https://deploy-preview-3419--ornate-narwhal-088216.netlify.app/open-source/sigstore/Recent content in Sigstore onHugo -- gohugo.ioenCopyright (c) 2023 ChainguardTue, 06 Oct 2020 08:49:15 +0000https://deploy-preview-3419--ornate-narwhal-088216.netlify.app/open-source/sigstore/how-to-keyless-sign-a-container-with-sigstore/Wed, 24 Aug 2022 08:49:31 +0000https://deploy-preview-3419--ornate-narwhal-088216.netlify.app/open-source/sigstore/how-to-keyless-sign-a-container-with-sigstore/<p><em>An earlier version of this material was published in the <a href="https://learning.edx.org/course/course-v1:LinuxFoundationX&#43;LFS182x&#43;2T2022/block-v1:LinuxFoundationX&#43;LFS182x&#43;2T2022&#43;type@sequential&#43;block@5fb8482a3b764ce0903e2c424842d32f/block-v1:LinuxFoundationX&#43;LFS182x&#43;2T2022&#43;type@vertical&#43;block@2e3388391d6040f5beb5bacbf19f96f5">lab in chapter 5</a> of the Linux Foundation <a href="https://learning.edx.org/course/course-v1:LinuxFoundationX&#43;LFS182x&#43;2T2022/home">Sigstore course</a>.</em></p> <p>This tutorial will bring some of the components of Sigstore together in an example project. In this demonstration, we’ll be using GitHub Actions to perform keyless signing on a sample container. In this example, we’ll use a Django container that displays a generic “Hello, World” style landing page. Django is a Python web framework.</p>https://deploy-preview-3419--ornate-narwhal-088216.netlify.app/open-source/sigstore/cosign/Mon, 29 Jul 2024 15:12:18 +0000https://deploy-preview-3419--ornate-narwhal-088216.netlify.app/open-source/sigstore/cosign/<p>A Sigstore tool used to sign and verify software artifacts</p>https://deploy-preview-3419--ornate-narwhal-088216.netlify.app/open-source/sigstore/policy-controller/Tue, 21 Feb 2023 13:05:12 +0812https://deploy-preview-3419--ornate-narwhal-088216.netlify.app/open-source/sigstore/policy-controller/<p>A Kubernetes admission controller used to validate signatures and attestations on container images as well as enforce policies using CUE or Rego languages.</p>https://deploy-preview-3419--ornate-narwhal-088216.netlify.app/open-source/sigstore/fulcio/Tue, 06 Oct 2020 08:49:15 +0000https://deploy-preview-3419--ornate-narwhal-088216.netlify.app/open-source/sigstore/fulcio/<p>A new kind of root certificate authority for code signing</p>https://deploy-preview-3419--ornate-narwhal-088216.netlify.app/open-source/sigstore/rekor/Tue, 06 Oct 2020 08:49:15 +0000https://deploy-preview-3419--ornate-narwhal-088216.netlify.app/open-source/sigstore/rekor/<p>An immutable, tamper-resistant ledger of metadata generated within a software project’s supply chain</p>