taiars/nora
1
0
Fork 0
mirror of https://github.com/getnora-io/nora.git synced 2026-04-12 13:50:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

security: pin Docker base images by SHA, cosign signing in release, branch protection

Browse Source 
- Pin alpine:3.20 by SHA digest in all Dockerfiles (Pinned-Dependencies)
- Add cosign keyless signing for Docker images and binary (Signed-Releases)
- Enable branch protection: strict status checks, linear history, no force push
- Add .sig and .pem to GitHub Release assets
This commit is contained in:
devitway
2026-03-18 09:49:45 +00:00
parent 6b5a397862
commit b50dd6386e
4 changed files with 25 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile.redos
View File

@@ -5,7 +5,7 @@
# FROM registry.red-soft.ru/redos/redos:8
# RUN dnf install -y ca-certificates && dnf clean all
FROM alpine:3.20 AS certs
FROM alpine:3.20@sha256:a4f4213abb84c497377b8544c81b3564f313746700372ec4fe84653e4fb03805 AS certs
RUN apk add --no-cache ca-certificates
FROM scratch