Kubewarden artifacts
Verifying Kubewarden
There is a tutorial on verifying Kubewarden demonstrating how to verify Kubewarden artifacts.
Binaries
Our kwctl CLI tool is published via Github releases.
OCI artifacts
For Open Container Initiative (OCI) artifacts, the project publishes everything
in ghcr.io under https://github.com/orgs/kubewarden/packages.
-
kubewarden/packages/policies/*are the policy Wasm OCI artifacts. -
kubewarden/packages/charts/*are the Helm charts as OCI artifacts. They follow SLSA standards. -
the container images published as OCI images:
kubewarden-controller,policy-server,audit-scanner,kubectl. -
there’s also
packages/tests/*containing artifacts used in e2e tests.
Helm charts via HTTPS
Kubewarden publishes Helm charts in the Helm chart HTTPS repository at https://charts.kubewarden.io. They’re without SLSA, or signatures, but this type of Helm repository provides searching.