Management of CNF Vendor Artifacts (registrieS, Helm chart)

Deploying CNF in GitOps requires artifacts (Helm Charts, docker images, documentation,..) Currently there is no standard procedure to retrieve these artifacts and some charts require adaptations. Artifacts may be (too) big, include vulnerabilities, not properly packaged. Security would require signature mechanism to ensure that what you are going to use is what you think.

The goal is to share on the best practices on this topic