Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations
☆60Jul 1, 2026Updated this week
Alternatives and similar repositories for example-supply-chain
Users that are interested in example-supply-chain are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Slack alert bot for matching Github Audit Events☆10Nov 12, 2024Updated last year
- A High-Availability distribution of Knative.☆20Mar 20, 2024Updated 2 years ago
- ☆24Updated this week
- SLSA level 3 action☆12Apr 26, 2024Updated 2 years ago
- Example repository that demonstrates a supply chain security workflow using Syft, Grype, Cosign☆12Sep 15, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Various tools, images, etc. to support the Wolfi OSS project☆27Jun 22, 2026Updated last week
- Template repository for testing CLI features of applications written in Go☆10Nov 14, 2021Updated 4 years ago
- Submit SBOMs to GitHub's dependency submission API☆19Dec 4, 2025Updated 7 months ago
- Example GRPC service☆12Feb 3, 2022Updated 4 years ago
- my goreleaser.yml files☆13Jun 24, 2026Updated last week
- nginx image demo☆19Sep 11, 2023Updated 2 years ago
- ☆20Jun 26, 2026Updated last week
- A utility to generate SPDX-compliant Bill of Materials manifests☆459Jun 26, 2026Updated last week
- A single repo that shows terraform, terragrunt, helm & docker☆21Jun 8, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- GitHub actions for the chainguard-images☆21Jun 22, 2026Updated last week
- Artifact Ratification Framework (CNCF Sandbox)☆303Jun 25, 2026Updated last week
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆45Oct 30, 2023Updated 2 years ago
- General sigstore community repo☆45Jun 26, 2026Updated last week
- 🔴🟡🟢 The Amazing Multipurpose Policy Engine (and L)☆53Updated this week
- A collection of reusable Github Actions workflows.☆171Updated this week
- Talos in Kubernetes☆23Aug 20, 2024Updated last year
- A tool to create, transform and attest VEX metadata☆200Updated this week
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆175Jun 23, 2026Updated last week
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Build and deploy Go applications with Terraform☆31Jun 23, 2026Updated last week
- native go library for installation and management of apk packages☆31Jun 5, 2024Updated 2 years ago
- fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…☆11May 11, 2026Updated last month
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.☆150Jun 5, 2026Updated 3 weeks ago
- Keyless Git signing using Sigstore☆1,106Jun 22, 2026Updated last week
- Demo app duplicated in 5 languages (Go/JavaScript/Python/Ruby/Rust) showing how to go from source code to container image using melange+a…☆37Dec 24, 2023Updated 2 years ago
- Comparison of Chainguard Images to others☆21Jun 26, 2026Updated last week
- ☆23Mar 13, 2023Updated 3 years ago
- Interfaces and implementations for building Kubernetes releases.☆20Updated this week
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- How small can a Java application container image be☆21Feb 17, 2023Updated 3 years ago
- Golang libraries for multi-cluster-aware Kubernetes clients, listers and informers.☆20Jun 25, 2026Updated last week
- Lambda function for verifying signed images in ECS☆38Mar 9, 2024Updated 2 years ago
- Github Action implementation of SLSA Provenance Generation☆50Jun 22, 2026Updated last week
- Helper methods for Magefiles☆32Jan 17, 2023Updated 3 years ago
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆73Updated this week
- Sigstore OIDC PKI☆860Updated this week