Kritis

Description

Kritis is an open-source solution for securing the software supply chain for Kubernetes applications. Kritis enforces deploy-time security policies using the Google Cloud Container Analysis API and Grafeas.

As part of my contribution, I've helped shipping version 0.2.0, and added support for separating attestations into different GCP projects for images and "AttestationAuthority".

Resources: