Software Supply Chain Security with Sigstore and SLSA Framework

By /

Software Supply Chain Security: Sigstore and SLSA

Supply chain security Sigstore addresses one of the most critical challenges in modern software development — ensuring that the code you deploy is exactly what was built from your source code, untampered and from a trusted source. After high-profile attacks like SolarWinds and Log4Shell, supply chain security has moved from a nice-to-have to a regulatory requirement. Therefore, every engineering team needs to implement artifact signing, provenance verification, and dependency auditing.

Sigstore provides keyless signing and verification for software artifacts, eliminating the complexity of managing signing keys. Moreover, the SLSA (Supply-chain Levels for Software Artifacts) framework defines progressive maturity levels for supply chain security. Consequently, organizations can start with basic signing and work toward comprehensive provenance that proves exactly how each artifact was built.

Supply Chain Security Sigstore: Artifact Signing

Sigstore uses ephemeral certificates tied to developer identities (via OIDC) instead of long-lived signing keys. This means there are no keys to manage, rotate, or protect. Furthermore, every signature is recorded in a tamper-proof transparency log, providing a public audit trail of all signed artifacts.

# Sign a container image with cosign (Sigstore)
cosign sign --yes ghcr.io/myorg/myapp:v1.2.3

# Sign with GitHub Actions OIDC identity (keyless)
# The signature includes the workflow, commit SHA, and trigger
cosign sign --yes \
  --certificate-identity-regexp="https://github.com/myorg/.*" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com" \
  ghcr.io/myorg/myapp@sha256:abc123

# Verify a signed image
cosign verify \
  --certificate-identity-regexp="https://github.com/myorg/.*" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com" \
  ghcr.io/myorg/myapp:v1.2.3

# Attach SBOM to container image
cosign attach sbom --sbom sbom.spdx.json ghcr.io/myorg/myapp:v1.2.3
Software supply chain security signing
Sigstore provides keyless signing tied to developer identities through OIDC

SLSA Framework: Provenance Levels

SLSA defines four levels of supply chain security maturity. Level 1 requires build provenance documentation. Level 2 requires a hosted build service. Level 3 requires a hardened build platform with non-falsifiable provenance. Furthermore, each level builds on the previous one, providing a clear improvement roadmap for organizations.

# GitHub Actions workflow with SLSA Level 3 provenance
name: Build and Sign
on:
  push:
    tags: ['v*']

permissions:
  contents: read
  packages: write
  id-token: write  # Required for Sigstore OIDC

jobs:
  build:
    runs-on: ubuntu-latest
    outputs:
      digest: ${{ steps.build.outputs.digest }}
    steps:
      - uses: actions/checkout@v4

      - name: Build and push image
        id: build
        uses: docker/build-push-action@v5
        with:
          push: true
          tags: ghcr.io/myorg/myapp:${{ github.ref_name }}

      - name: Generate SBOM
        uses: anchore/sbom-action@v0
        with:
          image: ghcr.io/myorg/myapp@${{ steps.build.outputs.digest }}
          format: spdx-json
          output-file: sbom.spdx.json

      - name: Sign image with Sigstore
        uses: sigstore/cosign-installer@v3
      - run: cosign sign --yes ghcr.io/myorg/myapp@${{ steps.build.outputs.digest }}

      - name: Attach SBOM
        run: cosign attach sbom --sbom sbom.spdx.json ghcr.io/myorg/myapp@${{ steps.build.outputs.digest }}

  # SLSA provenance generator
  provenance:
    needs: build
    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v2.0.0
    with:
      image: ghcr.io/myorg/myapp
      digest: ${{ needs.build.outputs.digest }}

Verification in Kubernetes

Use admission controllers to enforce signature verification before deploying containers. Sigstore’s policy-controller rejects any unsigned or improperly signed images. Additionally, you can require SLSA provenance at a specific level, ensuring only properly built artifacts enter your cluster.

Kubernetes security verification
Kubernetes admission controllers enforce signature verification at deployment time

Getting Started

Start with SLSA Level 1 — add provenance metadata to your CI/CD pipeline. Then implement Sigstore signing for container images and binaries. Finally, enforce verification in your deployment pipeline. See the Sigstore documentation and SLSA framework for detailed implementation guides.

Key Takeaways

  • Start with a solid foundation and build incrementally based on your requirements
  • Test thoroughly in staging before deploying to production environments
  • Monitor performance metrics and iterate based on real-world data
  • Follow security best practices and keep dependencies up to date
  • Document architectural decisions for future team members
DevSecOps pipeline security
Progressive adoption from SLSA Level 1 to Level 3 provides a clear security improvement path

In conclusion, supply chain security Sigstore and the SLSA framework provide practical, implementable solutions for protecting your software delivery pipeline. Keyless signing eliminates key management headaches, transparency logs provide auditing, and progressive SLSA levels give you a clear maturity roadmap. Start signing your artifacts today — the tooling has never been more accessible.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top