notaryproject / notation-go
A collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications.
☆42Updated last week
Alternatives and similar repositories for notation-go:
Users that are interested in notation-go are comparing it to the libraries listed below
- GitHub Actions for signing and verifying artifacts with Notation☆20Updated last week
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆62Updated last week
- A CLI used to work with the Wolfi OSS project☆60Updated this week
- Go library for Sigstore signing and verification☆64Updated this week
- Contains support for Notary Project signature envelope, and format specific implementation☆17Updated 2 weeks ago
- Helm charts for sigstore project☆72Updated last week
- Kubernetes controller manager that reconciles workload registration and federation relationships.☆61Updated last week
- ☆20Updated 9 months ago
- Container Storage Interface components for SPIFFE☆61Updated 2 weeks ago
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆131Updated this week
- sigstore installation walkthrough, local☆58Updated last year
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.☆62Updated this week
- 🔍 Rekor transparency log monitoring and alerting☆27Updated last year
- ☆56Updated 2 years ago
- The Porter Operator gives you a native, integrated experience for managing your bundles from Kubernetes. It is the recommended way to aut…☆34Updated 3 months ago
- 🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their sig…☆78Updated last year
- ☆64Updated 11 months ago
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.☆137Updated 2 weeks ago
- Azure Provider for Notation CLI☆16Updated this week
- TUF repository for Sigstore trust root☆101Updated this week
- A CLI tool to sign and verify artifacts☆403Updated last week
- ☆96Updated 2 weeks ago
- Toolkit common packages☆51Updated this week
- Cross tooling and interoperability specifications☆169Updated 3 months ago
- Git provider client for Go☆71Updated last week
- Trivy plugin for OCI referrers☆23Updated 11 months ago
- native go library for installation and management of apk packages☆29Updated 11 months ago
- Go implementation of witness☆36Updated this week
- Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations☆56Updated last week
- Artifact Ratification Framework (CNCF Sandbox)☆261Updated this week