DevSecOps for Air Gap & Limited-Connection Systems. https://zarf.dev/
Remove all the resources from an AWS account
An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster
Import Helm Charts to OCI registries, optionally with vulnerability patching
Integrates Spiffe and Vault to have secretless authentication
Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Oper...
🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their signatures
This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)
Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations
Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
Stream, Mutate and Sign Images with AWS Lambda and ECR
Container Image Signing & Verifying on Ethereum [Testnet]
Proof of concept that uses cosign and GitHub's in built OIDC for actions to sign container images, providing a proof that what is in the registry came from your GitHub action.
Sign your artifacts, source code or container images using Sigstore tools, Save the Signatures you want to use, and Validate & Control the deployments to allow only the known Sources based on Signatur...
Kubernetes Validation Admission Controller to verify Cosign signatures
A Multi-Featured Light Kubernetes command-line tool
Google Container Analysis data import utility, supports OSS vulnerability scanner reports, SLSA provenance and sigstore attestations.