confidential-containers · fidencio · Apr 14, 2026 · Apr 14, 2026 · Apr 14, 2026 · Apr 14, 2026
diff --git a/.github/workflows/build-test-containers.yaml b/.github/workflows/build-test-containers.yaml
@@ -27,6 +27,9 @@ on:
           - test-container-unencrypted
           - test-container-encrypted
           - busybox
+          - imgrs-multi-arch-unsigned
+          - imgrs-multi-arch-cosign-signed
+          - imgrs-multi-arch-cosign-signed-key2
   push:
     branches:
       - "main"
@@ -92,6 +95,7 @@ jobs:
       - name: Install cosign
         uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
         with:
+          cosign-release: 'v2.6.2'
           github-token: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Import GPG key
@@ -101,6 +105,7 @@ jobs:
       - name: Run make target
         env:
           COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
+          COSIGN_PASSWORD_KEY2: ${{ secrets.COSIGN_PASSWORD_KEY2 }}
         working-directory: container-images
         run: make ${{ github.event.inputs.target || 'all' }}
 

diff --git a/container-images/Makefile b/container-images/Makefile
@@ -24,6 +24,9 @@
 	multi-arch-encrypted \
 	multi-arch-encrypted-cosign-sig \
 	busybox \
+	imgrs-multi-arch-unsigned \
+	imgrs-multi-arch-cosign-signed \
+	imgrs-multi-arch-cosign-signed-key2 \
 	setup-buildx \
 	coco-keyprovider \
 	all
@@ -56,7 +59,10 @@ all: \
 	multi-arch-cosign-sig \
 	multi-arch-encrypted \
 	multi-arch-encrypted-cosign-sig \
-	busybox
+	busybox \
+	imgrs-multi-arch-unsigned \
+	imgrs-multi-arch-cosign-signed \
+	imgrs-multi-arch-cosign-signed-key2
 
 
 # ---------------------------------------------------------------------------
@@ -295,3 +301,127 @@ multi-arch-encrypted-cosign-sig: multi-arch-encrypted
 	@echo "==> Cosign-signing multi-arch-encrypted-cosign-sig"
 	${CURDIR}/scripts/make-cosign-sig.sh $(COCO_PKG) multi-arch-encrypted-cosign-sig $(REGISTRY)
 	@echo "==> Done! Image: $(REGISTRY)/$(COCO_PKG):multi-arch-encrypted-cosign-sig"
+
+
+# ---------------------------------------------------------------------------
+# Multi-arch test-container-image-rs targets
+#
+# These produce multi-arch manifests under COCO_PKG_IMGRS for use by
+# kata-containers image-signature verification tests.
+# ---------------------------------------------------------------------------
+
+imgrs-multi-arch-unsigned: setup-buildx
+	@echo "==> Building imgrs-multi-arch-unsigned for: $(PLATFORMS)"
+	@for platform in $(PLATFORMS); do \
+		arch=$$(echo $$platform | cut -d/ -f2); \
+		per_arch_tag="$(REGISTRY)/$(COCO_PKG_IMGRS):unsigned-$$arch"; \
+		\
+		echo "==> [$$arch] Building image"; \
+		docker buildx build \
+			--platform "$$platform" \
+			--provenance=false \
+			--no-cache \
+			--build-arg IMAGE_VARIANT=unsigned \
+			-t "imgrs-unsigned:$$arch" \
+			--load \
+			-f dockerfiles/busybox/Dockerfile \
+			dockerfiles/busybox ; \
+		\
+		echo "==> [$$arch] Pushing image"; \
+		skopeo copy --insecure-policy --override-arch "$$arch" \
+			"docker-daemon:imgrs-unsigned:$$arch" \
+			"docker://$$per_arch_tag"; \
+	done
+	@echo "==> Creating multi-arch manifest"
+	@docker manifest rm $(REGISTRY)/$(COCO_PKG_IMGRS):unsigned 2>/dev/null || true
+	@docker manifest create $(REGISTRY)/$(COCO_PKG_IMGRS):unsigned \
+		$(foreach p,$(PLATFORMS),$(REGISTRY)/$(COCO_PKG_IMGRS):unsigned-$(lastword $(subst /, ,$(p))))
+	@$(foreach p,$(PLATFORMS), \
+		docker manifest annotate $(REGISTRY)/$(COCO_PKG_IMGRS):unsigned \
+			$(REGISTRY)/$(COCO_PKG_IMGRS):unsigned-$(lastword $(subst /, ,$(p))) \
+			--os linux --arch $(lastword $(subst /, ,$(p))) ; \
+	)
+	@echo "==> Pushing multi-arch manifest"
+	@docker manifest push $(REGISTRY)/$(COCO_PKG_IMGRS):unsigned
+	@echo "==> Done! Image: $(REGISTRY)/$(COCO_PKG_IMGRS):unsigned"
+
+imgrs-multi-arch-cosign-signed: setup-buildx
+	@echo "==> Building imgrs-multi-arch-cosign-signed for: $(PLATFORMS)"
+	@for platform in $(PLATFORMS); do \
+		arch=$$(echo $$platform | cut -d/ -f2); \
+		per_arch_tag="$(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed-$$arch"; \
+		\
+		echo "==> [$$arch] Building image"; \
+		docker buildx build \
+			--platform "$$platform" \
+			--provenance=false \
+			--no-cache \
+			--build-arg IMAGE_VARIANT=cosign-signed \
+			-t "imgrs-cosign-signed:$$arch" \
+			--load \
+			-f dockerfiles/busybox/Dockerfile \
+			dockerfiles/busybox ; \
+		\
+		echo "==> [$$arch] Pushing image"; \
+		skopeo copy --insecure-policy --override-arch "$$arch" \
+			"docker-daemon:imgrs-cosign-signed:$$arch" \
+			"docker://$$per_arch_tag"; \
+		\
+		echo "==> [$$arch] Cosign-signing per-arch image"; \
+		${CURDIR}/scripts/make-cosign-sig.sh $(COCO_PKG_IMGRS) cosign-signed-$$arch $(REGISTRY); \
+	done
+	@echo "==> Creating multi-arch manifest"
+	@docker manifest rm $(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed 2>/dev/null || true
+	@docker manifest create $(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed \
+		$(foreach p,$(PLATFORMS),$(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed-$(lastword $(subst /, ,$(p))))
+	@$(foreach p,$(PLATFORMS), \
+		docker manifest annotate $(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed \
+			$(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed-$(lastword $(subst /, ,$(p))) \
+			--os linux --arch $(lastword $(subst /, ,$(p))) ; \
+	)
+	@echo "==> Pushing multi-arch manifest"
+	@docker manifest push $(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed
+	@echo "==> Cosign-signing manifest list"
+	${CURDIR}/scripts/make-cosign-sig.sh $(COCO_PKG_IMGRS) cosign-signed $(REGISTRY)
+	@echo "==> Done! Image: $(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed"
+
+imgrs-multi-arch-cosign-signed-key2: setup-buildx
+	@echo "==> Building imgrs-multi-arch-cosign-signed-key2 for: $(PLATFORMS)"
+	@for platform in $(PLATFORMS); do \
+		arch=$$(echo $$platform | cut -d/ -f2); \
+		per_arch_tag="$(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed-key2-$$arch"; \
+		\
+		echo "==> [$$arch] Building image"; \
+		docker buildx build \
+			--platform "$$platform" \
+			--provenance=false \
+			--no-cache \
+			--build-arg IMAGE_VARIANT=cosign-signed-key2 \
+			-t "imgrs-cosign-signed-key2:$$arch" \
+			--load \
+			-f dockerfiles/busybox/Dockerfile \
+			dockerfiles/busybox ; \
+		\
+		echo "==> [$$arch] Pushing image"; \
+		skopeo copy --insecure-policy --override-arch "$$arch" \
+			"docker-daemon:imgrs-cosign-signed-key2:$$arch" \
+			"docker://$$per_arch_tag"; \
+		\
+		echo "==> [$$arch] Cosign-signing per-arch image with key2"; \
+		COSIGN_PASSWORD="$${COSIGN_PASSWORD_KEY2}" cosign sign --yes --key keys/sign/cosign2.key \
+			"$(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed-key2-$$arch"; \
+	done
+	@echo "==> Creating multi-arch manifest"
+	@docker manifest rm $(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed-key2 2>/dev/null || true
+	@docker manifest create $(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed-key2 \
+		$(foreach p,$(PLATFORMS),$(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed-key2-$(lastword $(subst /, ,$(p))))
+	@$(foreach p,$(PLATFORMS), \
+		docker manifest annotate $(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed-key2 \
+			$(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed-key2-$(lastword $(subst /, ,$(p))) \
+			--os linux --arch $(lastword $(subst /, ,$(p))) ; \
+	)
+	@echo "==> Pushing multi-arch manifest"
+	@docker manifest push $(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed-key2
+	@echo "==> Cosign-signing manifest list with key2"
+	COSIGN_PASSWORD="$${COSIGN_PASSWORD_KEY2}" cosign sign --yes --key keys/sign/cosign2.key "$(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed-key2"
+	@echo "==> Done! Image: $(REGISTRY)/$(COCO_PKG_IMGRS):cosign-signed-key2"
diff --git a/container-images/dockerfiles/busybox/Dockerfile b/container-images/dockerfiles/busybox/Dockerfile
@@ -1,3 +1,6 @@
 FROM busybox:1.36
 
+ARG IMAGE_VARIANT=default
+LABEL io.confidential-containers.test.variant=${IMAGE_VARIANT}
+
 CMD ["sh"]
diff --git a/container-images/keys/sign/README.md b/container-images/keys/sign/README.md
@@ -4,14 +4,23 @@ These keys are for **testing only**. Do not use them in production.
 
 ## Cosign
 
-Keys generated with:
+Primary key pair (`cosign.key` / `cosign.pub`) generated with:
 
 ```bash
 COSIGN_PASSWORD=just1testing2password3 cosign generate-key-pair
 ```
 
-The `COSIGN_PASSWORD` secret must be configured in the GitHub repo for the
-workflow to work.
+Second key pair (`cosign2.key` / `cosign2.pub`) generated with:
+
+```bash
+COSIGN_PASSWORD=just1testing2password3key2 cosign generate-key-pair
+```
+
+This second key is used to produce images signed with a *different* key,
+so tests can verify that verification rejects a wrong-key signature.
+
+The `COSIGN_PASSWORD` and `COSIGN_PASSWORD_KEY2` secrets must be configured
+in the GitHub repo for the workflow to work.
 
 ## GPG ("simple signing")
 

diff --git a/container-images/keys/sign/cosign2.key b/container-images/keys/sign/cosign2.key
@@ -0,0 +1,11 @@
+-----BEGIN ENCRYPTED SIGSTORE PRIVATE KEY-----
+eyJrZGYiOnsibmFtZSI6InNjcnlwdCIsInBhcmFtcyI6eyJOIjo2NTUzNiwiciI6
+OCwicCI6MX0sInNhbHQiOiJzSXlBSEFSLzBJd3RMclFoZ0tPWTVLS0lINWNidDdJ
+cFhhU2VSdDdyUzIwPSJ9LCJjaXBoZXIiOnsibmFtZSI6Im5hY2wvc2VjcmV0Ym94
+Iiwibm9uY2UiOiJGSkcrNkhNaFZUOUd0VlVQa2xEek1lb0NqV0pDTzNlcSJ9LCJj
+aXBoZXJ0ZXh0Ijoicmk3YzZQZGJnOCtiR0QxZ041aHRWemNTd2gvL0c4QmJ0c1hl
+dHRLSGtNbFJwb3lTSmQyLzZtTkxSM3lkNnVKRGx2MjVFMERkODhaSGFJazQwbzhZ
+OXhqRVY0Q0E1TDkrTURpaVB1WS9rdy9RR2pPWVZxMlFpdis1OVI0cHA2N1NPQVZX
+NWJYUUVTZDFVcHAxNUJNS2hyUUdQVTZmVGdYYnIzcUdYTnpnMUdwNXV5TFdHSzdR
+bTVLTVRMbGdudC9KZTA4dHdMb25mMUVpMHc9PSJ9
+-----END ENCRYPTED SIGSTORE PRIVATE KEY-----
diff --git a/container-images/keys/sign/cosign2.pub b/container-images/keys/sign/cosign2.pub
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtBlLQ5D3bC+2r8OEODAZOGXuSnfS
+CkXQeXivZjJSFjUHpxNGNV9KXPBWhvIegd8x1CWzxNXPgXEamMaHRl1nCg==
+-----END PUBLIC KEY-----