Trust signal
This add-on ships as a signed OCI artifact. Each per-architecture bundle is signed with ed25519 against the ServiceRadar agent release trust root and verified by the agent before activation.
Signed OCI bundle
Pull the signed bundle from the ServiceRadar registry, then assign it to an agent from the control plane.
oras pull registry.carverauto.dev/serviceradar/serviceradar-addon-bumblebee-scan:v1.3.6
Bundle digest: sha256:c122e9129104746d1c7462fd9352573a8bb10bd12c92f008511714aea91e1b46
Signed artifacts
| Platform | Signature |
|---|---|
| linux/amd64 | Signed |
| linux/arm64 | Signed |
Capabilities
exposure-scan
Platforms
linux