Home Posts [Cheat Sheet] Verifying Software Integrity with Sigstore [20
Security Deep-Dive

[Cheat Sheet] Verifying Software Integrity with Sigstore [2026]

[Cheat Sheet] Verifying Software Integrity with Sigstore [2026]
Dillip Chowdary
Dillip Chowdary
Tech Entrepreneur & Innovator · April 23, 2026 · 8 min read

Bottom Line

Sigstore’s keyless architecture is the single most effective way to prevent private key compromise in 2026, shifting the security burden from manual secret management to automated OIDC identity verification.

Key Takeaways

  • Keyless Signing leverages OIDC to issue short-lived certificates, eliminating the 'lost private key' scenario entirely.
  • Rekor Transparency Logs create an immutable audit trail, allowing security teams to detect unauthorized signatures in real-time.
  • OCI Native Storage means signatures live alongside your images in any standard registry (ECR, GCR) using the v2.0 spec.
  • Policy Enforcement via Kubernetes admission controllers ensures only verified code runs in production.

In an era where supply chain attacks like XZ Utils and SolarWinds are no longer anomalies, verifying software integrity is a non-negotiable step in the CI/CD pipeline. The Sigstore ecosystem—comprising Cosign, Rekor, and Fulcio—standardizes this process by providing a low-to-zero friction mechanism for signing and verifying artifacts. This reference guide provides the essential commands and configuration patterns for securing container images and binary artifacts using Cosign v2.4.1 and the broader Sigstore 2026 stack.

Interactive Command Reference

Use the filter below to find specific commands for your workflow. This checklist covers everything from local developer setups to production-grade admission controls.

Workflow Stage Action Edge Cases / Tips
Development Local Key Generation Use cosign generate-key-pair for air-gapped systems.
CI/CD Keyless Signing Prefers --keyless using GitHub Actions OIDC token.
Production Admission Control Blocks images without valid Rekor entry.
Auditing Log Verification Query signatures by SHA256 digest.

Environment Initialization

Before you can sign or verify, you must ensure your environment is authenticated with your OCI registry and the Sigstore public infrastructure. In 2026, most managed registries (GCR, ECR, AR) support native OIDC integration with Cosign.

  • Install Cosign: Ensure you are running v2.4.1 or higher for full Rekor v1.2 support.
  • Registry Auth: Run docker login or use cosign login [registry].
  • Key Generation (Legacy): If not using keyless, generate a local pair:
# Generate an encrypted private/public key pair
cosign generate-key-pair

# Or use a KMS provider (Recommended for Keyed Enterprise)
cosign generate-key-pair --kms awskms:///arn:aws:kms:us-east-1:1234:key/abc-123

Bottom Line

Sigstore’s keyless architecture is the single most effective way to prevent private key compromise in 2026, shifting the security burden from manual secret management to automated OIDC identity verification via Fulcio and Rekor.

Signing Artifacts (Keyed & Keyless)

Signing is the process of creating a cryptographic proof that you (or your build system) produced the artifact. In 2026, Keyless Signing is the gold standard.

Keyless Signing (The 2026 Standard)

This flow uses OIDC to prove identity (e.g., your GitHub account or a CI service account) to the Fulcio Certificate Authority, which issues a short-lived certificate (valid for 10 minutes).

# Sign an image using keyless flow
cosign sign --keyless ghcr.io/org/app:latest

# Sign with specific OIDC identity constraints
cosign sign --keyless --identity-token [JWT] ghcr.io/org/app:latest

Key-Based Signing (Legacy/Air-gapped)

Use this for environments without external internet access or when strict internal KMS policies apply.

# Sign using a local private key
cosign sign --key cosign.key ghcr.io/org/app:latest

# Sign with a specific annotation (useful for metadata filtering)
cosign sign --key cosign.key -a env=prod -a team=security ghcr.io/org/app:latest

Verification & Compliance

Verification is where the actual security value is realized. This must happen at the deployment gate (Admission Controller) and can also be run manually during audits.

# Verify a keyless signature
cosign verify --keyless \
  --certificate-identity-regexp ".*@techbytes.app" \
  --certificate-oidc-issuer https://accounts.google.com \
  ghcr.io/org/app:latest

# Verify a keyed signature
cosign verify --key cosign.pub ghcr.io/org/app:latest
Pro tip: Always verify by SHA256 digest rather than mutable tags (like :latest) to prevent TOCTOU (Time-of-Check Time-of-Use) attacks.

Rekor Transparency Log Auditing

Rekor provides an immutable record of all signature events. This prevents an attacker from signing an image and then deleting the evidence of their identity.

  • Search Log: Query the log for any entry related to a specific image digest.
  • Verify Log Entry: Ensure the signature was recorded correctly on the transparency log.
  • Data Privacy: When generating log reports or audits from Rekor, use our Data Masking Tool to ensure that any PII accidentally included in the metadata is scrubbed before public sharing.
# Search for a log entry by artifact digest
rekor-cli search --sha sha256:d87c... 

# Get a specific log entry by UUID
rekor-cli get --uuid [UUID]

CI/CD & Policy Enforcement

Manual verification is for debugging; automated enforcement is for security. Integrating Sigstore into Kubernetes is done via Policy Controller (part of the Enterprise Sigstore stack).

  1. Install Policy Controller: Deploy the admission controller to your K8s cluster.
  2. Define ClusterImagePolicy: Create a Rego or CUE-based policy that defines which identities are allowed to sign images.
  3. Enable for Namespace: Label namespaces to enforce the policy: kubectl label ns prod policy-enforcement=enforce.
Watch out: If your CI/CD runner is compromised, an attacker might sign malicious images. Use Attestations (SBOMs) to verify not just who signed it, but also how it was built.

Frequently Asked Questions

What happens if Rekor goes down? +
Verification can still occur locally if you have the public key or certificate, but the transparency benefits and timestamping provided by the ledger will be unavailable until the service is restored.
Do I need a special registry for Cosign? +
No, Cosign works with any registry that supports the OCI (Open Container Initiative) specification, including AWS ECR, Google Artifact Registry, and Azure Container Registry.
How does keyless signing differ from GPG? +
GPG requires complex web-of-trust or manual key distribution. Sigstore uses short-lived X.509 certificates (Fulcio) and transparency logs (Rekor), which is significantly easier to scale for large engineering teams.
Can I use Cosign for non-container artifacts? +
Yes! While optimized for OCI, Cosign can sign binary blobs, source code, and even PDF documents using the cosign sign-blob command.

Get Engineering Deep-Dives in Your Inbox

Weekly breakdowns of architecture, security, and developer tooling — no fluff.

Found this useful? Share it.

Tweet Share

Related Deep-Dives

Security Deep-Dive

Securing GitHub Actions in 2026: The Hardening Guide

Learn how to use OIDC and hardened runners to secure your build pipeline.

 Cloud Infrastructure

Zero Trust Kubernetes: Implementing Admission Controllers

A deep dive into blocking unverified workloads in production clusters.