This repository has been archived on 2026-07-08. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
infospace-bench/infospaces/patterns-of-it-securita-architecture/artifacts/entities/pattern-signed-container-images.md

44 lines
1.1 KiB
Markdown

# Pattern: Signed Container Images
Status: seed
Readiness target: RL3 production
Primary owners: artifact-store, Railiance platform, product repos
Genesis family: Supply chain
## Problem
Container images can be replaced, confused, or deployed from untrusted
origins unless image identity is cryptographically verifiable.
## Context
Use this pattern for production container images, platform controllers,
tenant workloads, and deployment admission.
## Forces
- Tags are mutable unless controlled.
- Signatures need trusted keys or identities.
- Admission must verify the image that actually runs.
- Rollbacks need signed artifacts too.
## Solution
Sign container image digests after trusted builds and require production
deployments to reference images whose signatures and provenance satisfy
policy.
## Verification
- Images are signed by trusted build or release identities.
- Admission rejects unsigned or untrusted images.
- Deployments pin or verify immutable digests.
- Signature rotation and key compromise processes exist.
## Related Patterns
- Signed Image Admission.
- SLSA Build Provenance.
- SBOM-per-Release.
- Quarantined Build Runner.