Home

Awesome

<div align="center"> <img src="logo.svg" width="200"> </div>

Ratify

Is a verification engine as a binary executable and on Kubernetes which enables verification of artifact security metadata and admits for deployment only those that comply with policies you create.

Go Report Card build-pr OpenSSF Scorecard OpenSSF Best Practices Go Reference codecov

Table of Contents

Quick Start

Please see Ratify website for a quick start demo.

Community meetings

Pull Request Review Series

Documents

Please see the Ratify website for more in-depth information.

Meeting notes for weekly project syncs can be found here.

The Ratify community documents can be found in the repository .github.

Code of Conduct

Ratify follows the CNCF Code of Conduct.

Project Governance

The Ratify project governance can be found here.

Release Management

The Ratify release process is defined in RELEASES.md.

Licensing

This project is released under theĀ Apache-2.0 License.

Trademark

This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.