Sigstore's cosign is the new, widely supported way of signing container images.
Of particular interest is the keyless OpenID signing flow: it proves a time-constrained signing identity, vs an unconstrained signing identity you usually get with static / long-lived keys.
To use it in cloudbuild:
steps: - id: sign name: "gcr.io/projectsigstore/cosign" entrypoint: sh env: - "TUF_ROOT=/tmp" # cosign tries to create $HOME/.sigstore - "COSIGN_EXPERIMENTAL=1" - "GOOGLE_SERVICE_ACCOUNT_NAMEemail@example.com" args: - "-c" - "cosign sign gcr.io/project/image@sha256:..."
The cosign container runs as non root,
so it doesn't have permission to create
$HOME/.sigstore and it dies.
TUF_ROOT changes where it tries to do that.
Container registries are a big pile of global shared state,
and if you push a tag such as
:latest and later refer to them,
it might not be the same thing (if someone else pushed something called
:latest in between).
Thankfully, registries are also content addressable using digests,
looking something like
How do you get one?
docker is not very helpful,
docker build --iidfile outputs a file with
but that's for the image's "local configuration".
Apparently the only reliable way is to push the image to a v2 registry,
and then a manifest will be generated, and you can get a digest for that.
kaniko is much better,
providing flags such as:
outputting files onto the local system
which contain digests (optionally with image names), one per line.
So with cosign, the invocation becomes (assuming
args: - "-c" - "cosign sign $(head -n 1 .image.txt)"