Configuration as Code: Managing Hundreds of GitHub Organizations for Supply Chain Security

Discover how to effectively manage and secure hundreds of GitHub organizations in this 37-minute conference talk by Mikaël Barbero from the Eclipse Foundation. Learn about the challenges faced when dealing with numerous repositories and how the OpenSSF Alpha-Omega initiative sparked a journey to improve software supply chain security. Explore the implementation of a "configuration as code" solution that automates tasks, reduces security vulnerabilities, and increases project trust. Gain insights into tools and techniques for maintaining consistent and secure configurations across multiple GitHub organizations, and understand how to adapt these methods for your own projects. Uncover the benefits of using a familiar pull-request process for making configuration changes and increasing visibility into security settings.

Configuration as a Code: Managing Hundreds of GitHub Organizations to Streamline... - Mikaël Barbero