majinghe's starred repositories
RustyVault
A rusted vault that can do many awesome secrets management stuff...
Awesome-One-Click-Deployment
🪄 One-click deployment of many github open source projects to facilitate fast experience 一键部署各种Github开源AI项目
k8s-manifest-sigstore
kubectl plugin for signing Kubernetes manifest YAML files with sigstore
python-tuf
Python reference implementation of The Update Framework (TUF)
presentations
📊 Presentations from the CNCF community to share and reuse
helm-charts
Helm charts for sigstore project
s2c2f
The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously improve the S2C2F guide which outlines and defines how to securely consume Open Source Software (OSS) dependencies into the developer’s workflow.
kubernetes-community-days
📅 Kubernetes Community Days website
policy-controller
Sigstore Policy Controller - an admission controller that can be used to enforce policy on a Kubernetes cluster based on verifiable supply-chain metadata from cosign
slsa-github-generator
Language-agnostic SLSA provenance generation for Github Actions
wg-supply-chain-integrity
Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the code they maintain, produce and use.
specification
OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX