-
copacetic
🧵 CLI tool for directly patching container images using reports from vulnerability scanners
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
In this article, we'll walk you through the creation of a GitHub Actions workflow that focuses on automating the patching and signing of container images using a CNCF sandbox project Copacetic.
- name: Setup Notation if: steps.push.conclusion == 'success' uses: notaryproject/notation-action/setup@v1 with: version: "1.0.0" - name: Notation Sign if: steps.push.conclusion == 'success' uses: notaryproject/notation-action/sign@v1 with: plugin_name: azure-kv plugin_url: https://github.com/Azure/notation-azure-kv/releases/download/v1.0.1/notation-azure-kv_1.0.1_linux_amd64.tar.gz plugin_checksum: f8a75d9234db90069d9eb5660e5374820edf36d710bd063f4ef81e7063d3810b key_id: ${{ vars.KEY_ID }} target_artifact_reference: ${{ steps.extract_tag.outputs.imageName }}@${{ steps.push.outputs.DIGEST }} signature_format: cose plugin_config: |- name=${{ vars.CERT_NAME }} self_signed=false