ci(rds): trivy scanning + cosign signing on prebuilt images#814
Merged
vieiralucas merged 1 commit intomainfrom Apr 28, 2026
Merged
ci(rds): trivy scanning + cosign signing on prebuilt images#814vieiralucas merged 1 commit intomainfrom
vieiralucas merged 1 commit intomainfrom
Conversation
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
2 issues found across 4 files
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name=".github/workflows/docker-rds-images.yml">
<violation number="1" location=".github/workflows/docker-rds-images.yml:205">
P1: The Trivy gate runs after image publish/sign, so vulnerable images can still be released before the failure is detected.</violation>
</file>
<file name=".github/workflows/docker.yml">
<violation number="1" location=".github/workflows/docker.yml:129">
P1: The vulnerability gate runs after cosign signing, so images can be signed before Trivy blocks the release. Move signing behind the scan gate (or scan before signing) so only passing images are signed.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
| scan: | ||
| if: github.event_name != 'pull_request' | ||
| runs-on: ubuntu-24.04 | ||
| needs: merge |
There was a problem hiding this comment.
P1: The Trivy gate runs after image publish/sign, so vulnerable images can still be released before the failure is detected.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At .github/workflows/docker-rds-images.yml, line 205:
<comment>The Trivy gate runs after image publish/sign, so vulnerable images can still be released before the failure is detected.</comment>
<file context>
@@ -170,10 +171,83 @@ jobs:
+ scan:
+ if: github.event_name != 'pull_request'
+ runs-on: ubuntu-24.04
+ needs: merge
+ permissions:
+ contents: read
</file context>
| with: | ||
| cosign-release: v2.4.1 | ||
|
|
||
| - name: Sign image with cosign (keyless, GitHub OIDC) |
There was a problem hiding this comment.
P1: The vulnerability gate runs after cosign signing, so images can be signed before Trivy blocks the release. Move signing behind the scan gate (or scan before signing) so only passing images are signed.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At .github/workflows/docker.yml, line 129:
<comment>The vulnerability gate runs after cosign signing, so images can be signed before Trivy blocks the release. Move signing behind the scan gate (or scan before signing) so only passing images are signed.</comment>
<file context>
@@ -105,11 +106,62 @@ jobs:
+ with:
+ cosign-release: v2.4.1
+
+ - name: Sign image with cosign (keyless, GitHub OIDC)
+ env:
+ COSIGN_EXPERIMENTAL: "1"
</file context>
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
Both `docker.yml` (main fakecloud server image) and `docker-rds-images.yml` (prebuilt postgres/mysql/mariadb) now: - Sign the merged manifest list with cosign keyless mode using the GitHub Actions OIDC token. Signs the immutable digest, not the rolling tag, so a moved tag can't repoint a verified image. - Run Trivy after the merge step against every published tag, failing the workflow on any CRITICAL or HIGH OS/library CVE (`ignore-unfixed: true` to skip noise from upstream-pending fixes). `id-token: write` permission is added to the merge job for cosign's OIDC token; the scan job stays read-only. Documentation: README adds a `cosign verify` quickstart, and the security reference page gets a new "Image supply-chain (cosign + Trivy)" section explaining the verification command shape.
vieiralucas
force-pushed
the
worktree-rds-image-supply-chain
branch
from
45d15bc to
e10e393
Compare
3 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
fakecloud,fakecloud-postgres,fakecloud-mysql,fakecloud-mariadb) with cosign keyless mode using GitHub OIDC. Signs the manifest digest, not the rolling tag.severity: CRITICAL,HIGH,exit-code: 1,ignore-unfixed: true— releases fail closed if a known CVE lands in our images.id-token: writeto the merge job (cosign needs OIDC token access). Scan job stays read-only.docs/reference/security.mdget a one-linercosign verifyquickstart so consumers can validate before pulling.Why
Closes the supply-chain item from PR #802/#803/#804/#805's deferred list. The other deferred items already shipped (
aws_s3extension #806, asyncCreateDBInstance#808, MySQL/MariaDB Lambda bridge #810). With prebuilt images now part of the release, scanning + signing brings them up to the level real teams expect when pulling third-party images.Cosign keyless mode means no key management — attestations are anchored to the GitHub workflow run that produced them, and
cosign verifyproves the image was built byfaiscadev/fakecloudrather than republished by anyone else.Test plan
v*), each engine image gets signed and the merge step succeeds.cosign verifyfrom a clean machine succeeds for all published images.CRITICAL/HIGHfindings on the latest postgres/mysql/mariadb base images.docker.yml, the same flow signsghcr.io/faiscadev/fakecloud:<version>after release.Summary by cubic
Add Trivy scanning and cosign keyless signing to all published images (
fakecloud,fakecloud-postgres,fakecloud-mysql,fakecloud-mariadb). Images are signed by immutable digest via GitHub OIDC, and releases fail on CRITICAL/HIGH CVEs.cosignkeyless (GitHub OIDC); addid-token: writeto the merge job.Trivyon each published tag withseverity=CRITICAL,HIGH,ignore-unfixed=true,exit-code=1; scan job stays read-only.docker.yml(main image) anddocker-rds-images.yml(RDS images).cosign verifyquickstart in README and a new security section explaining verification.Written for commit e10e393. Summary will update on new commits. Review in cubic