bitops icon indicating copy to clipboard operation
bitops copied to clipboard
verified publisher icon bitovi

Docker image signing

Open arm4b opened this issue 3 years ago • 0 comments

Implement Docker image signing before uploading artifacts to Docker Hub so the users could validate that the images are coming from us. This would add to the software supply chain security.

  • [ ] Signing
  • [ ] CI/CD
  • [ ] Documentation

Resources

  • https://docs.docker.com/engine/security/trust/
  • https://www.howtogeek.com/devops/how-to-sign-your-docker-images-to-increase-trust/

arm4b avatar Sep 20 '22 19:09 arm4b