secure-supply-chain-on-aks
Learn how to use open-source tools to secure your container deployments on Azure Kubernetes Service. (by duffney)
ratify
Artifact Ratification Framework (by deislabs)
secure-supply-chain-on-aks | ratify | |
---|---|---|
2 | 2 | |
28 | 181 | |
- | 4.4% | |
8.0 | 9.5 | |
5 months ago | 4 days ago | |
Shell | Go | |
- | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
secure-supply-chain-on-aks
Posts with mentions or reviews of secure-supply-chain-on-aks.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-09-27.
-
Automating Kubernetes Deployments with FluxCD for Patched and Signed Container Images
Setup the Azure environment
-
Level-up Container Security: 4 Open-Source Tools for Secure Software Supply Chain
Learn how to add these tools to your existing pipelines, with this step-by-step workshop!
ratify
Posts with mentions or reviews of ratify.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-09-05.
-
Level-up Container Security: 4 Open-Source Tools for Secure Software Supply Chain
Ratify is an admission controller. It's available both as a binary and as a Kubernetes tool installed via a Helm Chart. It ensures that only signed images are deployed. It's an invaluable tool for safeguarding your AKS cluster by preventing unsigned container images from being deployed.
-
Container image signing
Gatekeeper and Ratify – Use Gatekeeper as the admission controller and Ratify configured with an AWS Signer plugin as a web hook for validating signatures.
What are some alternatives?
When comparing secure-supply-chain-on-aks and ratify you can also consider the following projects:
notation - A CLI tool to sign and verify artifacts
kyverno-notation-aws - Kyverno extension service for Notation and the AWS signer
copacetic - 🧵 CLI tool for directly patching container images using reports from vulnerability scanners