Skip to main content

Air-Gap Security & SBOM

Purpose: For security officers, provides package signing, SBOM generation, and chain-of-custody documentation.

Overview

Air-gapped deployments require that all software artifacts are verified before entering the disconnected environment. openCenter uses Zarf for packaging, which provides cryptographic signing, SBOM generation, and image provenance tracking. This document covers the compliance controls available in air-gapped deployments.

SBOM (Software Bill of Materials)

Every Zarf package includes an SBOM generated at build time. The SBOM catalogs all container images, their layers, and known packages within each image.

Viewing the SBOM

# Extract SBOM from a Zarf package
zarf package inspect zarf-package-opencenter-*.tar.zst --sbom

# Export SBOM to a directory
zarf package inspect zarf-package-opencenter-*.tar.zst --sbom-out ./sbom-output/

The SBOM is generated in SPDX format and includes:

  • Container image references (registry, repository, tag, digest)
  • OS packages within each image (name, version, license)
  • Application dependencies detected by Syft

Image Provenance

Zarf packages record the source registry and digest for every container image. This establishes chain-of-custody from the public registry to the air-gapped environment.

During build (on the connected host):

# Build the package — images are pulled and their digests recorded
opencenter-airgap build

During deployment (on the air-gapped bastion):

# Deploy — images are loaded into the local registry with original digests
zarf package deploy zarf-package-opencenter-*.tar.zst --confirm

The local registry (port 5000 on the bastion) serves images with the same digests as the original source registries. Kubernetes image pull policies (AlwaysPullImages admission controller) ensure pods pull from the local registry.

Artifact Signing

Zarf packages support cryptographic signing with cosign keys:

# Sign a package at build time
zarf package create --signing-key cosign.key

# Verify a package before deployment
zarf package inspect zarf-package-opencenter-*.tar.zst --signing-key cosign.pub

If the signature does not match, zarf package deploy refuses to proceed.

Offline Vulnerability Scanning

In air-gapped environments, vulnerability scanning cannot reach online databases. Two approaches are available:

Pre-transfer scanning (recommended): Scan all images on the connected build host before packaging:

# Scan with Trivy against online databases
trivy image --severity HIGH,CRITICAL <image>:<tag>

# Scan the entire Zarf package
trivy fs ./sbom-output/ --severity HIGH,CRITICAL

Post-transfer scanning with Harbor: Harbor (deployed as a platform service) includes Trivy as an integrated scanner. After deploying the Zarf package, push images to Harbor and trigger a scan:

# Harbor scans images on push (if auto-scan is enabled)
# Or trigger manually via Harbor UI: Projects > <project> > Repositories > <image> > Scan

Harbor's vulnerability database is updated by including the Trivy DB in the Zarf package or by periodic secure transfers.

Chain-of-Custody Documentation

For regulated environments, document the transfer chain:

StepLocationArtifactVerification
BuildConnected host (Zone A)zarf-package-*.tar.zstSBOM generated, images scanned
TransferPhysical media / secure channelSigned packageSignature verified on receipt
DeployBastion (Zone C)Local registry populatedDigests match build manifest
RuntimeCluster nodesPods runningImages pulled from local registry only

Compliance Controls Summary

ControlMechanismEvidence
Known software inventorySBOM (SPDX)zarf package inspect --sbom
Image integrityDigest pinningImage digests in Zarf manifest
Package authenticityCosign signingzarf package inspect --signing-key
Vulnerability assessmentTrivy (pre-transfer or Harbor)Scan reports
No external dependenciesAir-gap isolationNetworkPolicy + no egress routes

Further Reading