Proof of concept that uses cosign and GitHub's in built OIDC for actions to sign container images, providing a proof that what is in the registry came from your GitHub action.
-
Updated
Jan 31, 2023 - Dockerfile
#
cosign
Here are 8 public repositories matching this topic...
Minimal Alpine-based Docker image for kubectl with automatic updates, Cosign signing, and security scanning
docker kubernetes security devops automation minimal docker-image container ci-cd alpine-linux k8s cloud-native kubectl vulnerability-scanning container-security github-actions supply-chain-security cosign kubescape image-signing
-
Updated
Oct 1, 2025 - Dockerfile
Deterministic container hashes and container signing using Cosign, Kaniko and Google Cloud Build
-
Updated
May 8, 2023 - Dockerfile
Automated, secure Docker pipeline with image scanning and cloud/K8s deployment.
python docker kubernetes devops ci-cd k8s devsecops vulnerability-scanning container-security github-actions trivy grype cosign
-
Updated
Aug 16, 2025 - Dockerfile
A Github Actions pipeline that builds safer containers
docker security scan provenance attestation security-automation syft sbom github-actions docker-buildkit docker-buildx cosign trivy-scan slsa-provenance docker-scout
-
Updated
Apr 25, 2025 - Dockerfile
Docker image for Cosign using alpine linux as base image.
-
Updated
May 25, 2022 - Dockerfile
Improve this page
Add a description, image, and links to the cosign topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the cosign topic, visit your repo's landing page and select "manage topics."