Problem
Signing and aicr verify cover create-time and CLI-time verification, but the V1 acceptance bar includes a deploy-time verification path: a bundle should be verifiable (and ideally enforced) at the point it is applied to a cluster, across deployers (Helm, Argo CD, Flux). There is no documented verify-on-deploy story today.
Proposal
Document (and where needed, provide) a deploy-time verification path for each signing mode, so a cluster only applies bundles whose provenance has been verified.
Scope
- Document how to gate deployment on
aicr verify for each deployer (e.g. CI step before argocd app sync / flux reconcile, or helm install).
- Evaluate admission-control / policy-engine enforcement (e.g. an admission webhook or Gatekeeper/Kyverno policy verifying the bundle attestation) and document the recommended pattern.
- Cover all three trust environments (public, private, air-gapped), reusing the verifier KMS / private-trust-root / offline work.
Dependencies
- Builds on the verifier sub-issues (KMS, private trust root, offline) in this epic.
Success criteria
- A documented, reproducible deploy-time verification path exists for each deployer and trust environment.
Problem
Signing and
aicr verifycover create-time and CLI-time verification, but the V1 acceptance bar includes a deploy-time verification path: a bundle should be verifiable (and ideally enforced) at the point it is applied to a cluster, across deployers (Helm, Argo CD, Flux). There is no documented verify-on-deploy story today.Proposal
Document (and where needed, provide) a deploy-time verification path for each signing mode, so a cluster only applies bundles whose provenance has been verified.
Scope
aicr verifyfor each deployer (e.g. CI step beforeargocd app sync/flux reconcile, orhelm install).Dependencies
Success criteria