Making the Internet more secure one signed container at a time

This page summarizes the projects mentioned and recommended in the original post on /r/kubernetes
Kubernetes integrity Docker notary-server docker-content-trust

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • cosign

    Code signing and transparency for containers and binaries

    • The sigstore containers are signed with a format defined here: https://github.com/sigstore/cosign/blob/main/SPEC.md

  • notation

    A CLI tool to sign and verify artifacts (by notaryproject)

    • It should be interoperable, that's the goal. I proposed some idea for nv2 here: https://github.com/notaryproject/nv2/issues/39 and here: https://github.com/notaryproject/nv2/issues/40 too.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • connaisseur

    An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster

    • Admission Controller was based on Connaisseur, heavily modified to work with v2 instead of v1 signatures.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts