Announcing Kritis Signer

88 views
Skip to first unread message

Qifan Pu

unread,
Sep 15, 2020, 12:06:03 PM9/15/20
to Kritis users, Grafeas Users

Dear Kritis/Grafeas Community and Users,


A new Kritis tool, Kritis Signer, is released📣. It is a command-line tool that simplifies attestation creation for a container image. Features include:


- conditional signing based on a vulnerability policy;

- multiple key type support: PGP, PKIX, Cloud KMS.


To learn more:

- Try this tutorial to run it locally;

- Integrate with Cloud Build:  Allowlist-based vulnerability scanning with Container Analysis, Vulnerability scanning integration with Kritis Signer


Many thanks to the contributors on this new tool: Anthony Amadeo‎, Yash Chaudhary‎, Mike Davis, Nenad Dedic, Sandra Guo, Daniel Klothe, Ríona Macnamara, Don McCasland‎, Geri Ochoa, Nitya Ravi, Trey Ridley‎, Brian Russell‎


Good day,

Qifan on behalf of the Kritis Team


Aysylu Greenberg

unread,
Sep 25, 2020, 5:18:37 PM9/25/20
to Qifan Pu, Kritis users, Grafeas Users
Great news and congratulations, team!

--
You received this message because you are subscribed to the Google Groups "Grafeas Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to grafeas-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/grafeas-users/CA%2Bkr23OJLN-FRtgUWp4eKPGSf8FsUL5LOXAvnekcCNdX6JJ_rg%40mail.gmail.com.

Michael

unread,
Jan 13, 2021, 8:27:58 PM1/13/21
to Grafeas Users
Can this write attestations to a self-hosted instance of Grafeas, or only the Google BinAuthz service?
Reply all
Reply to author
Forward
0 new messages