Introduce SLSA

Opened this issue a year ago · 0 comments

nicholasdille commented a year ago

Achieve level 1: https://slsa.dev/get-started
Add container signing: https://github.com/sigstore/cosign
Document validation of keyless signatures
Add table with links to Binary, SBOM, certificate and signatures for convenience

See slsa-github-generator and slsa-verifier