This is the Operator for Open Policy Agent’s (OPA) Gatekeeper, which helps package, deploy, and manage Kubernetes native applications by building automation into a controller that helps perform initial operations such as installation, but also administrative...
A non-profit, public good software signing & transparency service The sigstore project’s goal is to provide a public a non-profit, public good service to improve the open source software supply chain by easing the adoption of cryptographic software signing, backed...
Keylime is a highly scalable remote boot attestation and runtime integrity measurement solution. It enables users to monitor remote nodes using a hardware-based cryptographic root of trust. Keylime provides a way to build trust in a remote machine, using cryptographic...
Chains is a security subsystem of the Kubernetes Tekton CI/CD pipeline. Chains will enable Tekton continuous delivery to securely capture metadata about PipelineRun and TaskRun execution for post-run auditing. This can then be used for binary provenance and verifiable...