chainguard-dev / actions
A collection of reusable Github Actions workflows.
☆131Updated this week
Alternatives and similar repositories for actions
Users that are interested in actions are comparing it to the libraries listed below
Sorting:
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆131Updated last week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆92Updated this week
- A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).☆61Updated this week
- Github Action to automatically update digests for container images.☆58Updated 2 months ago
- Add digests to container and init container images in Kubernetes pod and pod template specs. Use either as a mutating admission webhook, …☆144Updated 2 months ago
- Dynamic GitHub Actions from Wolfi packages☆43Updated last year
- 🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their sig…☆78Updated last year
- (d)ocker(f)ile (c)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.☆49Updated this week
- An admission controller service and kubectl plugin to handle container drift in K8s clusters☆124Updated 3 years ago
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆189Updated this week
- Pre-commit git hooks for Open Policy Agent (OPA) and Rego development☆66Updated 3 years ago
- Kubernetes Operator to sync secrets between different secret backends and Kubernetes☆163Updated 4 months ago
- This projects contains pre-made policies for Kubernetes Validating Admission Policies. This policy library is based on Kubescape controls…☆55Updated last week
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.☆64Updated this week
- Administrative tooling for Falco☆104Updated this week
- Artifact Ratification Framework (CNCF Sandbox)☆262Updated this week
- A CLI used to work with the Wolfi OSS project☆60Updated this week
- [alpha] Controller to override image sources in the event that an image cannot be pulled.☆116Updated this week
- kubectl plugin for signing Kubernetes manifest YAML files with sigstore☆82Updated last week
- Cedar for Kubernetes brings the power of Cedar to Kubernetes authorization and admission validation, showing how cluster administrators c…☆127Updated last month
- Kubernetes audit logging, when you don't control the control plane☆77Updated last week
- Plugin for Helm to integrate the sigstore ecosystem☆63Updated this week
- Kyverno for any JSON!☆84Updated 4 months ago
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆62Updated this week
- Helm charts for sigstore project☆75Updated this week
- Enterprise Distribution for Flux CD☆74Updated this week
- Inspect certificate authorities in container images☆234Updated last week
- approver-policy is a cert-manager approver that allows users to define policies that restrict what certificates can be requested.☆82Updated this week
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆60Updated this week
- A kubectl plugin to visualize network policies rules.☆96Updated last year