Skip to content
This repository was archived by the owner on Nov 5, 2024. It is now read-only.

Commit 11e60dd

Browse files
gtrivedi88gtrivedi88
authored
Update proc_managing-compliance-with-the-enterprise-contract.adoc
1 parent ae2ac4d commit 11e60dd

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

docs/modules/ROOT/pages/how-to-guides/proc_managing-compliance-with-the-enterprise-contract.adoc

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55

66
The Enterprise Contract (EC) is an artifact verifier and customizable policy checker. You can use Enterprise Contract to keep your software supply chain secure and ensure container images comply with your organization's policies. It does this by verifying the security and provenance of builds created through {ProductName}.
77

8-
{ProductName}'s build process uses the Tekton Chains to generate a signed in-toto attestation of the build pipeline. The Enterprise Contract then uses this attestation to verify the build's integrity and compliance with a set of policies. These policies include best practices and any organization-specific requirements.
8+
{ProductName}'s build process uses the Tekton Chains to produce a signed in-toto attestation of the build pipeline. The Enterprise Contract then uses this attestation to verify the build's integrity and compliance with a set of policies. These policies include best practices and any organization-specific requirements.
99

1010
.Prerequisites
1111

@@ -34,7 +34,7 @@ The Enterprise Contract (EC) is an artifact verifier and customizable policy che
3434

3535
[role="_additional-resources"]
3636
.Additional resources
37-
* To produce a signed link:https://in-toto.io/in-toto/[in-toto] attestation of the build pipeline, {ProductName}'s build process uses link:https://tekton.dev/docs/chains/[Tekton Chains].
37+
* To produce a signed link:https://in-toto.io/in-toto/[in-toto] attestation of the build pipeline, go to link:https://tekton.dev/docs/chains/[Tekton Chains].
3838
* For information on the source code for the Tekton pipelines defined in the bundle, see the link:https://github.com/redhat-appstudio/build-definitions/blob/main/pipelines/enterprise-contract.yaml[build-definitions] and
3939
link:https://github.com/enterprise-contract/ec-cli/blob/main/tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml[ec-cli] repositories.
4040
* To use a specific version of the pipeline bundle instead of the devel tag, you can select one of the link:https://quay.io/repository/redhat-appstudio-tekton-catalog/pipeline-enterprise-contract?tab=tags[pinned tags].

0 commit comments

Comments
 (0)