developer-guy / container-image-sign-and-verify-with-cosign-and-opaLinks
This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)
☆62Updated 3 years ago
Alternatives and similar repositories for container-image-sign-and-verify-with-cosign-and-opa
Users that are interested in container-image-sign-and-verify-with-cosign-and-opa are comparing it to the libraries listed below
Sorting:
- ☆35Updated 3 years ago
- An admission controller service and kubectl plugin to handle container drift in K8s clusters☆124Updated 3 years ago
- OPA Gatekeeper vs Kyverno☆61Updated 3 years ago
- Detect intrusions that happened in your Kubernetes cluster through audit logs using Falco☆63Updated 4 years ago
- sigstore the hard way!☆111Updated last year
- An application that regularly scans all containers in a Kubernetes cluster for vulnerabilities☆50Updated 2 years ago
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated last year
- Service implementation for a Kubernetes Dynamic Webhook controller for interacting with Anchore☆64Updated 3 weeks ago
- Creates PolicyReports based on the different Trivy Operator CRDs like VulnerabilityReports☆60Updated last week
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆23Updated last month
- 🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their sig…☆78Updated last year
- Scans SBOMs for vulnerabilities with Grype☆82Updated this week
- kubectl plugin for signing Kubernetes manifest YAML files with sigstore☆82Updated 3 weeks ago
- Octant plugin for viewing Starboard security information☆57Updated 3 years ago
- A Trivy plugin that scans the images of a kubernetes resource☆25Updated last year
- A place for policy work group related proposals and prototypes.☆67Updated 2 weeks ago
- ☆27Updated 2 years ago
- ☆49Updated 2 years ago
- Pre-commit git hooks for Open Policy Agent (OPA) and Rego development☆66Updated 3 years ago
- Fairwinds Base Image Finder CLI☆34Updated this week
- ☆22Updated last year
- Kubernetes Operator based on the open-source container vulnerability scanner Trivy.☆47Updated 10 months ago
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆62Updated last week
- 🔍 Rekor transparency log monitoring and alerting☆27Updated last year
- A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).☆61Updated this week
- Generate K8s RBAC policies based on e2e test runs☆28Updated 3 years ago
- Rego policies collection☆167Updated this week
- [alpha] Controller to override image sources in the event that an image cannot be pulled.☆119Updated last week
- Forward EKS CloudWatch k8s audit events to Sysdig secure☆27Updated last year
- A simple tool for converting Rego (OPA) rule into command.☆28Updated 3 years ago