sigstore / docs
Sigstore documentation
☆73Updated this week
Related projects ⓘ
Alternatives and complementary repositories for docs
- A CLI used to work with the Wolfi OSS project☆57Updated this week
- Go library for Sigstore signing and verification☆48Updated this week
- Educational Resources for Software Supply Chain Security☆76Updated this week
- TUF repository for Sigstore trust root☆88Updated this week
- Go module to generate and transform VEX documents☆34Updated 2 weeks ago
- GitVote is a GitHub application that allows holding a vote on issues and pull requests☆112Updated this week
- Helm charts for sigstore project☆65Updated this week
- Setup K3d/K3s for GitHub Actions☆83Updated 2 years ago
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆56Updated this week
- A ContainerD shim for running Spin Applications.☆71Updated this week
- Protocol Buffer specifications☆23Updated this week
- Verify provenance from SLSA compliant builders☆229Updated 2 weeks ago
- CLOMonitor is a tool that periodically checks open source projects repositories to verify they meet certain project health best practices☆113Updated this week
- Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supp…☆123Updated this week
- Installs KWasm on Kubernetes nodes.☆36Updated 5 months ago
- in-toto is a framework to secure the software supply chain.☆69Updated last week
- Integrates Spiffe and Vault to have secretless authentication☆85Updated 2 weeks ago
- Go-to CLI tool for Kubewarden users☆74Updated this week
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks☆30Updated 10 months ago
- nginx image demo☆18Updated last year
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆70Updated this week
- A collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications.☆39Updated this week
- A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.☆130Updated this week
- Kubernetes operator for declaratively deploying wasmCloud applications (via wadm) and hosts on Kubernetes.☆30Updated this week
- Webhook server that evaluates WebAssembly policies to validate Kubernetes requests☆140Updated this week
- A collection of reusable Github Actions workflows.☆118Updated this week
- Overview of philips-labs helm charts☆16Updated 2 weeks ago
- 🔍 Rekor transparency log monitoring and alerting☆27Updated last year
- Sigstore user stories☆29Updated last year
- docker cp made easy☆107Updated last year