Support cosign --k8s-keychain flag

Passing this flag allows cosign to pick up ambient registry credentials
sse-secure-systems · Feb 17, 2022 · bc0367b · bc0367b
1 parent 0c504cc
commit bc0367b
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 3 deletions.
diff --git a/connaisseur/res/config_schema.json b/connaisseur/res/config_schema.json
@@ -134,6 +134,9 @@
                                 "cert": {
                                     "type": "string",
                                     "pattern": "(?:-+BEGIN\\sCERTIFICATE[-]+)\n(?:(?:[A-Za-z0-9+\/\\s])*={0,4})\n(?:-+END\\sCERTIFICATE[-]+)"
+                                },
+                                "k8s_keychain": {
+                                    "type": "boolean"
                                 }
                             },
                             "required": [

diff --git a/connaisseur/validators/cosign/cosign_validator.py b/connaisseur/validators/cosign/cosign_validator.py
@@ -22,9 +22,12 @@ class CosignValidator(ValidatorInterface):
     name: str
     trust_roots: list
 
-    def __init__(self, name: str, trust_roots: list, **kwargs):
+    def __init__(
+        self, name: str, trust_roots: list, k8s_keychain: bool = False, **kwargs
+    ):
         super().__init__(name, **kwargs)
         self.trust_roots = trust_roots
+        self.k8s_keychain = k8s_keychain
 
     def __get_key(self, key_name: str = None):
         key_name = key_name or "default"
@@ -137,6 +140,7 @@ def __invoke_cosign(self, image, key):
             "--output",
             "text",
             *pubkey_config,
+            *(["--k8s-keychain"] if self.k8s_keychain else []),
             image,
         ]
 

diff --git a/docs/validators/sigstore_cosign.md b/docs/validators/sigstore_cosign.md
@@ -97,6 +97,7 @@ kubectl run altsigned --image=docker.io/securesystemsengineering/testimage:co-si
 | `auth.` | | | Authentication credentials for private registries. |
 | `auth.secret_name` | | | Name of a Kubernetes secret in Connaisseur namespace that contains [dockerconfigjson](https://kubernetes.io/docs/concepts/configuration/secret/#docker-config-secrets) for registry authentication. See additional notes [below](#authentication). |
 | `cert` | | | A certificate in PEM format for private registries. |
+| `k8s_keychain` | false | | When true, pass `--k8s-keychain` argument to `cosign verify`. |
 
 ### Example
 
@@ -123,8 +124,11 @@ policy:
 
 ### Authentication
 
-When using a private registry for images and signature data, the credentials need to be provided to Connaisseur.
-This is done by creating a [dockerconfigjson](https://kubernetes.io/docs/concepts/configuration/secret/#docker-config-secrets) Kubernetes secret in the Connaisseur namespace and passing the secret name to Connaisseur as `auth.secret_name`.
+When using a private registry for images and signature data, the credentials need to be provided to Connaisseur. There are two ways to do this.
+
+#### dockerconfigjson
+
+Create a [dockerconfigjson](https://kubernetes.io/docs/concepts/configuration/secret/#docker-config-secrets) Kubernetes secret in the Connaisseur namespace and pass the secret name to Connaisseur as `auth.secret_name`.
 The secret can for example be created directly from your local `config.json` (for docker this resides in `~/.docker/config.json`):
 
 ```bash
@@ -136,6 +140,30 @@ kubectl create secret generic my-secret \
 In the above case, the secret name in Connaisseur configuration would be `secret_name: my-secret`.
 It is possible to provide one Kubernetes secret with a `config.json` for authentication to multiple private registries and referencing this in multiple validators.
 
+#### k8s_keychain
+
+Specify `k8s_keychain: true` in the validator configuration to pass the flag `--k8s-keychain` to `cosign` when performing image validation.
+This will allow `cosign` to pick up ambient registry credentials from the environment.
+
+For example, when validating against an ECR private repository, the credentials of an IAM user allowed to perform actions
+`ecr:GetAuthorizationToken`, `ecr:BatchGetImage`, and `ecr:GetDownloadUrlForLayer` could be added to the secret `connaisseur-env-secrets`:
+
+```yaml
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: connaisseur-env-secrets
+  ...
+data:
+  AWS_ACCESS_KEY_ID: ***
+  AWS_SECRET_ACCESS_KEY: ***
+  ...
+```
+
+If `k8s_keychain` is set to `true` in the validator configuration, `cosign` will log into ECR at time of validation.
+See [this cosign pull request](https://github.com/sigstore/cosign/pull/972) for more details.
+
 ### KMS Support
 
 > :warning: This is currently an experimental feature that might unstable over time. As such, it is not part of our semantic versioning guarantees and we take the liberty to adjust or remove it with any version at any time without incrementing MAJOR or MINOR.