mattmoor / zero-friction-actionsLinks
An example repo demonstrating keyless signing with Github Actions
☆11Updated 3 years ago
Alternatives and similar repositories for zero-friction-actions
Users that are interested in zero-friction-actions are comparing it to the libraries listed below
Sorting:
- Sigstore user stories☆30Updated 2 years ago
- A library for representing OCI image layers in an abstract filesystem☆27Updated 5 years ago
- Trust Dexter to ensure that all your images are pinned by digest for better security☆30Updated last year
- ☆20Updated 3 months ago
- Transparenty Immutable Container Image Tags☆20Updated 2 years ago
- This tool allows using a SPIFFE JWT to authenticate to AWS APIs☆34Updated 2 months ago
- A Kubewarden Policy that detects usage of deprecated and dropped Kubernetes resources☆17Updated this week
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆65Updated last week
- ☆12Updated 5 years ago
- To manage Docker Content Trust and Notary certificates☆13Updated last week
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆23Updated last week
- A Go program to display certificate chains simply and quickly with an easy to remember syntax☆28Updated 10 months ago
- Open Source declarative disk configuration system for Kubernetes☆40Updated 2 years ago
- OpenCP shim is a simple HTTP server that implements the Kubernetes API server interface. It is a shim that allows you to use the Kubernet…☆14Updated 2 years ago
- Generate K8s RBAC policies based on e2e test runs☆28Updated 4 years ago
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆43Updated last year
- ☆12Updated 2 years ago
- Comparison of Chainguard Images to others☆19Updated this week
- Demos and resources of the Istio + Gatekeeper talks at IstioCon 2022 and GitOpsCon 2022☆14Updated 2 years ago
- Proof of concept that uses cosign and GitHub's in built OIDC for actions to sign container images, providing a proof that what is in the …☆14Updated 2 years ago
- Integrates Spiffe and Vault to have secretless authentication☆92Updated last week
- ☆29Updated last year
- Integrity Shield is a tool for built-in preventive integrity control for regulated cloud workloads. It provides signature-based assurance…☆16Updated 3 years ago
- Grafana multi tenant operator☆27Updated last month
- Kubernetes Admission Controller for Image Scanning using OPA☆50Updated 2 years ago
- Write controller-runtime based k8s controllers that read/write to git, not k8s☆48Updated 4 years ago
- A simple tool for converting Rego (OPA) rule into command.☆30Updated 3 years ago
- A Go library for implementing GitOps, used by Ignite☆66Updated 2 years ago
- Automated Terraform cloud and enterprise drift detection☆37Updated last year
- Kubernetes tools in a "distroless" container☆13Updated last year