Explore how to secure the GitOps supply chain by signing and verifying container images within Argo Workflows pipelines using open-source projects Sigstore and Kyverno. Learn to eliminate security risks in the software supply chain by signing all container images in public or private registries and ensuring no malicious images are deployed in Kubernetes clusters. This 26-minute conference talk, presented by Roberto Carratala and Faz Sadeghi from Red Hat, demonstrates practical techniques to enhance the security of your GitOps workflows and protect your Kubernetes environments from potential threats.