What if your Kubernetes cluster simply refused to run unsigned images? I spent some time experimenting with enforcing image provenance in a small Kubernetes setup using MicroK8s. The idea was simple: Only container images with valid cryptographic signatures are allowed to run in the cluster. For this I used: GitLab CI/CD (build + signing pipeline) Cosign / Sigstore (image signing) Kyverno (admission control) MicroK8s (local cluster) Repo: https://github.com/trottomv/microk8s-cosign-kyverno Why this matters Most Kubernetes setups still rely on mutable image tags like latest , which introduces supply chain risks: No guarantee of image origin No binding between CI pipeline and deployed artifact Risk of registry or tag mutation So the trust gap is basically: build time β registry β runtime Architecture ββββββββββββββββββββββββββββββββ β GitLab CI/CD β β β β β’ Build container image β β β’ Push to OCI registry β β β’ Sign image (Cosign) β β β’ Publish signature β ββββββββββββββββ¬ββββββββββββββββ β βΌβ¦
