Code Signing - CI/CD Glossary Definition
Code signing uses a private key to sign an artifact (binary, image, package) so anyone can verify its publisher and integrity with the corresponding public key.
Related guides
Attestation - CI/CD Glossary DefinitionAn attestation is a signed statement about an artifact - its provenance, scan results, or test status - that…
Provenance - CI/CD Glossary DefinitionProvenance is verifiable metadata describing how an artifact was built - source, builder, and inputs - lettin…
Image Digest - CI/CD Glossary DefinitionAn image digest is the immutable SHA-256 hash identifying an exact container image. Pinning to a digest guara…