Hector Fernandez's repositories
aws-eks-best-practices
A best practices guide for day 2 operations, including operational excellence, security, reliability, performance efficiency, and cost optimization.
community-1
General sigstore community repo
cosign-installer
Cosign Github Action
cve-bin-tool
This tool scans for a number of common, vulnerable components (openssl, libpng, libxml2, expat and a few others) to let you know if your system includes common libraries with known vulnerabilities.
docs
Sigstore documentation
edu
Educational Resources for Software Supply Chain Security
friends
Sigstore user stories
gh-runner-free-disk-space
⚙️ A GitHub Action to free disk space on an Ubuntu runner.
go-containerregistry
Go library and CLIs for working with container registries
go-oidc
A Go OpenID Connect client.
harbor
An open source trusted cloud native registry project that stores, signs, and scans content.
ko
Development environment for using ko/cgo with distroless target images
kpack
Kubernetes Native Container Build Service
sigstore-the-hard-way
sigstore the hard way!
sigstore-website
Codebase for sigstore.dev
tanzu-framework
Tanzu Framework provides a set of building blocks to build atop of the Tanzu platform and leverages Carvel packaging and plugins to provide users with a much stronger, more integrated experience than the loose coupling and stand-alone commands of the previous generation of tools.
terraform-aws-chainguard-account-association
Terraform module to connect Chainguard Enforce to your AWS Account
terraform-google-chainguard-account-association
Terraform module to connect Chainguard Enforce to your Google Cloud project
timestamp-authority
RFC3161 Timestamp Authority
wg-reference-types
OCI Working Group: Reference Types
witness
A pluggable framework for software supply chain security.