(landing area for upstream contributions and carried patches)
-
Updated
Apr 23, 2024 - Go
(landing area for upstream contributions and carried patches)
A simple CircleCI orb used to install Cosign and sign container images
A demonstration of how GoReleaser can help us to make software supply chain more secure by using bunch of tools such as cosign, syft, grype, slsa-provenance
Материалы к вебинару «Как выстроить процесс безопасной разработки в Yandex Cloud».
This is a Git mirror
This GitHub Action use kaniko and Amazon Linux container with nitro-cli to build a reproducible AWS Nitro Enclaves EIF file and its information.
commit hash is signed using cosign. Signature is written to git object note.
Proof of concept that uses cosign and GitHub's in built OIDC for actions to sign container images, providing a proof that what is in the registry came from your GitHub action.
Docker image for Cosign using alpine linux as base image.
Docker Registry Authentication Made Simple
Deterministic container hashes and container signing using Cosign, Kaniko and Google Cloud Build
pwrApp - Dash application for mcce
AWS Pipelines utilizing Cosign to sign and verify containerized images.
Add a description, image, and links to the cosign topic page so that developers can more easily learn about it.
To associate your repository with the cosign topic, visit your repo's landing page and select "manage topics."