• Stars
    star
    76
  • Rank 420,374 (Top 9 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created almost 3 years ago
  • Updated 7 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their signatures

More Repositories

1

cosign

Code signing and transparency for containers and binaries
Go
4,300
star
2

gitsign

Keyless Git signing using Sigstore
Go
938
star
3

rekor

Software Supply Chain Transparency Log
Go
864
star
4

fulcio

Sigstore OIDC PKI
Go
629
star
5

sigstore

Common go library shared across sigstore services and clients
Go
441
star
6

sigstore-python

A Sigstore client written in Python
Python
227
star
7

sigstore-rs

An experimental Rust crate for sigstore
Rust
162
star
8

sigstore-js

Code-signing for npm packages
TypeScript
156
star
9

policy-controller

Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supply-chain metadata from cosign
Go
123
star
10

cosign-installer

Cosign Github Action
114
star
11

model-transparency

Supply chain security for ML
Python
105
star
12

root-signing

TUF repository for Sigstore trust root
Go
81
star
13

k8s-manifest-sigstore

kubectl plugin for signing Kubernetes manifest YAML files with sigstore
Go
78
star
14

docs

Sigstore documentation
HTML
73
star
15

helm-charts

Helm charts for sigstore project
Smarty
62
star
16

helm-sigstore

Plugin for Helm to integrate the sigstore ecosystem
Go
59
star
17

timestamp-authority

RFC3161 Timestamp Authority
Go
58
star
18

scaffolding

Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.
HCL
57
star
19

gh-action-sigstore-python

A GitHub Action for sigstore-python
Python
46
star
20

sigstore-go

Go library for Sigstore signing and verification
Go
39
star
21

community

General sigstore community repo
38
star
22

sigstore-java

java clients for sigstore
Java
37
star
23

friends

Sigstore user stories
29
star
24

sigstore-website

Codebase for sigstore.dev
Vue
27
star
25

rekor-search-ui

Search Rekor for entries
TypeScript
26
star
26

rekor-monitor

Log monitor for Rekor to verify immutability and monitor entries
Go
24
star
27

protobuf-specs

Protocol Buffer specifications
Rust
22
star
28

sget

Go
21
star
29

rekor-operator

K8S Operator for Rekor
Go
20
star
30

sigstore-maven-plugin

sigstore maven plugin
Java
18
star
31

sget-rs

sget is a keyless safe script retrieval and execution tool
Rust
18
star
32

sigstore-go-archived

Go library for Sigstore signing and verification
Go
16
star
33

rekor-server

Cryptographic, immutable, append only software release ledger.
Go
11
star
34

rekorctl

Rekor swiss army knife
Go
9
star
35

ruby-sigstore

Rubygems sigstore signing plugin
Ruby
9
star
36

sigstore-git-verifier

A Github Action to verify that new commits are present in the sigstore transparency log.
Shell
8
star
37

sigstore-maven

sigstore maven plugin
Java
8
star
38

TSC

sigstore Technical Steering Committee
7
star
39

sigstore-conformance

Conformance testing for Sigstore clients
Python
7
star
40

sigstore.github.io

Rekor website
Sass
7
star
41

homebrew-tap

Sigstore Homebrew Tap
Ruby
6
star
42

examples

Repository to store various monitors for upstream release sites
Python
6
star
43

sigstore-blog

Codebase for sigstore.dev
CSS
6
star
44

sigstore-project-template

cookiecutter template for sigstore projects
5
star
45

github-sync

Pulumi GitHub Sync for sigstore
Go
5
star
46

sig-clients

Home of the clients SIG
5
star
47

sigstore-helm-operator

Helm based operator for the sigstore project
Smarty
4
star
48

sigstore-probers

Probers for sigstore infrastructure
Go
4
star
49

.github

Default community health files for the Sigstore organization.
4
star
50

sigstore-devops-tools

Tools & services used to help in the development flow of sigstore
Go
4
star
51

sigstore-ruby

Pure-ruby implementation of sigstore verification
Ruby
4
star
52

root-signing-staging

Staging TUF repository for Sigstore trust root
3
star
53

root-signing-practice

Root TUF Key Signing
Go
3
star
54

rekor-ansible

Ansible role to deploy the Rekor signature transparency log
2
star
55

sigstore-installer

1
star
56

fish-food

Lua
1
star
57

sig-public-good-operations

Home of the public good operations SIG
1
star