Air-Gap Security & Compliance
Purpose: For security officers, provides package signing, SBOM generation, and chain-of-custody documentation.
Overview
Air-gap artifacts carry all dependencies for a production Kubernetes cluster. This reference documents the security controls applied during build, transfer, and deployment.
Artifact Signing (Cosign)
Packages are signed using Sigstore Cosign during the build phase in Zone A.
| Property | Value |
|---|---|
| Signing tool | Cosign |
| Key type | ECDSA P-256 |
| Signature format | .sig file alongside the artifact |
| Key generation | opencenter-airgap keygen |
Verification in Zone C:
cosign verify-blob \
--key cosign.pub \
--signature zarf-package-*.tar.zst.sig \
zarf-package-*.tar.zst
The public key must be distributed through a separate trusted channel (not on the same media as the artifact).
SBOM (Software Bill of Materials)
Zarf generates an SBOM for every package. The SBOM lists:
- Every container image with tag and digest
- Every binary with version and download source
- Every Helm chart with version and repository
- OS packages and Python wheels
Inspect the SBOM:
zarf package inspect zarf-package-*.tar.zst --sbom
SBOM format: SPDX JSON (Zarf default). Compatible with vulnerability scanners like Grype and Trivy.
Vulnerability Scanning
The build pipeline runs Trivy against all container images:
| Setting | Value |
|---|---|
| Scanner | Trivy |
| Severity threshold | HIGH, CRITICAL |
| Policy | Fail build on HIGH or CRITICAL findings |
| Database | Updated at build time (Zone A) |
Run a manual scan:
trivy image --severity HIGH,CRITICAL <image-ref>
For SBOM-based scanning after build:
trivy sbom sbom.json --severity HIGH,CRITICAL
Checksum Integrity
| Artifact | Checksum method | File |
|---|---|---|
| Zarf package | SHA-256 | package.sha256 |
| Kubernetes binaries | SHA-256 (upstream) | *.sha256 from dl.k8s.io |
| Build manifest | SHA-256 (in state file) | build/.state.json |
Generate and verify:
# Generate (Zone A)
sha256sum dist/zarf-package-*.tar.zst > dist/package.sha256
# Verify (Zone C)
sha256sum -c package.sha256
Chain-of-Custody
For regulated environments, document the transfer path:
| Zone | Action | Evidence |
|---|---|---|
| Zone A | Build completed | Build log (logs/build-*.log), artifact-manifest.json |
| Zone A | Package signed | Cosign signature file (.sig) |
| Zone A → Zone B | Copied to media | package.sha256 recorded |
| Zone B → Zone C | Media delivered | Chain-of-custody form (organization-specific) |
| Zone C | Checksum verified | sha256sum -c output |
| Zone C | Signature verified | cosign verify-blob output |
| Zone C | Package deployed | Zarf deploy log |
Secrets Handling
| Secret type | Storage | Notes |
|---|---|---|
| Cosign private key | Build host only (Zone A) | Never transferred to Zone C |
| SSH keys | Injected at deploy time | Not embedded in the Zarf artifact |
| Registry credentials | Not required | Bastion registry runs without auth (local network only) |
Secrets are never committed to Git. The build uses file-based injection from config/.secrets/ (gitignored).
Compliance Mapping
| Control | Implementation |
|---|---|
| Supply chain integrity | Cosign signatures + SHA-256 checksums |
| Software inventory | SBOM (SPDX JSON) embedded in every package |
| Vulnerability management | Trivy scan at build time; fail on HIGH/CRITICAL |
| Version pinning | All versions in versions.env; no mutable tags |
| Audit trail | Build logs, state file, artifact manifest |
| Data-at-rest | Zarf package is compressed but not encrypted; encrypt media if required by policy |
| Network isolation | Zone C has zero internet access; all traffic stays on local subnet |
Encryption at Rest
The Zarf package itself is not encrypted — it is a compressed tarball. If your security policy requires encryption of data at rest on transfer media, apply full-disk encryption (e.g., LUKS) to the USB drive or use an encrypted container:
# Example: create encrypted container for transfer
dd if=/dev/zero of=transfer.img bs=1M count=50000
cryptsetup luksFormat transfer.img
cryptsetup open transfer.img transfer
mkfs.ext4 /dev/mapper/transfer
mount /dev/mapper/transfer /mnt/transfer
cp dist/zarf-package-*.tar.zst /mnt/transfer/