← Back to work Project

Hardened Images

DockerSupply-Chain
A base-image pipeline that starts from nothing and adds only what's proven necessary. Reproducible builds, cosign signatures, SBOMs on every push, and CI that fails on a single new vulnerability.