sigstore / friendsLinks
Sigstore user stories
☆30Updated last year
Alternatives and similar repositories for friends
Users that are interested in friends are comparing it to the libraries listed below
Sorting:
- A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.☆64Updated this week
- ☆20Updated last month
- ☆23Updated 2 years ago
- A CLI used to work with the Wolfi OSS project☆63Updated this week
- Transparenty Immutable Container Image Tags☆20Updated 2 years ago
- sigstore installation walkthrough, local☆62Updated last year
- Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.☆43Updated last year
- ☆29Updated 11 months ago
- Go library for Sigstore signing and verification☆18Updated last year
- Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.☆66Updated last week
- ☆35Updated 3 years ago
- Integrates Spiffe and Vault to have secretless authentication☆90Updated last week
- To manage Docker Content Trust and Notary certificates☆13Updated 3 weeks ago
- Tool to automate build instructions generation☆33Updated this week
- Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations☆58Updated last week
- vexctl is a tool to attest VEX impact statements☆44Updated 2 years ago
- 🔍 Rekor transparency log monitoring and alerting☆27Updated last year
- Terraform provider to perform OCI image operations☆14Updated last week
- native go library for installation and management of apk packages☆29Updated last year
- Mattermost builder☆11Updated 3 years ago
- sigstore the hard way!☆115Updated last year
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated last year
- A simple tool for converting Rego (OPA) rule into command.☆30Updated 3 years ago
- Generate K8s RBAC policies based on e2e test runs☆28Updated 4 years ago
- Build and deploy Go applications with Terraform☆29Updated 3 weeks ago
- A docker CLI plugin for verifying signed attestations on images☆13Updated last year
- Go implementation for CNAB content trust verification using TUF, Notary, and in-toto☆31Updated 2 years ago
- This tool allows using a SPIFFE JWT to authenticate to AWS APIs☆34Updated 2 weeks ago
- ☆20Updated last week
- An SBOM query language and associated utilities☆54Updated last year