{"id":13461475,"url":"https://github.com/keptn/keptn","last_synced_at":"2026-01-14T11:38:43.397Z","repository":{"id":37390535,"uuid":"166831098","full_name":"keptn/keptn","owner":"keptn","description":"Cloud-native application life-cycle orchestration. Keptn automates your SLO-driven multi-stage delivery and operations \u0026 remediation of your applications.","archived":true,"fork":false,"pushed_at":"2023-12-21T11:52:10.000Z","size":170407,"stargazers_count":1788,"open_issues_count":0,"forks_count":237,"subscribers_count":23,"default_branch":"master","last_synced_at":"2025-12-16T03:14:08.973Z","etag":null,"topics":["cncf","continuous-delivery","control-plane","data-driven","event-based","hacktoberfest","keptn","kubernetes","operations","orchestration"],"latest_commit_sha":null,"homepage":"https://keptn.sh","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/keptn.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-01-21T14:51:48.000Z","updated_at":"2025-11-03T14:33:37.000Z","dependencies_parsed_at":"2024-06-18T13:55:57.815Z","dependency_job_id":"63cd4621-317f-4c70-a0cc-85c5aec6a66b","html_url":"https://github.com/keptn/keptn","commit_stats":{"total_commits":6788,"total_committers":140,"mean_commits":48.48571428571429,"dds":0.860489098408957,"last_synced_commit":"318a3d5416a693617c3577f12b1984c183940f65"},"previous_names":[],"tags_count":105,"template":false,"template_full_name":null,"purl":"pkg:github/keptn/keptn","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keptn%2Fkeptn","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keptn%2Fkeptn/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keptn%2Fkeptn/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keptn%2Fkeptn/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/keptn","download_url":"https://codeload.github.com/keptn/keptn/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keptn%2Fkeptn/sbom","scorecard":{"id":555943,"data":{"date":"2025-08-11","repo":{"name":"github.com/keptn/keptn","commit":"318a3d5416a693617c3577f12b1984c183940f65"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.2,"checks":[{"name":"Maintained","score":0,"reason":"project is archived","details":["Warn: Repository is archived."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/CI.yml:1","Warn: no topLevel permission defined: .github/workflows/auto-update-go-utils.yml:1","Warn: no topLevel permission defined: .github/workflows/auto-update-keptn-spec.yml:1","Warn: no topLevel permission defined: .github/workflows/build-cli.yml:1","Warn: no topLevel permission defined: .github/workflows/build-helm-charts.yml:1","Warn: no topLevel permission defined: .github/workflows/check-docker-image-digests.yml:1","Warn: no topLevel permission defined: .github/workflows/dependencies-and-licenses.yml:1","Warn: no topLevel permission defined: .github/workflows/deprecated-version-check.yml:1","Warn: no topLevel permission defined: .github/workflows/detect_stale_images.yml:1","Warn: no topLevel permission defined: .github/workflows/integration_tests.yml:1","Warn: no topLevel permission defined: .github/workflows/mongodb-version-check.yml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Warn: no topLevel permission defined: .github/workflows/reviewdog.yml:1","Warn: no topLevel permission defined: .github/workflows/security-scans.yml:1","Warn: no topLevel permission defined: .github/workflows/send-event-on-release-push.yml:1","Warn: no topLevel permission defined: .github/workflows/shellcheck.yml:1","Warn: no topLevel permission defined: .github/workflows/test-and-build-docker-images.yml:1","Warn: no topLevel permission defined: .github/workflows/validate-helm-docs.yml:1","Warn: no topLevel permission defined: .github/workflows/validate-semantic-pr.yml:1","Warn: no topLevel permission defined: .github/workflows/zero-downtime-tests.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/keptn/.github/SECURITY.md:1","Info: Found linked content: github.com/keptn/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/keptn/.github/SECURITY.md:1","Info: Found text in security policy: github.com/keptn/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact 1.4.5 not signed: https://api.github.com/repos/keptn/keptn/releases/134761294","Warn: release artifact 1.4.4 not signed: https://api.github.com/repos/keptn/keptn/releases/131331291","Warn: release artifact 1.4.3 not signed: https://api.github.com/repos/keptn/keptn/releases/123617345","Warn: release artifact 1.4.2 not signed: https://api.github.com/repos/keptn/keptn/releases/118915701","Warn: release artifact 1.4.1 not signed: https://api.github.com/repos/keptn/keptn/releases/114632956","Warn: release artifact 1.4.5 does not have provenance: https://api.github.com/repos/keptn/keptn/releases/134761294","Warn: release artifact 1.4.4 does not have provenance: https://api.github.com/repos/keptn/keptn/releases/131331291","Warn: release artifact 1.4.3 does not have provenance: https://api.github.com/repos/keptn/keptn/releases/123617345","Warn: release artifact 1.4.2 does not have provenance: https://api.github.com/repos/keptn/keptn/releases/118915701","Warn: release artifact 1.4.1 does not have provenance: https://api.github.com/repos/keptn/keptn/releases/114632956"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":1,"reason":"dependency not pinned by hash detected -- score normalized to 1","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/CI.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/CI.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/CI.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:228: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/CI.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:294: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/CI.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:311: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/CI.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:317: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/CI.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-update-go-utils.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/auto-update-go-utils.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-update-go-utils.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/auto-update-go-utils.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-update-go-utils.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/auto-update-go-utils.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-update-keptn-spec.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/auto-update-keptn-spec.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-update-keptn-spec.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/auto-update-keptn-spec.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-cli.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/build-cli.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-cli.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/build-cli.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-cli.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/build-cli.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-cli.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/build-cli.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-helm-charts.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/build-helm-charts.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-helm-charts.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/build-helm-charts.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-docker-image-digests.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/check-docker-image-digests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependencies-and-licenses.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/dependencies-and-licenses.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependencies-and-licenses.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/dependencies-and-licenses.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependencies-and-licenses.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/dependencies-and-licenses.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependencies-and-licenses.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/dependencies-and-licenses.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependencies-and-licenses.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/dependencies-and-licenses.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deprecated-version-check.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/deprecated-version-check.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect_stale_images.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/detect_stale_images.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:168: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:181: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:250: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:258: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:592: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:599: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:617: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:620: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:626: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:632: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:713: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:720: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:726: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:738: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/integration_tests.yml:803: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/integration_tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/mongodb-version-check.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/mongodb-version-check.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/mongodb-version-check.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/mongodb-version-check.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:224: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:231: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:239: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:252: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:315: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:322: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/reviewdog.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/reviewdog.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/reviewdog.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/reviewdog.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/reviewdog.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/reviewdog.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-scans.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/security-scans.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-scans.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/security-scans.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-scans.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/security-scans.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-scans.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/security-scans.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-scans.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/security-scans.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/security-scans.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/security-scans.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-scans.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/security-scans.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-scans.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/security-scans.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-scans.yml:146: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/security-scans.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/security-scans.yml:180: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/security-scans.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/send-event-on-release-push.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/send-event-on-release-push.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/send-event-on-release-push.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/send-event-on-release-push.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/shellcheck.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/shellcheck.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/shellcheck.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/shellcheck.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-build-docker-images.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/test-and-build-docker-images.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-build-docker-images.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/test-and-build-docker-images.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-build-docker-images.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/test-and-build-docker-images.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-build-docker-images.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/test-and-build-docker-images.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-build-docker-images.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/test-and-build-docker-images.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-build-docker-images.yml:163: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/test-and-build-docker-images.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-build-docker-images.yml:173: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/test-and-build-docker-images.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-build-docker-images.yml:178: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/test-and-build-docker-images.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-build-docker-images.yml:182: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/test-and-build-docker-images.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-build-docker-images.yml:193: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/test-and-build-docker-images.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-build-docker-images.yml:203: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/test-and-build-docker-images.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-build-docker-images.yml:227: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/test-and-build-docker-images.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate-helm-docs.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/validate-helm-docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate-helm-docs.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/validate-helm-docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/zero-downtime-tests.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/zero-downtime-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/zero-downtime-tests.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/zero-downtime-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/zero-downtime-tests.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/zero-downtime-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/zero-downtime-tests.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/zero-downtime-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/zero-downtime-tests.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/zero-downtime-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/zero-downtime-tests.yml:196: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/zero-downtime-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/zero-downtime-tests.yml:204: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/zero-downtime-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/zero-downtime-tests.yml:271: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/zero-downtime-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/zero-downtime-tests.yml:332: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/zero-downtime-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/zero-downtime-tests.yml:449: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/zero-downtime-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/zero-downtime-tests.yml:456: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/zero-downtime-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/zero-downtime-tests.yml:464: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/zero-downtime-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/zero-downtime-tests.yml:473: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/zero-downtime-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/zero-downtime-tests.yml:518: update your workflow using https://app.stepsecurity.io/secureworkflow/keptn/keptn/zero-downtime-tests.yml/master?enable=pin","Warn: containerImage not pinned by hash: api/Dockerfile:3","Warn: containerImage not pinned by hash: api/Dockerfile:36","Warn: containerImage not pinned by hash: approval-service/Dockerfile:3","Warn: containerImage not pinned by hash: approval-service/Dockerfile:32","Warn: containerImage not pinned by hash: bridge/Dockerfile:1","Warn: containerImage not pinned by hash: bridge/Dockerfile:13","Warn: containerImage not pinned by hash: bridge/Dockerfile:29","Warn: containerImage not pinned by hash: cli/Dockerfile:3","Warn: containerImage not pinned by hash: cli/Dockerfile:34","Warn: containerImage not pinned by hash: distributor/Dockerfile:3","Warn: containerImage not pinned by hash: distributor/Dockerfile:32","Warn: containerImage not pinned by hash: lighthouse-service/Dockerfile:3","Warn: containerImage not pinned by hash: lighthouse-service/Dockerfile:33","Warn: containerImage not pinned by hash: mongodb-datastore/Dockerfile:3","Warn: containerImage not pinned by hash: mongodb-datastore/Dockerfile:35","Warn: containerImage not pinned by hash: remediation-service/Dockerfile:3","Warn: containerImage not pinned by hash: remediation-service/Dockerfile:32","Warn: containerImage not pinned by hash: resource-service/Dockerfile:3","Warn: containerImage not pinned by hash: resource-service/Dockerfile:49","Warn: containerImage not pinned by hash: secret-service/Dockerfile:3","Warn: containerImage not pinned by hash: secret-service/Dockerfile:47","Warn: containerImage not pinned by hash: shipyard-controller/Dockerfile:3","Warn: containerImage not pinned by hash: shipyard-controller/Dockerfile:47","Warn: containerImage not pinned by hash: statistics-service/Dockerfile:3","Warn: containerImage not pinned by hash: statistics-service/Dockerfile:47","Warn: containerImage not pinned by hash: webhook-service/Dockerfile:4","Warn: containerImage not pinned by hash: webhook-service/Dockerfile:34","Warn: npmCommand not pinned by hash: gh-actions-scripts/generate-helm-docs.sh:17","Warn: downloadThenRun not pinned by hash: test/utils/download_and_install_k3d.sh:6","Warn: goCommand not pinned by hash: .github/workflows/dependencies-and-licenses.yml:30","Warn: npmCommand not pinned by hash: .github/workflows/integration_tests.yml:624","Warn: downloadThenRun not pinned by hash: .github/workflows/reviewdog.yml:18","Warn: goCommand not pinned by hash: .github/workflows/security-scans.yml:150","Warn: downloadThenRun not pinned by hash: .github/workflows/security-scans.yml:114","Warn: npmCommand not pinned by hash: .github/workflows/validate-helm-docs.yml:28","Info:   0 out of  64 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of  38 third-party GitHubAction dependencies pinned","Info:   0 out of  27 containerImage dependencies pinned","Info:  11 out of  13 goCommand dependencies pinned","Info:   2 out of   5 npmCommand dependencies pinned","Info:   0 out of   3 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"79 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2024-2618 / GHSA-5pf6-2qwx-pxm2","Warn: Project is vulnerable to: GO-2025-3600 / GHSA-fhg8-qxh5-7q3w","Warn: Project is vulnerable to: GO-2024-3321 / GHSA-v778-237x-gjrc","Warn: Project is vulnerable to: GO-2025-3487 / GHSA-hcg3-q754-cr77","Warn: Project is vulnerable to: GO-2024-2687 / GHSA-4v7x-pqxf-cx7m","Warn: Project is vulnerable to: GO-2024-3333","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw","Warn: Project is vulnerable to: GO-2025-3488 / GHSA-6v2p-p543-phr9","Warn: Project is vulnerable to: GO-2024-2611 / GHSA-8r3f-844c-mc37","Warn: Project is vulnerable to: GO-2023-2402 / GHSA-45x7-px36-x8w8","Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx","Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x","Warn: Project is vulnerable to: GHSA-h452-7996-h45h","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc","Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx","Warn: Project is vulnerable to: GHSA-x3cc-x39p-42qx","Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc","Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-75v8-2h7p-7m2m","Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22","Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp","Warn: Project is vulnerable to: GHSA-hhhv-q57g-882q","Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-vxvm-qww3-2fh7","Warn: Project is vulnerable to: GHSA-76c9-3jph-rj3q","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg","Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p","Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6","Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw","Warn: Project is vulnerable to: GHSA-xwcq-pm8m-c4vf","Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6","Warn: Project is vulnerable to: GHSA-434g-2637-qmqr","Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m","Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw","Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p","Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747","Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh","Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h","Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99","Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j","Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6","Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59","Warn: Project is vulnerable to: GHSA-wgrm-67xf-hhpq","Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j","Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5","Warn: Project is vulnerable to: GHSA-w5hq-hm5m-4548","Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36","Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3","Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j","Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986","Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6","Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v","Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h","Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q","Warn: Project is vulnerable to: GO-2024-2456 / GHSA-449p-3h89-pw88","Warn: Project is vulnerable to: GO-2024-2466 / GHSA-mw99-9chc-xw7r","Warn: Project is vulnerable to: GO-2025-3367 / GHSA-r9px-m959-cxf4","Warn: Project is vulnerable to: GO-2025-3368 / GHSA-v725-9546-7q7m","Warn: Project is vulnerable to: GO-2025-3605 / GHSA-7vpp-9cxj-q8gv","Warn: Project is vulnerable to: GO-2024-2698 / GHSA-rhh4-rh7c-7r5v","Warn: Project is vulnerable to: GO-2024-3098 / GHSA-cj55-gc7m-wvcq"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-20T12:19:55.371Z","repository_id":37390535,"created_at":"2025-08-20T12:19:55.371Z","updated_at":"2025-08-20T12:19:55.371Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28419234,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T10:47:48.104Z","status":"ssl_error","status_checked_at":"2026-01-14T10:46:19.031Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cncf","continuous-delivery","control-plane","data-driven","event-based","hacktoberfest","keptn","kubernetes","operations","orchestration"],"created_at":"2024-07-31T11:00:39.976Z","updated_at":"2026-01-14T11:38:43.378Z","avatar_url":"https://github.com/keptn.png","language":"Go","funding_links":[],"categories":["Go","kubernetes","Continuous Delivery \u0026 GitOps","3）参考实现与开源工具（GitHub）","Configuration Management","TypeScript","hacktoberfest","Workflows"],"sub_categories":["Harness / 平台工程"],"readme":"![keptn](./assets/keptn.png)\n\n# Keptn\n## Keptn V1 has reached end of life on December 22nd, 2023 and has been [replaced](https://github.com/keptn/lifecycle-toolkit).\n\n![GitHub release (latest by date)](https://img.shields.io/github/v/release/keptn/keptn)\n![GitHub Downloads](https://img.shields.io/github/downloads/keptn/keptn/total?logo=github\u0026logoColor=white)\n![CI](https://github.com/keptn/keptn/workflows/CI/badge.svg?branch=master)\n[![codecov](https://codecov.io/gh/keptn/keptn/branch/master/graph/badge.svg)](https://codecov.io/gh/keptn/keptn)\n[![Go Report Card](https://goreportcard.com/badge/github.com/keptn/keptn)](https://goreportcard.com/report/github.com/keptn/keptn)\n[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/3588/badge)](https://bestpractices.coreinfrastructure.org/projects/3588)\n\n\n\nKeptn is an event-based control plane for continuous delivery and automated operations for cloud-native applications. \nPlease find the documentation on our [website](https://keptn.sh/), and read the motivation about Keptn on our \n[Why Keptn?](https://keptn.sh/why-keptn/) page.\n\nIn addition, you can find the roadmap of the Keptn project [here](https://github.com/orgs/keptn/projects/10). It provides \nan overview of user stories that are currently in the focus of development for the next release.\n\n## Keptn Today! Keptn Lifecycle Toolkit Tomorrow!\n\n### Keptn: Moving towards our 1.0 milestone!\n\n3 years of hard work will soon reach a long awaited milestone: [Keptn 1.0 with LTS (Long Time Support)](https://docs.google.com/document/d/1RdFegnZrxjWxJAem9auaeVQ5_mKl5wFlwd6MgF1ot0s/edit#heading=h.qoctq8iujkhs) brings you automated release validation based on SLOs that you can easily integrate into your existing DevOps Tools (deployment, test and observability).\n\nIf you want to explore Keptn then keep scrolling down to get all information!\n\n### Keptn Lifecycle Toolkit: The kuber-native road ahead!\n\nAt KubeCon 2022 in Detroit we announced the direction we are heading: Keptn Lifecycle Toolkit!\nKeptn Lifecycle Toolkit brings application-aware deployment lifecycle management to your k8s cluster: \n* kubernetes-native: no external dependencies, everything in your CRDs and \n* pipeline-less: works with any delivery tool (ArgoCD, Flux, Jenkins, GitHub, GitLab, Harness ...) without having to integrate it with Keptn\n\nTo decide whether you want to stick with Keptn 1.0 or focus on Keptn Lifecycle Toolkit do this:\n1. Watch our [Keptn Lifecycle Toolkit in a Nutshell](https://www.youtube.com/watch?v=K-cvnZ8EtGc) video including live demo\n2. Try Keptn Lifecycle Toolkit yourself: [GitHub Repo](https://github.com/keptn/lifecycle-toolkit/)\n\n## Quickstart\n\nKeptn runs on Kubernetes. To get started, you can follow our [Quickstart guide](https://keptn.sh/docs/quickstart).\n\n### Developing Keptn\n\nThe easiest way to develop is to spin up a Kubernetes cluster locally by using [K3d](https://k3d.io) (requires `docker`) via the following commands:\n\n```console\ncurl -s https://raw.githubusercontent.com/rancher/k3d/main/install.sh | TAG=v5.3.0 bash\nk3d cluster create mykeptn -p \"8082:80@loadbalancer\" --k3s-arg \"--no-deploy=traefik@server:*\"\n```\n\nAfterwards, install Keptn CLI:\n```console\ncurl -sL https://get.keptn.sh | bash\n```\n\nAnd install Keptn using Helm:\n```console\nhelm repo add keptn https://charts.keptn.sh \u0026\u0026 helm repo update\nhelm install keptn keptn/keptn \\\n-n keptn --create-namespace \\\n--wait \\\n--set=apiGatewayNginx.type=LoadBalancer\n```\n\nIn case you want to install `helm-service` and `jmeter-service`, execute:\n\n```console\nhelm install jmeter-service keptn/jmeter-service -n keptn\nhelm install helm-service keptn/helm-service -n keptn\n```\n\nPlease follow the instructions printed by the CLI to connect to your Keptn installation.\n\n### Installing Keptn from Master branch\n\nNote: This will install a potentially unstable version of Keptn.\n\nIf you want to install the latest master version of Keptn onto your cluster you can do that by using the development helm charts repository located at https://charts-dev.keptn.sh .\nBy default, the global registry used is ´ghcr.io/keptn´, so you will need to override it.\n\n```console\nhelm repo add keptn-dev https://charts-dev.keptn.sh    # Add the keptn-dev helm repo\nhelm repo update                                       # Update all repo contents\nhelm search repo keptn-dev --devel --versions          # List all versions present in the keptn-dev repo\n\n# Select a chart version from the previous command that you want to install\n\nhelm install -n keptn-dev keptn keptn-dev/keptn --set=global.keptn.registry=ghcr.io/keptn --create-namespace --version \"\u003cthe-version-you-selected-previously\u003e\"\n```\n\nYou can find more information in our [docs](docs/).\n\n## Community\n\nPlease find details on regular hosted community events as well as our Slack workspace in the \n[keptn/community repo](https://github.com/keptn/community).\n\n## Keptn Versions compatibilities\n\nWe manage the Keptn *core components* in versions.\nThe versions of the Keptn *core components* and the services are compatible with each other. However, contributed services\nas well as services that are not considered *core components* might not follow the same versioning schema.\n\nWe are tracking compatibility of those services [on our website](https://keptn.sh/docs/integrations/).\n\n## Container Images\n\nKeptn provides container images of all *core components*.\nThe respective images in their versions are stored on the following container registries:\n\n* [GitHub Container Registry](https://github.com/orgs/keptn/packages?repo_name=keptn)\n* [Quay.io Container Registry](https://quay.io/organization/keptn)\n\nFrom version 0.19.0, all released container images are signed using [cosign](https://github.com/sigstore/cosign)\nwith a keyless signing mechanism.\nThat means that Keptn uses short-lived code signing certificates and keys together with OIDC and a transparency log\nto sign all its container images.\nMore info on keyless signed container images can be found [here](https://github.com/sigstore/cosign/blob/main/KEYLESS.md).\n\n\n## Helm Chart\n\nKeptn provides Helm charts for easy installation of all control plane components.\nFrom version 0.19.0, the charts are signed and can be verified with the public key that can be found in [assets/pubring.gpg](assets/pubring.gpg)\nand attached to every release.\nMore info on signed Helm charts can be found [here](https://helm.sh/docs/topics/provenance/).\n\n## Contributions\n\nYou are welcome to contribute using Pull Requests to the respective repositories. Before contributing, please read our [Contributing Guidelines](CONTRIBUTING.md) and our [Code of Conduct](CODE_OF_CONDUCT.md).\nPlease also check out our list of [good first issues](https://github.com/keptn/keptn/issues?q=is%3Aopen+is%3Aissue+label%3A%22good+first+issue%22).\n\n## License\n\nKeptn is an Open Source Project. Please see [LICENSE](LICENSE) for more information.\n\n## Adopters\n\nFor a list of users, please refer to [ADOPTERS.md](https://github.com/keptn/community/blob/main/ADOPTERS).\n\n## Further information\n\n* The [Keptn`s website](https://keptn.sh) has the documentation of Keptn and its use cases.\n* Please join the [Keptn community](https://keptn.sh/community/).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkeptn%2Fkeptn","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkeptn%2Fkeptn","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkeptn%2Fkeptn/lists"}