Signing Kubernetes with Sigstore
Adolfo García Veytia, Staff Software Engineer at ChainGuard and Tech Lead on the Kubernetes SIG-Release team, joins Eric and Kyle to talk about how they were able to tackle signing all of the Kubernetes v1.24 image artifacts using Sigstore.
Then we will demonstrate signing an image and vulnerability scan result attestations with Sigstore's cosign utility.