Skip to content

Pin kars images by digest (not :latest / version tag) for reproducible, signature-verified deploys #470

Description

@pallakatos

Follow-up from the kars-upgrade-flow review (commit on fix/kars-upgrade-flow).

Problem: The Helm chart + agentmesh manifest reference :latest (the upgrade path now pins :<version> tags, which fixed rollback). Tags are still mutable; cosign/Sigstore signatures are over digests, so pinning a tag never asserts which signed digest is trusted. A retag can swap running bits under a 'verified' banner.

Proposed: Resolve the digest at az acr import time (az acr manifest show/import output) and set image.repository@sha256:... in the chart. Makes helm upgrade self-sufficient (no rolling-restart needed to refresh), rollback trivially correct, and cosign verification meaningful.

Note: supply-chain posture change + release-pipeline contract change — needs security-architecture sign-off.

Severity: P0 (architecture), deferred from the immediate upgrade-flow fix.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions