PROCEDURAL
Create an Assumable Identity for a GitHub Actions Workflow
Procedural tutorial outlining how to create a Chainguard Enforce identity that can be assumed by a GitHub Actions workflow.
How to Verify File Signatures with Rekor or curlUse Rekor or curl to verify non-container software artifacts
How to Set Up An Instance of Rekor Instance LocallyCreate your own instance of the Rekor transparency log
How to Sign an SBOM with CosignSigning software bills of materials with Cosign
Disallowing Non-Default CapabilitiesUsing Policy Controller to prevent running pods with extra capabilities
Disallowing Privileged PodsUsing Policy Controller to prevent running privileged pods
Disallowing Run as Root UserUsing Policy Controller to prevent running pods as root