Chainguard

ssc-reading-list

A reading list for software supply-chain security.

vex

vexctl is a tool to attest VEX impact statements

bom-shelter

A place to systematically store software bill of materials (SBOM) documents.

darkfiles

Darkfiles finds orphaned files in container images and makes them to bad deeds

cosign-ecs-verify

Lambda function for verifying signed images in ECS

crow-registry

self-attestation

Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.

tlogistry

Transparenty Immutable Container Image Tags

openssl-fips-test

Test that OpenSSL is configured to be FIPS-compliant

tekton-demo

Tekton and Sigstore Demo

pull-secret-updater

melange-php-demos

PHP demos for Melange + Apko

text4shell-policy

ClusterImagePolicy demo for cve-2022-42889 text4shell

images

Public Chainguard Images

sigstore-custom-policies

Repo to contain files demo'd on the CNCF Webinar on the Sigstore Policy Controller

source-integrity-demo

tekton-helm-charts

Helm charts for deploying Tekton Pipelines, Dashboard and Chains

.github

Default files to be used for any public repository under the chainguard-dev organization.

chainguard-weaveworks-gitops-demo

End to End Security & Operations with Chainguard & Weave GitOps

hello-wolfi-demo

Demo for the Hello Wolfi workshop

ldso-cache

reading and writing of glibc /etc/ld.so.cache files

go-demo

go demo app

apko-npm-base

chainguard-nginx-demo

is-sigstore-psychic

Checking sigstore susceptibility to psychic signatures

k8s-shredder

K8s-shredder - a new way of parking in Kubernetes

minimal_images_for_language_runtimes

Tutorial on building minimal images for languages with Runtimes

secureframe-policy-minder

Send Slack reminders to personnel in response to Secureframe requirements

tagfinder

A multithreaded reader to search for SPDX tags in source code

test-vulnerabilities

Repo for testing vulnerabilities scanners