Ecosyste.ms: Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: sigstore

OZI-Project/OZI

Python project packaging for Meson.

Language: Python - Size: 2.17 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 2 - Forks: 2

sigstore/sigstore-go

Go library for Sigstore signing and verification

Language: Go - Size: 603 KB - Last synced: about 9 hours ago - Pushed: about 9 hours ago - Stars: 34 - Forks: 12

sigstore/helm-sigstore

Plugin for Helm to integrate the sigstore ecosystem

Language: Go - Size: 468 KB - Last synced: about 12 hours ago - Pushed: about 13 hours ago - Stars: 57 - Forks: 13

sigstore/github-sync

Pulumi GitHub Sync for sigstore

Language: Go - Size: 213 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 4 - Forks: 4

sigstore/sigstore-rs

An experimental Rust crate for sigstore

Language: Rust - Size: 1.25 MB - Last synced: about 19 hours ago - Pushed: 1 day ago - Stars: 151 - Forks: 47

sigstore/sigstore-conformance

Conformance testing for Sigstore clients

Language: Python - Size: 254 KB - Last synced: 1 day ago - Pushed: 1 day ago - Stars: 7 - Forks: 10

sigstore/sigstore

Common go library shared across sigstore services and clients

Language: Go - Size: 3.71 MB - Last synced: about 21 hours ago - Pushed: 2 days ago - Stars: 435 - Forks: 113

sigstore/gitsign

Keyless Git signing using Sigstore

Language: Go - Size: 1.46 MB - Last synced: 3 days ago - Pushed: 3 days ago - Stars: 904 - Forks: 58

sigstore/sigstore-devops-tools

Tools & services used to help in the development flow of sigstore

Language: Go - Size: 102 KB - Last synced: 5 days ago - Pushed: 6 days ago - Stars: 4 - Forks: 2

kubernetes-sigs/tejolote

A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.

Language: Go - Size: 1.41 MB - Last synced: 6 days ago - Pushed: 6 days ago - Stars: 55 - Forks: 9

spencergilbert/asdf-gitsign

Gitsign plugin for asdf version manager

Language: Shell - Size: 42 KB - Last synced: 7 days ago - Pushed: 8 days ago - Stars: 1 - Forks: 0

argoproj-labs/argocd-interlace

Enabling Software Supply Chain Security Capabilities in ArgoCD

Language: Go - Size: 10.2 MB - Last synced: 3 days ago - Pushed: over 1 year ago - Stars: 76 - Forks: 10

ThomasVitale/supply-chain-security-java

Samples showing how to secure the supply chain for Java applications.

Language: Java - Size: 562 KB - Last synced: 10 days ago - Pushed: 10 days ago - Stars: 5 - Forks: 0

richardfan1126/nitro-enclaves-eif-build-action

This GitHub Action use kaniko and Amazon Linux container with nitro-cli to build a reproducible AWS Nitro Enclaves EIF file and its information.

Language: Shell - Size: 43.9 KB - Last synced: 11 days ago - Pushed: 11 days ago - Stars: 4 - Forks: 0

sse-secure-systems/connaisseur

An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster

Language: Go - Size: 27 MB - Last synced: 10 days ago - Pushed: 10 days ago - Stars: 419 - Forks: 59

sigstore/cosign-gatekeeper-provider

🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their signatures

Language: Go - Size: 621 KB - Last synced: 9 days ago - Pushed: about 2 months ago - Stars: 73 - Forks: 23

martinbaillie/ocistow

Stream, Mutate and Sign Images with AWS Lambda and ECR

Language: Go - Size: 558 KB - Last synced: 21 days ago - Pushed: over 2 years ago - Stars: 18 - Forks: 1

jenkin/sigstore-for-pdf

Sign PDF documents with sigstore

Language: Standard ML - Size: 604 KB - Last synced: 21 days ago - Pushed: 10 months ago - Stars: 1 - Forks: 0

trailofbits/sigstore-apis

Rust clients for the Fulcio and Rekor APIs

Language: Rust - Size: 125 KB - Last synced: 28 days ago - Pushed: 29 days ago - Stars: 3 - Forks: 1

rancher-government-carbide/cosign Fork of sigstore/cosign

(landing area for upstream contributions and carried patches)

Language: Go - Size: 21.4 MB - Last synced: 28 days ago - Pushed: 29 days ago - Stars: 0 - Forks: 0

sigstore/model-transparency

Supply chain security for ML

Language: Python - Size: 1.41 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 74 - Forks: 18

strongjz/cosign-aws-codepipeline

Example code repo for blog post https://chainguard.dev/posts/2022-01-07-cosign-aws-codepipeline

Language: HCL - Size: 50.8 KB - Last synced: about 1 month ago - Pushed: over 2 years ago - Stars: 7 - Forks: 2

toddysm/cssc-pipeline

Sample CI/CD pipeline for creating container images with provenance details.

Language: Shell - Size: 965 KB - Last synced: 2 months ago - Pushed: 2 months ago - Stars: 1 - Forks: 0

goreleaser/goreleaser-example-supply-chain

Example goreleaser + github actions config with keyless signing and SBOM generation

Language: Go - Size: 94.7 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 52 - Forks: 10

stacklok/sigstore-the-hard-way

sigstore the hard way!

Size: 4.02 MB - Last synced: about 1 month ago - Pushed: 2 months ago - Stars: 108 - Forks: 25

GoogleCloudPlatform/aactl

Google Container Analysis data import utility, supports OSS vulnerability scanner reports, SLSA provenance and sigstore attestations.

Language: Go - Size: 23.6 MB - Last synced: 21 days ago - Pushed: 22 days ago - Stars: 6 - Forks: 4

mayaCostantini/sigstore-ansible-github-action Fork of sigstore/gh-action-sigstore-python

Automatically sign Ansible projects with Sigstore

Language: Python - Size: 196 KB - Last synced: 7 months ago - Pushed: 7 months ago - Stars: 1 - Forks: 1

sigstore/sigstore-go-archived 📦

Go library for Sigstore signing and verification

Language: Go - Size: 105 KB - Last synced: 3 months ago - Pushed: 8 months ago - Stars: 16 - Forks: 10

flxw/rekor-monitor

A Rekor crawler and monitor

Language: Go - Size: 7.49 MB - Last synced: 8 months ago - Pushed: 8 months ago - Stars: 1 - Forks: 0

rewanthtammana/sigstore-the-easy-way

Software signing just got easier

Language: HTML - Size: 13.9 MB - Last synced: 5 months ago - Pushed: 5 months ago - Stars: 13 - Forks: 3

hboutemy/sigstore-maven-plugin Fork of sigstore/sigstore-maven-plugin

Sigstore Maven plugin POC

Language: Java - Size: 1.03 MB - Last synced: 9 months ago - Pushed: 9 months ago - Stars: 0 - Forks: 1

smallstep/ansible-collection-sigstore

An Ansible collection for using Sigstore to verify file signatures

Language: Python - Size: 53.7 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 4 - Forks: 0

kubeservice-stack/cosign-webhook

Kubernetes admission webhook that uses cosign tools Container Sign Verify

Language: Go - Size: 16.7 MB - Last synced: 4 months ago - Pushed: 9 months ago - Stars: 1 - Forks: 1

nsmith5/rekor-sidekick

🔍 Rekor transparency log monitoring and alerting

Language: Go - Size: 425 KB - Last synced: 8 months ago - Pushed: 8 months ago - Stars: 26 - Forks: 6

kube-tarian/sigrun

Sign your artifacts, source code or container images using Sigstore tools, Save the Signatures you want to use, and Validate & Control the deployments to allow only the known Sources based on Signatures, Maintainers & other payloads automatically.

Language: Go - Size: 702 KB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 11 - Forks: 3

kameshsampath/go-hello-world

Demo to showcase how to build a golang application using ko. Sign and push the image to the container registry using https://sigstore.dev. Apply policy controller on Kubernetes to allow only signed images.

Language: Go - Size: 65.4 KB - Last synced: 11 months ago - Pushed: about 1 year ago - Stars: 0 - Forks: 1

albasystems/hello-slsa

Project that demonstrates the implementation of SLSA L3 with Github Workflows and Sigstore. Bonus: binary authorization with Kyverno.

Language: CUE - Size: 29.3 KB - Last synced: 11 months ago - Pushed: about 1 year ago - Stars: 13 - Forks: 1

appvia/cosign-keyless-admission-webhook

Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect

Language: JavaScript - Size: 153 KB - Last synced: about 24 hours ago - Pushed: 1 day ago - Stars: 22 - Forks: 1

chainguard-dev/tlogistry

Transparenty Immutable Container Image Tags

Language: Go - Size: 212 KB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 17 - Forks: 0

operatorequals/gitsign-action

Verify Sigstore Gitsign commit signatures

Language: Shell - Size: 74.2 KB - Last synced: 6 days ago - Pushed: over 1 year ago - Stars: 4 - Forks: 0

mayaCostantini/pyconfr-sigstore-demo

Demo repository for the PyConFR 2023 talk "Introduction to Sigstore: cryptographic signatures made easier"

Language: Python - Size: 55.7 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0

chrisns/cosign-keyless-demo 📦

Proof of concept that uses cosign and GitHub's in built OIDC for actions to sign container images, providing a proof that what is in the registry came from your GitHub action.

Language: Dockerfile - Size: 66.4 KB - Last synced: 21 days ago - Pushed: over 1 year ago - Stars: 13 - Forks: 0

garethahealy/kyverno-verifyimages-blog 📦

[Archived] Blog about kyverno verify images which uses cosign from sigstore under the hood

Language: Shell - Size: 664 KB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 0 - Forks: 0

mayaCostantini/sigstore-roles

Ansible roles to deploy Sigstore components

Language: Jinja - Size: 58.6 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0

hboutemy/sigstore-java-poc

Java PoC code to implement sigstore operations equivalent to "cosign sign-blob"

Language: Java - Size: 91.8 KB - Last synced: 12 months ago - Pushed: 12 months ago - Stars: 3 - Forks: 2

cpanato/does-github-support-gitsign-signatures-yet

Does GitHub support gitsign signatures yet?

Size: 201 KB - Last synced: about 1 month ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0

cpanato/cosign-orb

Cosign CircleCI orb. To learn more about cosign visit the GitHub repo

Language: Shell - Size: 29.3 KB - Last synced: about 1 month ago - Pushed: about 1 year ago - Stars: 1 - Forks: 2

shibumi/secure-supply-chain-example

Supply Chain Security does not need to be difficult

Language: Go - Size: 3.91 KB - Last synced: 10 months ago - Pushed: about 2 years ago - Stars: 4 - Forks: 0

Related Keywords
sigstore 48 cosign 17 rekor 6 slsa 6 security 6 sbom 5 fulcio 4 supply-chain 4 go 4 golang 4 kubernetes 4 signature-verification 3 containers 3 software-supply-chain-security 3 ansible 3 container 3 aws 3 docker 3 opa 2 keyless 2 java 2 supply-chain-security 2 gitsign 2 notary 2 gatekeeper 2 provenance 2 kyverno 2 hacktoberfest 2 supplychain 2 signing 2 oidc 2 signatures 2 automation 2 container-security 2 python 2 ansible-role 1 admission-webhook 1 circleci-orbs 1 ansible-module 1 ansible-collection 1 maven 1 guide 1 grafana 1 predicate 1 import 1 gcp 1 gcb 1 build 1 circleci-orb 1 circleci 1 proof-of-concept 1 github-action 1 github 1 pgp 1 cicd 1 transparency-log 1 container-image 1 kubernetes-admission-webhook 1 policy-controller 1 k3d 1 harness-ci 1 drone-ci 1 demo-app 1 signature 1 policy-as-code 1 pods 1 open-policy-agent 1 kubernetessecurity 1 kubernetes-security 1 containersecurity 1 artifacts 1 openpolicyagent 1 enclave 1 cyclonedx 1 in-toto 1 argocd 1 asdf-vm 1 asdf-plugin 1 asdf 1 attestation 1 tools 1 devops 1 git 1 tests 1 conformance 1 rust-libraries 1 rust-lang 1 pulumi 1 helm 1 packaging-tools 1 packaging-python 1 packaging-for-pypi 1 meson 1 attestations 1 artifact 1 syft 1 software-bill-of-materials 1 goreleaser 1 software-supply-chain 1 machine-learning 1