Procedural

How to Set Up Pull Through from Chainguard Registry to Google Artifact Registry
Tutorial outlining how to set up a Google Artifact Registry repository to pull Images through from a Chainguard Registry.
Create an Assumable Identity for a GitHub Actions Workflow
Procedural tutorial outlining how to create a Chainguard Enforce identity that can be assumed by a GitHub Actions workflow.
How to Verify File Signatures with Cosign
Use Cosign to verify non-container software artifacts
How to Verify File Signatures with Rekor or curl
Use Rekor or curl to verify non-container software artifacts
How to Set Up An Instance of Rekor Instance Locally
Create your own instance of the Rekor transparency log
How to Sign an SBOM with Cosign
Signing software bills of materials with Cosign
Disallowing Non-Default Capabilities
Using Policy Controller to prevent running pods with extra capabilities