Parth Patel
Parth Patel
Signed-off-by: pxp928 # Changes Spire package separated out from https://github.com/tektoncd/pipeline/pull/4759 as requested. It includes the spire interface with a mocked spire for testing. As requested by @afrittoli. /kind feature #...
`pkg/spire/test` was copied into pipelines to test the spire workload API. This is a verbatim copy of the upstream `https://github.com/spiffe/go-spiffe/tree/main/v2/internal/test`. Currently there are linting error that need to be fixed...
Signed-off-by: pxp928 # Changes Authors - @pxp928 and @lumjjb In association with [TEP-0089: Non-falsifiable provenance support](https://github.com/tektoncd/community/blob/main/teps/0089-nonfalsifiable-provenance-support.md) This PR is the implementation of Phase 1 of the [TEP-0089: Non-falsifiable provenance support](https://github.com/tektoncd/community/blob/main/teps/0089-nonfalsifiable-provenance-support.md)...
Signed-off-by: pxp928 # Changes Authors - @pxp928 and @lumjjb In association with [TEP-0089: Non-falsifiable provenance support](https://github.com/tektoncd/community/blob/main/teps/0089-nonfalsifiable-provenance-support.md) This PR is the implementation of Phase 2 of the [TEP-0089: Non-falsifiable provenance support](https://github.com/tektoncd/community/blob/main/teps/0089-nonfalsifiable-provenance-support.md)...
Currently the tetragon service does not expose the grpc port when it is enabled via values.yaml. This checks to see if the grpc is enabled and exposes the port via...
# Description: ### SBOM Guidance for Cloud Native The goal of this proposal is to figure out the who, what, when, where and why for how SBOMs will be used...
#### Summary The current implementation of the intoto type within Rekor does not persist the signatures from the wrapping DSSE envelope into the log entry stored by Trillian. This makes...
Draft PR: Tekton Chains + Spire integration to validate results and taskrun status. If spire verification is valid for both, Chains proceed with signing and attestation generation. Note: This needs...
Add bi-temporal data to each node within the assembler. This should be done via the `objectMetadata` that is already part of the nodes. Note: Refactoring needs to be done on...
Signed-off-by: pxp928 Add runtime attestation support. Currently in draft as the runtime predicate is still evolving.