Cilock is a pipeline observer and evidence collector for the entire software development lifecycle. It wraps any command — a build, a test, a scan, a deploy, a compliance check — and records cryptographically signed evidence of what executed, on what inputs, in what environment, and what it produced.
Docs: https://cilock.aflock.ai
Cilock is built from the rookery attestation monorepo. The CLI's main.go lives at rookery/cilock/cmd/cilock/main.go. Each attestor and signer is a separate Go module under rookery/plugins/, so consumers depend only on what they use.
Release binaries and installation scripts are published from this repository.
- aflock-ai/rookery — the modular monorepo cilock is built from. The rookery builder produces custom binaries with selected attestor and signer sets.
- aflock-ai/cilock-action — Go-based CI integration for GitHub Actions and GitLab CI.
- aflock-ai/cilock-trivy-detection-test — real-attack detection demonstration repo using the 2026 Trivy / LiteLLM playbook.
- aflock-ai/cilock-docs — source for the docs site at cilock.aflock.ai.
- in-toto/witness — the CNCF in-toto witness project. Cilock is bidirectionally interoperable with witness.
- in-toto/archivista — the default evidence store cilock writes to.
Apache 2.0 — see LICENSE in the rookery monorepo.