feat: Add new provenance and crypto registry documentation
- Introduced attestation inventory and subject-rekor mapping files for tracking Docker packages. - Added a comprehensive crypto registry decision document outlining defaults and required follow-ups. - Created an offline feeds manifest for bundling air-gap resources. - Implemented a script to generate and update binary manifests for curated binaries. - Added a verification script to ensure binary artefacts are located in approved directories. - Defined new schemas for AdvisoryEvidenceBundle, OrchestratorEnvelope, ScannerReportReadyPayload, and ScannerScanCompletedPayload. - Established project files for StellaOps.Orchestrator.Schemas and StellaOps.PolicyAuthoritySignals.Contracts. - Updated vendor manifest to track pinned binaries for integrity.
This commit is contained in:
master
10
.gitignore
vendored
10
.gitignore
vendored
@@ -14,9 +14,11 @@ obj/
|
||||
.idea/
|
||||
.vscode/
|
||||
|
||||
# Packages and logs
|
||||
*.log
|
||||
TestResults/
|
||||
# Packages and logs
|
||||
*.log
|
||||
TestResults/
|
||||
local-nuget/
|
||||
local-nugets/packages/
|
||||
|
||||
.dotnet
|
||||
.DS_Store
|
||||
@@ -32,4 +34,4 @@ out/offline-kit/web/**/*
|
||||
**/.cache/**/*
|
||||
**/dist/**/*
|
||||
tmp/**/*
|
||||
build/
|
||||
build/
|
||||
|
||||
Reference in New Issue
Block a user