Sign and verify images made/used in all Makefiles and docker-compose files

[mogul]

User Story

In order to have a verifiable supply chain for Docker-based workflows and operations, the team wants to use Docker Content Trust to verify pulled images haven't been tampered with before using them.

Acceptance Criteria

[ACs should be clearly demoable/verifiable whenever possible. Try specifying them using BDD.]

• GIVEN we set our environment to use a registry with tampered images
  WHEN we run a make or docker-compose that pulls its images from that registry
  THEN we see an error indicating that the image could not be verified.

Background

[Any helpful contextual notes or links to artifacts/evidence, if needed]
We mostly use Docker Official Images from hub.docker.com, where the images were based on Dockerfiles provided directly by the teams that create the software. These images are generated directly by Docker Hub, which uses Notary to sign the created images. However, we aren't checking those Notary signatures when we pull and use images. We should!

See section 10.8.4 in the data.gov SSP for additional context.

Security Considerations (required)

[Any security concerns that might be implicated in the change. "None" is OK, just be explicit here!]
This only tightens our security and makes it obvious whenever we do not rely on official images (because they will fail to run).

Sketch

[Notes or a checklist reflecting our understanding of the selected approach]

• In all Makefiles: Make sure we set DOCKER_CONTENT_TRUST=1.
• Use trusted-compose instead of docker-compose.
• In our own Dockerfiles, prefix any referenced image name with an environment variable:

ARG DOCKER_REGISTRY
FROM ${DOCKER_REGISTRY}debian:stable

[adborden]

Just want to add that we should consider GSA-TTS/datagov-brokerpak-eks#13 when looking at this story. We'd prefer to use the same signature/verification scheme for container images in local development and production.

[mogul]

I just stumbled across cosign which might be useful in a variety of workflows!

[mogul]

Related: the umbrella sigstore project.

[mogul]

compose is now available as a sub-command of the main docker binary. I think if we use it that way then DOCKER_CONTENT_TRUST is all we need.

[mogul]

Seems like maybe the existing Alpine image on which so much is based hasn't been signed for a while...?