I'm wondering if there is a way I can perform an integrity check of a containers entrypoint. The images are used in micro-services and easily modified by the teams running them.
Considering each layer packaged as a tar.gz with a SHA256 sum, is there possible way that I could ensure that this ENTRYPOINT layer is as expected, and is also the final command to the image?
I'm thinking I can find the layers checksum, but not sure how I could check the actual entrypoint to the checksum.The problem im trying to solve is ensuring that a specific script is run which starts the service, but also performs some events/scripts but teams often override this.