Get Started
Start with the repo. The docs and published evidence should tell you whether the baseline is worth evaluating further.
Run Rathsted Foundations from the public repo and decide whether the control model fits your environment.
You can evaluate from macOS, Windows/WSL, or Linux. Target installs run on supported Linux hosts.
Try It Yourself
If you have someone technical on the team, they can evaluate the baseline in a short technical session:
Requirements: a Linux host (primary support: Ubuntu 22.04/24.04; validated compatibility: Debian 12, Rocky Linux 9, and Ubuntu 24.04 CIS; compatible family guidance: RHEL 9 and AlmaLinux 9) with 2+ CPU, 4 GB RAM (8 GB recommended), 20 GB disk, root access, and curl, git, make, python3 installed. Docker is needed only for the optional image signing workflow.
git clone https://github.com/rathsted/rathsted-foundations
cd rathsted-foundations
./bootstrap/install.sh
./bootstrap/verify.shTo use your own images and registries, run make configure before install to set your registry, image scope, and signing key. The default configuration only covers Rathsted's own images.
Repository: github.com/rathsted/rathsted-foundations - full source, docs, and verification workflow. Product questions belong in GitHub Issues.
The initial install requires outbound internet access to download k3s, Flux, Kyverno, and signing tools. Restricted environments can use the documented air-gapped installation path.
Self-Serve and Guided Paths
Decide first whether the baseline fits the environment. Installability, verification output, and documentation should answer most early questions.
| Self-Serve (Free) | With help | |
|---|---|---|
| Install and verify | You run it | We review your evaluation or guide a pilot with your team |
| Policy configuration | Generic defaults | Tuned for your operating and regulatory context |
| Reviewable evidence | Generic templates | Formatted for your auditor |
| Jurisdiction mapping | Template only | Filled in for your region and delivery model |
| Upgrades | You manage | We review the plan, advise on rollout, and verify outcomes with your team |
If the baseline is not a fit, that answer still saves time.
Next Steps
- Prepare: Confirm scope, supported platform, and who needs to sign off internally.
- Install: Run the baseline install in a test environment.
- Verify: Execute verification checks and review evidence output.
- Harden: Set policy strictness and rollout model for your environment before production use.