Supply chain security: Improve integration with sigstore and look at tekton chains
- Mentors
- ankitm123, Tom, babadofar, MÃ¥rten Svantesson
- Organization
- Jenkins X
- Technologies
- go, kubernetes, security, Helm
- Topics
- CI/CD, Supply Chain Security
To increase the Supply Chain Security for Jenkins X. I Integrated Jenkins X with Sigstore to sign the pipeline artifacts. Integrated with Tekton Chains to sign the pipeline activities. Generated SBOMs for vulnerability checks and analysis.