sigstore / friendsLinks
Sigstore user stories
☆30Updated last year
Alternatives and similar repositories for friends
Users that are interested in friends are comparing it to the libraries listed below
Sorting:
- ☆20Updated last month
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆63Updated this week
- A CLI used to work with the Wolfi OSS project☆62Updated this week
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆43Updated last year
- A library for representing OCI image layers in an abstract filesystem☆27Updated 4 years ago
- ☆23Updated 2 years ago
- vexctl is a tool to attest VEX impact statements☆44Updated 2 years ago
- Kubernetes tools in a "distroless" container☆13Updated last year
- Go implementation for CNAB content trust verification using TUF, Notary, and in-toto☆31Updated 2 years ago
- This tool allows using a SPIFFE JWT to authenticate to AWS APIs☆34Updated last week
- ☆35Updated 3 years ago
- OpenCP shim is a simple HTTP server that implements the Kubernetes API server interface. It is a shim that allows you to use the Kubernet…☆14Updated 2 years ago
- Integrity Shield is a tool for built-in preventive integrity control for regulated cloud workloads. It provides signature-based assurance…☆16Updated 2 years ago
- To manage Docker Content Trust and Notary certificates☆12Updated last week
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.☆66Updated this week
- A simple tool for converting Rego (OPA) rule into command.☆29Updated 3 years ago
- sigstore installation walkthrough, local☆61Updated last year
- Tool to automate build instructions generation☆33Updated this week
- A Kubewarden Policy that detects usage of deprecated and dropped Kubernetes resources☆16Updated last week
- Integrates Spiffe and Vault to have secretless authentication☆90Updated last week
- 🔍 Rekor transparency log monitoring and alerting☆27Updated last year
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated last year
- A High-Availability distribution of Knative.☆20Updated last year
- Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations☆58Updated this week
- Build and deploy Go applications with Terraform☆28Updated 3 weeks ago
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆23Updated last month
- ☆24Updated last year
- Transparenty Immutable Container Image Tags☆20Updated 2 years ago
- ☆29Updated last week
- Mattermost builder☆11Updated 3 years ago