Hardening the Kubernetes Software Supply Chain Through Better Transparency
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore the latest advancements in hardening the Kubernetes software supply chain through enhanced transparency in this informative conference talk. Delve into the three main areas of focus for SIG Release efforts following the refactoring of the Kubernetes release process. Learn about the inclusion of SPDX Bill of Materials in Kubernetes releases since v1.22, automatic verification of release artifact integrity and consistency, and digital signing of released artifacts with signature verification of upstream images. Gain insights into the tools created by SIG Release that can be leveraged by the community in other projects. Discover how these efforts contribute to deploying cloud native environments securely in increasingly complex software supply chains.
Syllabus
Introduction
Past Years: Foundations a New Release Process
Ownership of the Container Image Promoter
Current Efforts for 2021 and Beyond
SLSA Compliance
People+Code (We need to talk)
Closing Remarks
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube