OPA Ecosystem / Integrations / Container Signing, Verification and Storage in an OCI registry

Container Signing, Verification and Storage in an OCI registry

Cosign is a tool for container image signing and verifying maintained under the Project Sigstore in collaboration with the Linux Foundation. Among other features, Cosign supports KMS signing, built-in binary transparency, and timestamping service with Rekor and Kubernetes policy enforcement.

Code & Repos

Related Software

Inventors

Labels

Category security
Layer application

Do you have an OPA-based project or integration to share? Follow these instructions to get it listed or go to the #ecosystem channel in the OPA Slack if you have any questions.