Trust signal
This add-on ships as a signed OCI artifact. Each per-architecture bundle is signed with ed25519 against the ServiceRadar agent release trust root and verified by the agent before activation.
Signed OCI bundle
Pull the signed bundle from the ServiceRadar registry, then assign it to an agent from the control plane.
oras pull registry.carverauto.dev/serviceradar/serviceradar-addon-scalibr-endpoint-inventory:v1.3.6
Bundle digest: sha256:cb21c18834171af9df9af9c95be71fb07315b856d01b6e169346891b5194e34f
Signed artifacts
| Platform | Signature |
|---|---|
| linux/amd64 | Signed |
| linux/arm64 | Signed |
Capabilities
endpoint-inventory
software-sbom
scanner:v1
Platforms
linux