The Airgap Native Package Manager for Kubernetes
Remove all the resources from an AWS account
An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster
Integrates Spiffe and Vault to have secretless authentication
Compage - Low-Code Framework to develop Rest API, gRPC, dRPC, GraphQL, WebAssembly, microservices, FaaS, Temporal workloads, IoT and edge services, K8s controllers, K8s CRDs, K8s custom APIs, K8s Operators, K8s hooks, etc. with minimal coding and by automatically applying best practice methods like software supply chain security measures, SBOM, …
The Anti-Virus for AI Artifacts & RAG Firewall. A static analysis tool scanning Models and Notebooks for RCE, Datasets and RAG docs for Data Poisoning, PII, and Prompt Injections. Secure your AI Supply Chain.
This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)
Example goreleaser + github actions config with keyless signing, SBOM generation, and attestations
Projeto final do curso Programa Intensivo em Containers e Kubernetes.
Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect
Cross-platform Python client for ARX CoSign electronic signatures via SOAP API
Stream, Mutate and Sign Images with AWS Lambda and ECR
Proof of concept that uses cosign and GitHub's in built OIDC for actions to sign container images, providing a proof that what is in the registry came from your GitHub action.
My personal stop-gap mirror of OCI Helm Charts.
Add a description, image, and links to the cosign topic page so that developers can more easily learn about it.
To associate your repository with the cosign topic, visit your repo's landing page and select "manage topics."