artifact-signing
CommunitySecure every artifact from build to deployment.
Software Engineering#provenance#slsa#supply-chain-security#cosign#code-signing#sigstore#artifact-signing
Authormarquesfelip
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Artifact signing and provenance verification streamline software supply chain security by ensuring the integrity and traceability of builds and releases.
Core Features & Use Cases
- Key signing workflows for containers, binaries, and release artifacts using Cosign, Sigstore, and Notation.
- SLSA provenance generation and verification to provide build authenticity.
- Deployment-time enforcement of signature verification in Kubernetes, admission controllers, and CI pipelines.
Quick Start
Sign your first release artifact by enabling keyless Cosign signing and Rekor attestation in the CI workflow.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: artifact-signing Download link: https://github.com/marquesfelip/agents-and-skills/archive/main.zip#artifact-signing Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.