Tekton

Tekton Chains

Tekton Chains observes completed TaskRuns/PipelineRuns and emits signed in-toto/SLSA provenance attestations to OCI registries, transparency logs (Rekor), or storage backends — supplying the supply-chain integrity surface for Tekton CI/CD.

GitHub

Documentation

📖
Documentation
https://tekton.dev/docs/chains/

Other Resources

🔗
Source
https://github.com/tektoncd/chains

API entry from apis.yml

apis.yml Raw ↑ 
aid: tekton:tekton-chains-api
name: Tekton Chains
tags:
- Supply Chain
- Provenance
- SLSA
- Signing
properties:
- url: https://tekton.dev/docs/chains/
  type: Documentation
- url: https://github.com/tektoncd/chains
  type: Source
description: Tekton Chains observes completed TaskRuns/PipelineRuns and emits signed in-toto/SLSA provenance
  attestations to OCI registries, transparency logs (Rekor), or storage backends — supplying the supply-chain
  integrity surface for Tekton CI/CD.