Summary
The repository has SBOM generation (sbom-syft) but no artifact signing or verification skills. Sigstore/cosign has become the de facto standard for container image signing and software supply chain security, mandated by EO 14028, SLSA, and increasingly by enterprise software consumers. Without signing, SBOMs generated by Syft cannot be trusted by downstream consumers.
Requested Skill: secsdlc/supply-chain-cosign
What to Cover
Core workflows:
- Sign a container image after build
# Keyless signing via OIDC (GitHub Actions / Fulcio CA)
cosign sign --yes ghcr.io/myorg/myapp:v1.2.3
# Sign with a key pair (air-gapped / self-hosted)
cosign sign --key cosign.key ghcr.io/myorg/myapp:v1.2.3
- Verify an image before deployment
# Verify against Rekor transparency log
cosign verify \
--certificate-identity-regexp="https://github.com/myorg/myapp/.*" \
--certificate-oidc-issuer="https://token.actions.githubusercontent.com" \
ghcr.io/myorg/myapp:v1.2.3
- Attach and verify a Syft SBOM — pairs with
secsdlc/sbom-syft
# Generate SBOM with Syft, attach to image with cosign
syft ghcr.io/myorg/myapp:v1.2.3 -o spdx-json > sbom.spdx.json
cosign attach sbom --sbom sbom.spdx.json ghcr.io/myorg/myapp:v1.2.3
cosign verify-attestation --type spdxjson ghcr.io/myorg/myapp:v1.2.3
- Policy enforcement with OPA — reject unsigned images in K8s via Policy Controller
# Install Sigstore Policy Controller (admission webhook)
helm install policy-controller sigstore/policy-controller \
--set webhook.failOpen=false
# Apply ClusterImagePolicy requiring signatures
kubectl apply -f - <<EOF
apiVersion: policy.sigstore.dev/v1beta1
kind: ClusterImagePolicy
metadata:
name: require-signed-images
spec:
images:
- glob: "ghcr.io/myorg/**"
authorities:
- keyless:
url: https://fulcio.sigstore.dev
EOF
- GitHub Actions integration (complete pipeline)
- name: Sign image
run: cosign sign --yes ${{ env.IMAGE }}
env:
COSIGN_EXPERIMENTAL: true # keyless via OIDCSLSA Levels Addressed
| Practice |
SLSA Level |
| Source version controlled |
L1 |
| Build service generates provenance |
L2 |
| Provenance signed by build service |
L3 |
| Build hermetic, isolated |
L4 |
Frameworks
- SLSA (Supply Chain Levels for Software Artifacts) L2–L3
- NIST SP 800-218 (SSDF) — PW.4.1 (reuse trusted components)
- EO 14028 Section 4(e) — software supply chain security
- CIS Software Supply Chain Security Guide
- OWASP CycloneDX / SPDX standards (via Syft SBOM attachment)
Relationship to Existing Skills
- Upstream:
secsdlc/sbom-syft generates the SBOM that cosign attaches as an attestation
- Downstream:
compliance/policy-opa can verify cosign signatures are present before deployment
- CI/CD: Pairs with
secsdlc/reviewdog in the CI pipeline — sign only after all checks pass
Summary
The repository has SBOM generation (
sbom-syft) but no artifact signing or verification skills. Sigstore/cosign has become the de facto standard for container image signing and software supply chain security, mandated by EO 14028, SLSA, and increasingly by enterprise software consumers. Without signing, SBOMs generated by Syft cannot be trusted by downstream consumers.Requested Skill:
secsdlc/supply-chain-cosignWhat to Cover
Core workflows:
secsdlc/sbom-syftSLSA Levels Addressed
Frameworks
Relationship to Existing Skills
secsdlc/sbom-syftgenerates the SBOM that cosign attaches as an attestationcompliance/policy-opacan verify cosign signatures are present before deploymentsecsdlc/reviewdogin the CI pipeline — sign only after all checks pass