Procedural
Overview of Migrating to Chainguard Images
This overview serves as a collection of information and resources on migrating to Chainguard Images.
How to Set Up Pull Through from Chainguard Registry to Google Artifact RegistryTutorial outlining how to set up a Google Artifact Registry repository to pull Images through from the Chainguard Registry.
Create an Assumable Identity for a GitHub Actions WorkflowProcedural tutorial outlining how to create a Chainguard Enforce identity that can be assumed by a GitHub Actions workflow.
How to Verify File Signatures with CosignUse Cosign to verify non-container software artifacts
How to Verify File Signatures with Rekor or curlUse Rekor or curl to verify non-container software artifacts
How to Set Up An Instance of Rekor Instance LocallyCreate your own instance of the Rekor transparency log
How to Sign an SBOM with CosignSigning software bills of materials with Cosign