A demonstration of how GoReleaser can help us to make software supply chain more secure by using bunch of tools such as cosign, syft, grype, slsa-provenance
-
Updated
Feb 10, 2022 - Go
#
cosign
Here are 82 public repositories matching this topic...
Enterprise-grade AWS infrastructure deployed with Terraform: ECS Fargate, Multi-AZ RDS PostgreSQL, Application Load Balancer, WAF security, Route53 DNS. Full DevSecOps pipeline with 6 security scanners, container signing, SBOM generation, and Infracost integration.
route53 aws security terraform full-stack infrastructure-as-code high-availability cloud-platform snyk cicd aws-rds devsecops vulnerability-scanning aws-waf sonarcloud sbom ecs-fargate trivy cosign multi-tier-architecture
-
Updated
Jan 14, 2026 - TypeScript
Automated, secure Docker pipeline with image scanning and cloud/K8s deployment.
python docker kubernetes devops ci-cd k8s devsecops vulnerability-scanning container-security github-actions trivy grype cosign
-
Updated
Aug 16, 2025 - Dockerfile
Production-ready CI/CD standardization framework for regulated environments (PCI-DSS, SOC2). Immutable pipelines with mandatory security gates, GitOps promotion, and audit-ready evidence generation. Supports Jenkins & GitLab CI, OpenShift/Kubernetes.
kubernetes jenkins security pipeline openshift helm gitlab-ci pci-dss compliance cicd devsecops sast gitops argocd sbom golden-path trivy supply-chain-security semgrep cosign
-
Updated
Feb 4, 2026 - Groovy
Example of GitHub Actions, goreleaser and cosign to release a Go based CLI program.
-
Updated
Jun 16, 2024 - Go
Custom Caddy (xcaddy) with HE DNS & CloudFront trusted proxies. Docker/Compose + cosign.
-
Updated
Feb 3, 2026 - Shell
Security by Design reference: JWT/mTLS auth, RBAC, DevSecOps pipeline (SAST/DAST/SBOM/Cosign), Kubernetes hardening. Production-grade patterns.
python kubernetes microservices helm gitlab-ci owasp rbac jwt-authentication threat-modeling devsecops api-security mtls sbom fastapi slsa platform-security supply-chain-security security-by-design cosign sast-dast
-
Updated
Jan 28, 2026 - Python
Proof of concept that uses cosign and GitHub's in built OIDC for actions to sign container images, providing a proof that what is in the registry came from your GitHub action.
-
Updated
Jan 31, 2023 - Dockerfile
Docker image for Cosign using alpine linux as base image.
-
Updated
May 25, 2022 - Dockerfile
Example of using Sigstore/Cosign to secure Helm chart supply chain
-
Updated
Nov 30, 2023
This project includes containerization, Kubernetes deployment, Helm chart management, security policy enforcement, image signing, monitoring setup, and CI/CD pipeline automation.
-
Updated
Sep 8, 2024 - CSS
A Github Actions pipeline that builds safer containers
docker security scan provenance attestation security-automation syft sbom github-actions docker-buildkit docker-buildx cosign trivy-scan slsa-provenance docker-scout
-
Updated
Apr 25, 2025 - Dockerfile
Minimal Alpine-based Docker image for kubectl with automatic updates, Cosign signing, and security scanning
docker kubernetes security devops automation minimal docker-image container ci-cd alpine-linux k8s cloud-native kubectl vulnerability-scanning container-security github-actions supply-chain-security cosign kubescape image-signing
-
Updated
Jan 25, 2026 - Dockerfile
This is the main Git repo
docker dockerfile docker-compose gollum wikijs podman podman-compose meilisearch goat-counter cosign pod-recon coral-project
-
Updated
Oct 5, 2025
Secure multi-cloud CI/CD with GitHub Actions — automated linting, testing, security scans, signing and deployments to AWS EKS & Azure AKS.
docker kubernetes helm ci-cd k8s kubectl oidc devsecops cloud-security aws-eks branch-protection github-actions azure-aks trivy slsa secret-scanning supply-chain-security cosign
-
Updated
Aug 17, 2025 - JavaScript
Improve this page
Add a description, image, and links to the cosign topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the cosign topic, visit your repo's landing page and select "manage topics."