.