Signing Container Images with GitHub Actions using Notary

preview_player
Показать описание
In this video, you'll learn how to digitally sign a container image hosted in Azure Container Registry using Notary with a GitHub workflow.

Notary is a CNCF project that provides a set of tools that help you sign, store, and verify OCI artifacts using OCI-conformant registries. Digitally signing artifacts is one of many steps you can take to secure your software supply chains and improve the security of your software.

Mentors: Jorge Arteiro @jorgearteiro and Paul Yu @PauldotYu

Notary Blog series

Repos:

  1. AzureTar
  2. azure
  3. acr
  4. aks
  5. containers
  6. notary
Рекомендации по теме
Sign Your Container 0:11:53

Sign Your Container Images with Cosign, GitHub Actions and GitHub Container Registry (How To)

Signing Container Images 0:19:39

Signing Container Images with GitHub Actions using Notary

Signing and Verifying 0:14:12

Signing and Verifying Container Images With Sigstore Cosign and Kyverno

Secure Container Images 0:48:43

Secure Container Images with Chainguard's Tooling: Melange, Apko & Wolfi • Matt Turner • GO...

Securing Your Container 0:32:28

Securing Your Container Native Supply Chain with SLSA, Github and Te... Laurent Simon & Priya Wa...

How to Ensure 0:00:45

How to Ensure Container Image Integrity in Production

Manage Container (Docker) 0:25:23

Manage Container (Docker) Images, Helm, CNAB, and Other Artifacts With Harbor

Secure your cloud-native 0:05:47

Secure your cloud-native deployments with Artifact Attestations

How to Sign 0:03:19

How to Sign NET Console Application for Windows Using GitHub Actions

Harbor Private Container 0:11:00

Harbor Private Container Registry for Docker and Kubernetes

How to Open 0:00:16

How to Open a GitHub Repository in VS Code on Your Browser | Free web based code editor Trick 🔥

Container Security: Image 0:11:03

Container Security: Image Signing with Notary

Sigstore demo with 0:11:06

Sigstore demo with cosign

Building SLSA 3 0:33:54

Building SLSA 3 Conforment Attestors for Artifacts Generated on GitHub- Ian Lewis & Asra Ali, Go...

Creating a pipeline 0:19:39

Creating a pipeline (CD) for deploying ReactJS based on a Github repository - Docker usage example

How GitHub Actions 0:08:18

How GitHub Actions 10x my productivity

Securing Container Images 0:45:09

Securing Container Images with Harbor, an Open Source Registry (Americas Webinar)

docker image tag 0:00:59

docker image tag command to clone the docker images in host machine - #docker

Enhancing Artifact Security 0:45:40

Enhancing Artifact Security with GitHub’s Build Provenance... - Fredrik Skogman & Radoslav Dimit...

A Docker image 0:26:28

A Docker image walks into a Notary - Diogo Mónica

Docuseal - An 0:37:23

Docuseal - An Open Source, Self Hosted docusign alternative with incredible power!

Quick and Easy 0:12:08

Quick and Easy Local SSL Certificates for Your Homelab!

Switch Game Life 0:00:31

Switch Game Life Hack!! 😱 #nintendo #switch #pokemon #nostalgia #retro #trending #shorts #ytshorts...

Automating React Docker 0:14:59

Automating React Docker Builds Using Github Actions | Tutorial

Комментарии
Автор

@Josh Jorge This is great walk through such critical work flow, Did you guys create code verification video

cjiten
welcome to shbcf.ru