Skip to content

jasonbishay/image-ingest

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
.github/workflows
.github/workflows
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
image-list.txt
image-list.txt
 
 
ingest.sh
ingest.sh
 
 
test.crt
test.crt
 
 

Repository files navigation

image ingestion pipeline examples

flowchart LR
    subgraph corporate network
    A(fa:fa-laptop-code<br>developer)
    B(fas:fa-boxes-stacked<br>internal<br>container registry)
    end
    A -->| push new images | B
    B -->| pull base images | A
    subgraph internet
    C(🐙<br>chainguard registry)
    end
    D{🔎 acceptance criteria<br>- CVE scans<br>- SBOM validation<br>- Sigstore validation}
    D -->| pull tokens<br>or<br>OIDC | C
    B --> D
Loading

Two paths are shown here, more as a demo than anything else.

  1. ingest.sh is a simple shell script that runs as acceptance criteria checks to pull from one source (Chainguard registry), run the checks above, then push to another (any OCI compliant registry)
  2. .github/workflows/ingest.yaml is the same workflow and checks, but run within GitHub Actions to show a demo of it working in a CI pipeline.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Shell 100.0%