Secure Builds Made Easy

Konflux-ci is an open source, cloud-native software factory focused on software supply chain security.

Build artifacts of all kinds from source. Enable hermetic builds and produce accurate SBOMs.

Generate secure & detailed provenance, an immutable record of what happened during each and every build step.

Catch critical vulnerabilities quickly with each pull request.

Verify container images against major secure software frameworks or your own custom rules.

Execute integration tests for complex applications and see results in your SCM.

Build in response to git events, post results of builds and tests back to your Pull or Merge requests

Template by Bootstrapious. Ported to Hugo by DevCows.