-
## Expected Behavior
I expect for a Pod with a specified image without any tag or digest specified to be validated, such as `gcr.io/my-project/nginx` (as opposed to `gcr.io/my-project/nginx:latest`…
-
# Proposal
- Jenkins Plugin for Grafeas
## Why
- CI CD needs audits + governances for enterprise applications
- Grafeas is a Perfect candidate
- Jenkins has first class compatibility with …
-
Several people have asked for this, but we need a proposed Note/Occurrence schema. If this is something you're interested in - please start to add thoughts here. If a thread here becomes too unwieldy,…
-
### **Problem**
Nested if statement that checks for `StatusCode == 200` is always [ignored](https://github.com/grafeas/client-go/blob/master/0.1.0/api_grafeas_v1_beta1.go#L97):
```go
if localVarH…
-
**Is your feature request related to a problem? Please describe.**
For consistency with the [Grafeas architecture](https://www.slideshare.net/aysylu/q-con-sp-software-supply-chain-management-with-gra…
-
* verify that all grafeas call to the storage engine validate portions of the request where needed before passing the call to the storage engine.
* reflect non-validated behaviour in the fakeStorag…
-
For providers and scanners of binaries, and potentially their links to sources, it is a notable criteria to ensure LICENSE conformance. I could imagine this as a gating check.
Would data like LICEN…
-
Source File: [/blog/_posts/2017-11-00-Securing-Software-Supply-Chain-Grafeas.md](https://github.com/kubernetes/website/blob/release-1.16/content/en/blog/_posts/2017-11-00-Securing-Software-Supply-Chai…
-
We should incorporate a story for tracking provenance into the Build CRD's model.
Within the current model (w/o further [restriction](https://github.com/google/build-crd/issues/10)), any step can f…
-
Latest API provided by code in grafeas uses "v1beta" API, so this client needs to be regenerated.