Verify Veirox Connect signatures before install

Every release of the Veirox connector image and Helm chart
is signed by our CI using cosign keyless
(via Sigstore's Fulcio CA and Rekor transparency log).

Verifying before install proves:

  1. The artifact came from the Veirox GitHub repo's release
    workflow
    , not from a compromised account or typo-squatted
    registry.
  2. The signature is logged in the public Rekor transparency log
    the signing event is auditable.

Prerequisites

# macOS
brew install cosign

# Linux (deb)
curl -LO "https://github.com/sigstore/cosign/releases/latest/download/cosign-linux-amd64"
sudo install -m 0755 cosign-linux-amd64 /usr/local/bin/cosign

# Verify
cosign version

You need cosign v2.4+ for keyless identity regex verification.


Verify the image

VERSION=0.2.0   # the tag you're about to pull

cosign verify docker.io/msrashed/veirox-connector:${VERSION}-k8s \
  --certificate-identity-regexp "^https://github.com/veirox-cloud/veirox-cli/\.github/workflows/release\.yml@" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com

Expected output (shortened):

Verification for docker.io/msrashed/veirox-connector:0.2.0-k8s --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - Existence of the claims in the transparency log was verified offline
  - The signatures were verified against the specified public keys
[
  {
    "critical": {
      "identity": { ... },
      "image": { "docker-manifest-digest": "sha256:..." },
      "type": "cosign container image signature"
    },
    "optional": {
      "Bundle": { ... },
      "Issuer": "https://token.actions.githubusercontent.com",
      "Subject": "https://github.com/veirox-cloud/veirox-cli/.github/workflows/release.yml@refs/tags/v0.2.0"
    }
  }
]

If the verification fails:

  • no matching signatures: the image isn't signed (old release, or
    pulled from a fake registry).
  • certificate identity ... did not match: the signer identity
    doesn't match our release workflow. Do not use this image.
  • issuer ... did not match: likewise.

Verify the Helm chart

VERSION=0.2.0

# Pull the chart to a temp dir
helm pull oci://ghcr.io/msrashed2018/charts/veirox-connector --version "$VERSION" -d /tmp

# Get its digest
CHART_DIGEST=$(cosign triangulate ghcr.io/msrashed2018/charts/veirox-connector:${VERSION} --type=digest)

# Verify
cosign verify "ghcr.io/msrashed2018/charts/veirox-connector@${CHART_DIGEST}" \
  --certificate-identity-regexp "^https://github.com/veirox-cloud/veirox-cli/\.github/workflows/release\.yml@" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com

Verify the attestations (SBOM + SLSA provenance)

Images come with two attestations attached to the manifest:

SPDX SBOM

cosign verify-attestation docker.io/msrashed/veirox-connector:${VERSION}-k8s \
  --certificate-identity-regexp "^https://github.com/veirox-cloud/veirox-cli/" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  --type spdxjson \
  | jq -r '.payload' | base64 -d | jq '.predicate.Data' -r | jq '.packages | length'

Or use the helper script:

docker buildx imagetools inspect docker.io/msrashed/veirox-connector:${VERSION}-k8s \
  --format '{{ json .SBOM }}' | jq '.SPDX.packages | map(.name) | sort | unique'

SLSA provenance

cosign verify-attestation docker.io/msrashed/veirox-connector:${VERSION}-k8s \
  --certificate-identity-regexp "^https://github.com/veirox-cloud/veirox-cli/" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  --type slsaprovenance

Pin by digest

Once verified, pin your deployment by digest, not by tag — tags
can be re-pushed silently; digests cannot.

Get the digest:

docker buildx imagetools inspect docker.io/msrashed/veirox-connector:0.2.0-k8s \
  --format '{{ .Manifest.Digest }}'
# → sha256:abc123...

Pin in values:

image:
  repository: docker.io/msrashed/veirox-connector
  tag: 0.2.0-k8s@sha256:abc123...   # tag@digest

Keyless identity reference

The signer identity for every release is:

https://github.com/veirox-cloud/veirox-cli/.github/workflows/release.yml@refs/tags/v<VERSION>

Issued by:

https://token.actions.githubusercontent.com

If we ever rename the workflow, move the repo, or switch the CI
provider, the identity string changes — that's a breaking change
for anyone relying on this regex, and will be documented in
CHANGELOG.md with a migration note.

One-liner for CI pipelines

# exits non-zero if verification fails
cosign verify docker.io/msrashed/veirox-connector:0.2.0-k8s \
  --certificate-identity-regexp "^https://github.com/veirox-cloud/veirox-cli/\.github/workflows/release\.yml@" \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  > /dev/null

Put this as a pre-install gate in your pipeline. If the signature
check fails, the install does not proceed.

  • SBOM review — what's in the SBOM and how to
    use it for vulnerability tracking
  • INSTALL-helm.md — the Helm install flow
    that uses the verified artifacts