cosign

Here are 25 public repositories matching this topic...

developer-guy / container-image-sign-and-verify-with-cosign-and-opa

This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)

go golang proof-of-concept opa open-policy-agent cosign cosign-http-wrapper

Updated Aug 4, 2021
Go

martinbaillie / ocistow

Sponsor

Star

Stream, Mutate and Sign Images with AWS Lambda and ECR

docker aws aws-lambda oci ecr supplychain slsa cosign sigstore

Updated Oct 28, 2021
Go

GoTurkiye / goreleaser-supply-chain-example

Star

A demonstration of how GoReleaser can help us to make software supply chain more secure by using bunch of tools such as cosign, syft, grype, slsa-provenance

syft goreleaser sbom githubactions slsa grype cosign slsaprovenance

Updated Feb 10, 2022
Go

shibumi / secure-supply-chain-example

Star

Supply Chain Security does not need to be difficult

keyless sbom supply-chain-security cosign sigstore rekor fulcio

Updated Mar 18, 2022
Go

kameshsampath / go-hello-world

Star

Demo to showcase how to build a golang application using ko. Sign and push the image to the container registry using https://sigstore.dev. Apply policy controller on Kubernetes to allow only signed images.

docker demo-app drone-ci k3d policy-controller harness-ci cosign sigstore

Updated Apr 17, 2023
Go

bishal7679 / ksapify

Sponsor

Star

A Multi-Featured Light Kubernetes command-line tool

go shell kubernetes cli client-go cobra-cli cosign

Updated May 15, 2023
Go

kube-tarian / sigrun

Star

Sign your artifacts, source code or container images using Sigstore tools, Save the Signatures you want to use, and Validate & Control the deployments to allow only the known Sources based on Signatures, Maintainers & other payloads automatically.

kubernetes containers signature opa artifacts gatekeeper signature-verification pods container-security open-policy-agent policy-as-code kubernetes-security cosign sigstore rekor fulcio kubernetessecurity containersecurity

Updated Jul 30, 2023
Go

goreleaser / goreleaser-example-sign-with-env

Star

Example signing with cosign using --key=env://KEY

example goreleaser cosign

Updated Aug 7, 2023
Go

kubeservice-stack / cosign-webhook

Star

Kubernetes admission webhook that uses cosign tools Container Sign Verify

admission-webhook cosign sigstore

Updated Aug 15, 2023
Go

ekristen / dockit

Sponsor

Star

Docker Registry Authentication Made Simple

docker kubernetes golang registry helm docker-distribution helm-chart cosign litestream

Updated Nov 5, 2024
Go

sigstore / cosign-gatekeeper-provider

Star

🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their signatures

opa gatekeeper keyless cosign sigstore rekor fulcio

Updated Apr 2, 2024
Go

GoogleCloudPlatform / aactl

Star

Google Container Analysis data import utility, supports OSS vulnerability scanner reports, SLSA provenance and sigstore attestations.

build container gcp import predicate artifact gcb sbom attestations slsa cosign sigstore

Updated Oct 24, 2024
Go

wolfeidau / gh-cosign-goreleaser

Star

Example of GitHub Actions, goreleaser and cosign to release a Go based CLI program.

golang goreleaser github-actions cosign sigstore

Updated Jun 16, 2024
Go

intelops / compage

Star

Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Operators, K8s hooks, etc. with minimal coding and by automatically applying best practice methods like software supply chain security measures, SBOM, …