Fetches project event logs from Aiven API, and logs them to standard out.
| environment variable | description |
|---|---|
| AIVEN_AUDIT_PAT | Access token for Aiven API |
The images are signed "keylessly" using Sigstore cosign. To verify their authenticity run
cosign verify \
--certificate-identity "https://github.com/nais/aiven-audit/.github/workflows/main.yml@refs/heads/main" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
europe-north1-docker.pkg.dev/nais-io/nais/images/aiven-audit@sha256:<shasum>
The images are also attested with SBOMs in the CycloneDX format. You can verify these by running
cosign verify-attestation --type cyclonedx \
--certificate-identity "https://github.com/nais/aiven-audit/.github/workflows/main.yml@refs/heads/main" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
europe-north1-docker.pkg.dev/nais-io/nais/images/aiven-audit@sha256:<shasum>