Hardening CI/CD Pipelines Against Supply Chain Attacks
Your pipeline is an attack vector. Practical steps to sign artifacts, pin dependencies, and enforce policy gates before anything reaches production.
The CI/CD pipeline has become the most attractive target in modern infrastructure. Compromise the pipeline, and you can inject malicious code into every downstream environment — often with trusted signatures and green build badges.
Treat the pipeline as production
Most teams harden their runtime environments while leaving CI/CD with excessive permissions, long-lived secrets, and unreviewed third-party actions. The fix starts with applying the same security rigor you expect in production.
Minimum baseline
- Ephemeral runners — no persistent state between builds
- Least-privilege service accounts — scoped to the specific repo and environment
- Short-lived credentials — OIDC federation to cloud providers instead of static keys
- Branch protection — required reviews on pipeline config changes (
.github/workflows/,.gitlab-ci.yml, etc.)
Sign everything
Artifact signing creates a chain of trust from commit to deployment. The Sigstore ecosystem (Cosign, Fulcio, Rekor) makes this accessible without managing your own PKI.
# Sign a container image after build
cosign sign --yes ghcr.io/org/app:${GITHUB_SHA}
# Verify before deploy
cosign verify ghcr.io/org/app:${GITHUB_SHA} \
--certificate-identity-regexp="https://github.com/org/repo" \
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
Pair signing with admission policies that reject unsigned images at deploy time.
Pin and verify dependencies
Dependency confusion and typosquatting remain common attack vectors. Mitigations:
| Control | What it prevents |
|---|---|
| Lock files committed and reviewed | Unexpected version drift |
| Dependency pinning in CI | Transitive dependency swaps |
| SBOM generation (Syft, CycloneDX) | Unknown components in artifacts |
| Vulnerability scanning (Grype, Trivy) | Known CVEs reaching production |
Scan on every build, but gate on policy — not every CVE is exploitable in your context.
Policy gates before promotion
Use Open Policy Agent or Conftest to enforce rules as code in your pipeline:
- No
:latesttags in production manifests - All containers must run as non-root
- Resource limits must be defined
- Secrets must not appear in environment variables (use secret managers)
Policy failures should block promotion, not generate warnings that get ignored.
The shift-left trap
"Shift left" does not mean "dump security checks into the developer's laptop and call it done." It means catching issues early with feedback loops that developers actually use. A 45-minute SAST scan that blocks every PR will get disabled. A 90-second lint that catches hardcoded secrets will stick.
Design pipeline security for developer experience, not checkbox compliance.
Next steps
Review your pipeline permissions this week. List every secret, every cloud role, and every third-party action with write access. If you cannot justify it, remove it.
We help teams audit and harden CI/CD pipelines end to end. Book a consultation to assess your supply chain posture.