Kubernetes Adopts Sigstore for Supply Chain Security
With the release of Kubernetes 1.24 on May 4, for the first time, over five million Kubernetes developers can verify that the distributions they’re using are what they claim to be. That’s because with this release Kubernetes is adopting Sigstore for signing artifacts and verifying signatures. This is a major move forward for Kubernetes security.
As we all know, container supply chain security has become a critical issue. All too often software components are poisoned, and every program built on them wither and die with them. Introduced last year, Sigstore is a free software signing service. It improves software supply chain security by making it easy to cryptographically sign release files, container images, and binaries. Once signed, the signing record is kept in a tamper-proof public log. The sigstore will be free to use by all developers and software providers. This gives software artifacts a safer chain of custody that can be secured and traced back to their source.
A Huge Step
One reason this is such a big deal, Tracy Miranda, developer security company Chainguard‘s head of open source, explained is that it’s “a huge step in protecting the integrity of the Kubernetes ecosystem and demonstrates that code signing at an enormous scale is possible and frankly necessary due to the increase in supply chain attacks.”
It’s the ease of use that’s important here. We’ve long known that it was good security to cryptographically sign and verify programming elements, but most earlier cryptographic signature tools have either been too cumbersome or too confusing to use. Without easy-to-use tools to digitally sign their code, few developers are going to bother. That’s where Sigstore came in.
As Bob Callaway, a Google Staff Software Engineer and Sigstore project founder, said “We built Sigstore to be easy, free, and seamless so that it would be massively adopted and protect us all from supply chain attacks. Kubernetes’ choice to use Sigstore is a testament to that work.”
SLSA Compliance
The Kubernetes release team saw the importance of this effort. In early 2021, the crew began exploring Supply chain Levels for Software Artifacts, (SLSA, pronounced salsa) compliance to improve Kubernetes software supply chain security. SLSA is a security framework that includes a checklist of standards and controls to prevent tampering, improve the integrity, and secure the packages and infrastructure of your projects. Sigstore was a key project in achieving SLSA level 2 status and getting a head start towards achieving SLSA level 3 compliance, which the Kubernetes community expects to reach this August.
Sigstore Benefits
Sigstore also delivers a variety of benefits to the Kubernetes community, including:
- Sigstore’s keyless signing gives a great developer experience and removes the need for painful key management.
- Sigstore’s public transparency log (Rekor) and APIs mean Kubernetes consumers may easily verify signed artifacts.
- Sigstore’s use of standards, such as support for any Open Container Initiative (OCI) artifact (including containers, Helm Charts, configuration files, and policy bundles) and OpenID Connect (OIDC), meant it could integrate seamlessly with other tools and services.
- The active, open source, vendor-neutral Sigstore community gives confidence that the project will be rapidly adopted and become a de-facto industry standard.
“Security is a never-ending journey, but each step delivered to decrease attackers’ ability to undermine the integrity of our supply chains is an important one,” said Tim Pepper, VMware’s Head of Open Source Technology Center and Kubernetes Steering Committee. Sigstore’s adoption by Kubernetes in its next release is a big step forward.
