Open Component Model (OCM)

The Open Component Model is a Software Bill of Delivery (SBoD) for packaging, signing, transporting and deploying your artifacts – preserving end-to-end security, integrity and provenance.

How OCM Works

📝 Describe

Define components in code with powerful lifecycle metadata.

🔐 Sign

Add cryptographic signatures. End-to-end trust from source to deployment.

🚚 Transport

Works across boundaries — public cloud, on-prem, air-gapped. Tamper-proof.

🚀 Deploy

Automate Deployments with OCM Controllers and Flux. Seamless GitOps.

Why Choose OCM?

🧩 One Model for All Artifacts

A unified, machine-readable format for everything you deliver.

🔒 Security & Integrity

Component-level signatures that verify everything. Ironclad provenance at every step.

🌍 Universal Delivery

Deploy anywhere: public, on-prem, air-gapped. Cross-boundary transfers without compromise.

🔎 End-to-End Traceability

OCM Coordinates connect all lifecycle phases. One global view for visibility from build to deployment.

⚙️ GitOps-Ready Automation

Integrate your pipelines through OCM tooling. Zero custom code needed — just plug and play.