Stream, Mutate and Sign Images with AWS Lambda and ECR
-
Updated
Oct 28, 2021 - Go
Stream, Mutate and Sign Images with AWS Lambda and ECR
[Archived] Blog about kyverno verify images which uses cosign from sigstore under the hood
Example code repo for blog post https://chainguard.dev/posts/2022-01-07-cosign-aws-codepipeline
Verify Sigstore Gitsign commit signatures
Enabling Software Supply Chain Security Capabilities in ArgoCD
Proof of concept that uses cosign and GitHub's in built OIDC for actions to sign container images, providing a proof that what is in the registry came from your GitHub action.
A guide for setting up Sigstore with Keycloak as an identity provider
Demo to showcase how to build a golang application using ko. Sign and push the image to the container registry using https://sigstore.dev. Apply policy controller on Kubernetes to allow only signed images.
Cosign CircleCI orb. To learn more about cosign visit the GitHub repo
Transparenty Immutable Container Image Tags
Sign your artifacts, source code or container images using Sigstore tools, Save the Signatures you want to use, and Validate & Control the deployments to allow only the known Sources based on Signatures, Maintainers & other payloads automatically.
Kubernetes admission webhook that uses cosign tools Container Sign Verify
Add a description, image, and links to the sigstore topic page so that developers can more easily learn about it.
To associate your repository with the sigstore topic, visit your repo's landing page and select "manage topics."