Is a verification engine as a binary executable and on Kubernetes which enables verification of artifact security metadata and admits for deployment only those that comply with policies you create.
Please see Ratify website for a quick start demo.
- Agenda: https://hackmd.io/ABueHjizRz2iFQpWnQrnNA
- We hold a weekly Ratify community meeting on Weds 4:30-5:30pm (Pacific Time)
Get Ratify Community Meeting Calendar here - We meet regularly to discuss and prioritize issues. The meeting may get cancelled due to holidays, all cancellation will be posted to meeting notes prior to the meeting.
- Reach out on Slack at cloud-native.slack.com#ratify. If you're not already a member of cloud-native slack channel, first add yourself here.
- We hold a weekly Ratify Pull Request Review Series on Mondays 5-6 pm PST.
- People are able to use this time to walk through any Pull Requests and seek feedback from others in the Community. If there are no PR to review, the meeting will be cancelled during that week.
- Reach out on Slack if you want to reserve a session for review or during our weekly community meetings.
Please see the Ratify website for more in-depth information.
Meeting notes for weekly project syncs can be found here
This project has adopted the Microsoft Open Source Code of Conduct.
For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
The Ratify release process is defined in RELEASES.md.
This project is released under the Apache-2.0 License.
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.