hardened-release-workflow | secure | ClaudePluginHub

Skill

Community

hardened-release-workflow

0

Description

Production-ready release workflow examples with signed releases, SLSA provenance, artifact attestations, and minimal permissions.

AI Summary

Provides production-ready GitHub Actions release workflows with SLSA provenance, artifact attestations, and signed releases. Use when creating secure release pipelines that require supply chain transparency and cryptographic verification.

Install

1

Add the repository(one-time)

$

/plugin marketplace add adaptive-enforcement-lab/claude-skills

2

Install the plugin

$

/plugin install secure@ael-skills

Tool Access

This skill inherits all available tools. When active, it can use any tool Claude has access to.

Supporting Assets

View in Repository

examples.md

reference.md

scripts/example-1.yaml

scripts/example-2.yaml

scripts/example-3.yaml

Skill Content

Hardened Release Workflow

When to Use This Skill

Copy-paste ready release workflow templates with comprehensive security hardening. Each example demonstrates signed releases, SLSA provenance generation, artifact attestations, minimal permissions, and secure artifact distribution.

Complete Security Patterns

These workflows integrate all security patterns from the hub: SHA-pinned actions, minimal GITHUB_TOKEN permissions, SLSA provenance, artifact attestations, signature verification, and secure distribution. Use as production templates for secure software supply chain.

Implementation

See the full implementation guide in the source documentation.

Key Principles

Every release workflow in this guide implements these controls:

Action Pinning: All third-party actions pinned to full SHA-256 commit hashes
Minimal Permissions: Only required permissions granted per job
SLSA Provenance: Build provenance attestations for supply chain transparency
Artifact Attestations: Cryptographic signatures for release artifacts
Signature Verification: Verifiable release authenticity
Immutable Releases: Tag protection and commit verification
Approval Gates: Environment protection for production releases

Examples

See examples.md for code examples.

Full Reference

See reference.md for complete documentation.

References

Links

GitHub Stats

0 forks

Updated 4 days ago

Similar Skills

gitops-workflow

Implement GitOps workflows with ArgoCD and Flux for automated, declarative Kubernetes deployments with continuous reconciliation. Use when implementing GitOps practices, automating Kubernetes deployments, or setting up declarative infrastructure management.

kubernetes-operations

24.8k

helm-chart-scaffolding

Design, organize, and manage Helm charts for templating and packaging Kubernetes applications with reusable configurations. Use when creating Helm charts, packaging Kubernetes applications, or implementing templated deployments.

kubernetes-operations

24.8k

k8s-manifest-generator

Create production-ready Kubernetes manifests for Deployments, Services, ConfigMaps, and Secrets following best practices and security standards. Use when generating Kubernetes YAML manifests, creating K8s resources, or implementing production-grade Kubernetes configurations.

kubernetes-operations

24.8k