Skip to content

Security: natrontech/container-images

Security

Report a vulnerability

SECURITY.md

Security Policy

Reporting Security Issues

The contributor and community take security bugs in container-images seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.

To report a security issue, please use the GitHub Security Advisory "Report a Vulnerability" tab.

The contributor will send a response indicating the next steps in handling your report. After the initial reply to your report, the security team will keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.

Release verification

All container images are signed with Cosign using keyless signing (OIDC, no long-lived keys). SBOMs are attested in CycloneDX JSON format.

Prerequisites

Install cosign and crane.

Setup

# set the image name and tag you want to verify
export IMAGE=ghcr.io/natrontech/container-images/<image-name>:<tag>

# resolve to digest to prevent TOCTOU attacks (tag is mutable, digest is not)
export IMAGE="${IMAGE}@$(crane digest ${IMAGE})"

Verify signature of container image

cosign verify \
  --new-bundle-format \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  --certificate-identity-regexp '^https://github.com/natrontech/container-images/.github/workflows/container-build.yml@refs/heads/main$' \
  $IMAGE | jq

Important

Verifying the provenance of a container image ensures the integrity and authenticity of the image because the provenance (with the image digest) is signed with Cosign. The container images themselves are also signed with Cosign, but the signature is not necessary for verification if the provenance is verified. Provenance verification is a stronger security guarantee than image signing because it verifies the entire build process, not just the final image. Image signing is therefore not essential if provenance verification is.

Verify SBOM attestation

The Software Bill of Materials (SBOM) is generated in CycloneDX JSON format for each container image and release and can be used to verify the container's dependencies.

# download policy-sbom.cue
curl -L -O https://raw.githubusercontent.com/natrontech/container-images/main/policy-sbom.cue

cosign verify-attestation \
  --new-bundle-format \
  --type cyclonedx \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  --certificate-identity-regexp '^https://github.com/natrontech/container-images/.github/workflows/container-build.yml@refs/heads/main$' \
  --policy policy-sbom.cue \
  $IMAGE | jq -r '.payload' | base64 -d | jq

To download the SBOM:

cosign verify-attestation \
  --new-bundle-format \
  --type cyclonedx \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  --certificate-identity-regexp '^https://github.com/natrontech/container-images/.github/workflows/container-build.yml@refs/heads/main$' \
  --policy policy-sbom.cue \
  $IMAGE | jq -r '.payload' | base64 -d | jq -r '.predicate' > sbom.json

Verify SLSA provenance of container images

SLSA Level 3 provenance is generated for versioned images (those published with a fixed version tag, e.g., :5.4.1). It is not generated for :latest or :nightly.

Provenance uses the old Sigstore bundle format (the SLSA generator does not yet support --new-bundle-format):

Verify with cosign

# download policy.cue
curl -L -O https://raw.githubusercontent.com/natrontech/container-images/main/policy.cue

cosign verify-attestation \
  --type slsaprovenance \
  --new-bundle-format=false \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  --certificate-identity-regexp '^https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@refs/tags/v[0-9]+.[0-9]+.[0-9]+$' \
  --policy policy.cue \
  $IMAGE | jq

Download the SLSA provenance:

cosign verify-attestation \
  --type slsaprovenance \
  --new-bundle-format=false \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  --certificate-identity-regexp '^https://github.com/slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@refs/tags/v[0-9]+.[0-9]+.[0-9]+$' \
  --policy policy.cue \
  $IMAGE | jq -r '.payload' | base64 -d | jq > slsa-provenance.json

Verify with slsa-verifier

As an alternative to cosign, you can also use the SLSA Verifier to verify the provenance of the container images.

# verify the image
slsa-verifier verify-image \
  --source-uri github.com/natrontech/container-images \
  $IMAGE

The output should be: PASSED: Verified SLSA provenance.

There aren't any published security advisories