nais / salsa
SLSA level 3 action
☆11Updated last year
Alternatives and similar repositories for salsa:
Users that are interested in salsa are comparing it to the libraries listed below
- Build and deploy Go applications with Terraform☆27Updated last week
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated last year
- Tool to automate build instructions generation☆30Updated this week
- To manage Docker Content Trust and Notary certificates☆12Updated this week
- Transparenty Immutable Container Image Tags☆20Updated last year
- An SBOM query language and associated utilities☆54Updated last year
- Kubernetes tools in a "distroless" container☆13Updated last year
- ☆20Updated 9 months ago
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆62Updated this week
- A simple tool for converting Rego (OPA) rule into command.☆28Updated 2 years ago
- ☆42Updated 6 months ago
- Example repository that demonstrates a supply chain security workflow using Syft, Grype, Cosign☆11Updated 3 years ago
- Terraform provider for Sigstore Cosign☆10Updated last week
- A High-Availability distribution of Knative.☆20Updated last year
- Terraform provider to perform OCI image operations☆13Updated this week
- 🔍 Rekor transparency log monitoring and alerting☆27Updated last year
- Sets up Open Policy Agent CLI in your GitHub Actions workflow.☆49Updated last year
- AWS Signer Plugin for Notation☆12Updated 3 weeks ago
- Generate K8s RBAC policies based on e2e test runs☆28Updated 3 years ago
- ☆24Updated last year
- Trivy plugin for OCI referrers☆23Updated 11 months ago
- ☆19Updated last month
- This tool allows using a SPIFFE JWT to authenticate to AWS APIs☆34Updated 11 months ago
- Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations☆56Updated last week
- A Kubewarden Policy that detects usage of deprecated and dropped Kubernetes resources☆16Updated this week
- etcd-k8s-extract takes in an etcd data directory or db file used in kubernetes, extracts the kubernetes resources and then writes the res…☆37Updated 4 months ago
- OpenCP shim is a simple HTTP server that implements the Kubernetes API server interface. It is a shim that allows you to use the Kubernet…☆14Updated 2 years ago
- fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…☆10Updated last week
- vexctl is a tool to attest VEX impact statements☆44Updated 2 years ago
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆43Updated last year