Open Gephrie opened 10 months ago
Tagging @upodroid from K8 Security Slam 2023 #SecuritySlam
/cc @puerco
/sig release
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
/remove-lifecycle stale
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
/remove-lifecycle stale /good-first-issue
@tenzen-y: This request has been marked as suitable for new contributors.
Please ensure that the issue body includes answers to the following questions:
For more details on the requirements of such an issue, please see here and ensure that they are met.
If this request no longer meets these requirements, the label can be removed
by commenting with the /remove-good-first-issue
command.
What would you like to be added: SLSA Attestation Generated with new releases.
Why is this needed:
SLSA's are resources that show evidence that the release consumers receive has not been tampered with during the supply chain process.
Completion requirements:
Implementation of a tool such as https://github.com/kubernetes-sigs/tejolote into the CI process for builds. This will generate the SLSA and attach it to the release.
This enhancement requires the following artifacts:
The artifacts should be linked in subsequent comments.