Skip to content

Commit

Permalink
doc: added security
Browse files Browse the repository at this point in the history 
Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de>
  • Loading branch information
@ckotzbauer
ckotzbauer committed Jan 18, 2022
1 parent 509bb9a commit 6261a0c
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,12 @@ helm repo add ckotzbauer https://ckotzbauer.github.io/helm-charts
helm install ckotzbauer/sbom-git-operator -f your-values.yaml
```

## Security

The docker-image is based on `scratch` to reduce the attack-surface and keep the image small. Furthermore the image and release-artifacts are signed with [cosign](https://github.com/sigstore/cosign). The release-process satisfies SLSA Level 2. Both, SLSA and the signatures are still experimental for this project.



[Contributing](https://github.com/ckotzbauer/sbom-git-operator/blob/master/CONTRIBUTING.md)
--------
[License](https://github.com/ckotzbauer/sbom-git-operator/blob/master/LICENSE)
Expand Down

0 comments on commit 6261a0c

Please sign in to comment.