Kettle: Attested builds for verifiable software provenance
Summary
Kettle proposes an attested-build framework to provide verifiable software provenance across the supply chain. It outlines how build attestations can be created, verified, and integrated with standard CI/CD workflows to improve trust in deployed artifacts.