Modified: for 12.1.3



This feature addresses the digital signing process for docker/container images for the SBC.

Only the Jenkins stream/builds are signed in this feature.

  • Use 'notation' to sign the container images digitally. Notation is an open-source container image signer used to sign and verify container images to secure the Supply of any deliverable, such as container images, SBOMs, and other blob attachments.
  • Check the keys in the workspace in this phase to secure the deployment of Kubernetes.