chainguard-dev / dfcLinks
(d)ocker(f)ile (c)onverter: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.
☆79Updated last week
Alternatives and similar repositories for dfc
Users that are interested in dfc are comparing it to the libraries listed below
Sorting:
- An SBOM query language and associated utilities☆54Updated last year
- Kubernetes audit logging, when you don't control the control plane☆82Updated this week
- Throw a tag at it and it comes back with a checksum.☆139Updated this week
- A Github Action to automatically update digests for container images.☆65Updated last month
- A collection of reusable Github Actions workflows.☆133Updated this week
- CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…☆86Updated this week
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated last year
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆105Updated 6 months ago
- Inspect certificate authorities in container images☆234Updated 2 weeks ago
- This repository contains the code used during my demo at BSidesNYC 2023 where I presented a new method for analysing volatile memory in G…☆1Updated 8 months ago
- BadRobot - Operator Security Audit Tool☆221Updated last week
- Cedar for Kubernetes brings the power of Cedar to Kubernetes authorization and admission validation, showing how cluster administrators c…☆129Updated 2 months ago
- Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification☆67Updated 6 months ago
- Scans SBOMs for vulnerabilities with Grype☆82Updated last week
- K8s Network Policy Migrator is a tool to migrate Calico or Cilium custom network policies to Kubernetes native network policy. The tool o…☆31Updated last year
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆98Updated last week
- etcd-k8s-extract takes in an etcd data directory or db file used in kubernetes, extracts the kubernetes resources and then writes the res…☆37Updated 6 months ago
- An admission controller service and kubectl plugin to handle container drift in K8s clusters☆124Updated 3 years ago
- Sharable Config Presets for Renovatebot, especially useful for DevOps folks☆50Updated last week
- vexctl is a tool to attest VEX impact statements☆44Updated 2 years ago
- Runtime security plug to protect user containers☆65Updated this week
- ☆43Updated 8 months ago
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated last year
- Create and store a hash of the Terraform modules used by your configuration☆78Updated 11 months ago
- A GitHub App that acts like a Security Token Service (STS) for the Github API☆205Updated this week
- Terraform templates for CI/CD to Cloud federation and Cloud2Cloud IAM federations☆65Updated 8 months ago
- ☆42Updated 2 years ago
- CLI for searching Rego policies☆105Updated 3 years ago
- sigstore the hard way!☆114Updated last year
- Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko gene…☆104Updated last year