This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)
Secret management by contract toolchain
Regorus - A fast, lightweight Rego (OPA policy language) interpreter written in Rust.
Example of a Go project following SIG Security's recommendations