Enterprise Contract CLI

The EC CLI is used to evaluate Enterprise Contract policies for Software Supply Chain. Various sub-commands can be used to assert facts about an artifact such as:

  • Validating container image signature

  • Validating container image provenance

  • Evaluating Enterprise Contract policies over the container image provenance

This documentation includes EC Command Line reference documentation, and documentation on the Verify Enterprise Contract Task used to run the EC in a Tekton pipeline.