Adam Dawson
Adam Dawson
Feedback from empathy day: "I think in general we should have an enforce overview and architecture overview, and a little better explanation of what each part of the onboarding steps...
The sample policies on this page are great. I believe we've updated the URL where chainguard images are stored from ghcr.io and distroless.dev to cgr.dev, so we should update the...
feedback from empathy day: After the creation we list the policies, and there’s only one (and if that would be the case, seems redundant). But it says A few policies...
empathy day feedback from ville I’m creating a group but I just got the email, so I have no idea what a group is, what does it taste like. Wonder...
Now that Rego policies support custom error messages for warnings/errors, it only makes sense to do the same for CUE policies. I believe @vaikas mentioned this would be dependent on...
It could be useful to validate some information in the image manifest file during admission reviews. Just like the fetchConfigFile: feature allows you to inspect the contents of the OCI...
As the owner of its own distro, Chainguard maintains [advisory data](https://github.com/chainguard-dev/vulnerability-scanner-support/blob/main/docs/foundational_concepts.md#chainguard-advisory-data) that captures the results of investigations into potential vulnerabilities. This includes cases where Chainguard determines a vulnerability to be...
There are a couple of policy examples in the policy-controller docs that use cue policies, but I can't find any documentation that specifically address CUE and Rego support and how...
Hi team, I'm at Chainguard and we build distroless container images of many OSS projects including ratelimit. We try to pick up all patches and releases as fast as possible...