GitHub

Using GitHub container registry as a policy registry
Securing your policy workflow
GitHub is where the world builds software. The popular platform offers GitHub Packages (GHCR), which allows developers to host and maintain code packages and containers.
Aserto expresses policies as code wrapped in OCI containers. As a result, developers can build, tag, sign, push, and pull authorization policies like Docker containers.
Aserto natively supports the GitHub container registry as the artifact repository for authorization policies built into OCI images. You can use the Policy CLI to build policies and then push them to your GitHub container registry organization. You can also create policy instances in Aserto from policy images stored in the GitHub container registry.
Benefits of using the Policy CLI with GitHub

Easily pull public policy images for sharing/reuse. Keep policy images secure by signing and versioning with Cosign. Then secure, automate, test, and manage your policy development pipeline with the GitHub container registry.
What is Aserto?
Aserto helps developers build secure applications. We make it easy to add fine-grained, policy-based, real-time access control to cloud applications and APIs. Built around established cloud-native, open-source technologies, like OPA and Zanzibar, Aserto handles all the heavy lifting required to achieve secure, scalable, high-performance access management.
Aserto authorizes locally and manages centrally, offering blazing-fast authorization of a local library, coupled with a centralized control plane for managing policies, user attributes, resource and relationship data, and decision logs. And it comes with everything you need to deliver fine-grained RBAC, ABAC, or ReBAC, as well as comprehensive developer resources for any language or framework - saving you months of engineering time.
Resources
