Docs
Specification and other related documents.
- You can read the current version of the specification here.
- The latest stable version (1.0) is here.
Generating PDF
Requirements
- git
- Pandoc with LaTex, must include enumitem
- GNU Make
The documentation can be generated into a printable PDF by compiling the
markdown file.
make pdf
Examples and Demos
There are a couple of repositories within this organization that you can use to
play around and better understand in-toto. Here's a list of them along with a
brief description.
- demo: This is a very basic dummy supply
chain example to help you understand the in-toto python toolchain. We
recommend getting started here.
- kubectl-in-toto: Inside of this
repository, you will find a demo to test a kubectl in-toto plugin to scan
containers in your kubernetes deployment against in-toto metadata.
- demo OpenSUSE: This repository
uses the OpenSUSE build toolchain to exemplify how in-toto could be
integrated inside of OpenSUSE-based distros.
- totoify-grafeas: This repository
provides an interface that converts standard in-toto links into Grafeas
occurrences, and back for use in an in-toto verification workflow.
- layout-web-tool: The
layout-web-tool is a simple Flask-based web app that walks users through
creating an in-toto layout.
Other informative repositories
Along with this Docs repository, the in-toto enhancements
(ITE) repository contains information about
features, recommendations and other extensions that are not part of the core
specification