This is an overview of the documentation available today for Ratify in the folders
Titles by sub-folder in this directory
These walk through end-to-end examples of using ratify.
- ratify-on-aws - How to use ratify on AWS
- ratify-verify-azure-cmd - Use notation, oras, and ratify to build and sign a container image and SBOM and verify it with the ratify cli.
- working-with-spdx - Use ratify with syft, oras, and verification using ratify cli.
These documents can be found generally useful to understand using or implementing ratify, but do not walk through end-to-end examples.
- usage - Additional information for using the
ratify
executable - gatekeeper-policy-authoring - Authoring gatekeeper policies for use with ratify, including rego references/examples.
- oras-auth-provider - Explanation of various authentication mechanisms available for use with ratify.
- creating-plugins - Details on creating your own plugins for use with ratify.
The documents in this directory are for developers who want to contribute to Ratify or want to understand the internals of Ratify.
- Contributing - How to get ratify development environment setup and generally contribute back to Ratify.
- README - breaks down the architecture of Ratify and how it works.
- providers - information about built-in providers and the extensible policy provider interface
- executor - information about the executor and how it works
- store - information about the store plugin and how it works
- verifier - information about the verifier plugin and how it works.
developer
- Overhaul the root readme as this was from original creation and the design has been more finalized since then. Likely combined effort with the next item to streamline.
- Streamline documentation between contributing, framework readme and providers, executor, store, verifier docs.
- Guidance for new plugins
- Create a new plugin scaffold
examples
- Azure e2e walkthrough
- Cosign walkthrough
- Using ratify in pass-through execution mode