Is a verification engine as a binary executable and on Kubernetes which enables verification of artifact security metadata and admits for deployment only those that comply with policies you create.
Please see Ratify website for a quick start demo.
Please see the Ratify website for more in-depth information.
Meeting notes for weekly project syncs can be found here.
The Ratify community documents can be found in the repository .github
.
Ratify follows the CNCF Code of Conduct.
The Ratify project governance can be found here.
The Ratify release process is defined in RELEASES.md.
This project is released under the Apache-2.0 License.
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.