YoVDO

Building Secure & Auditable Container Images Using Chainguard's Tooling - Melange, Apko & Wolfi

Offered By: GOTO Conferences via YouTube

Tags

GOTO Conferences Courses DevOps Courses Software Engineering Courses Certificate Management Courses Software Bill of Materials (SBOM) Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore secure container image building using Chainguard's tooling in this conference talk from GOTO Amsterdam 2023. Dive into the world of minimal container images with known, auditable contents as Matt Turner, DevOps Leader and Software Engineer at Tetrate, demonstrates how to take control of supply-chain security. Learn about multi-stage builds, scratch and distroless base images, and discover how Chainguard's tools elevate image creation to the next level. Follow along with practical demonstrations on creating small, minimal images with complete SBOMs, publishing images, and submitting build attestations to immutable public audit logs. Gain insights into managing ca-certs in container images, keeping them up-to-date, and avoiding potentially problematic certificates. The talk covers container image basics, building techniques, Apko for custom distroless images, and includes a hands-on demo, providing a comprehensive overview of secure container image development.

Syllabus

Intro
Container images
How do you build container images?
Apko - Custom distroless
Demo
Outro


Taught by

GOTO Conferences

Related Courses

From SBOM to Trusted Software Supply Chain - How Far Are We?
Association for Computing Machinery (ACM) via YouTube Transparency in the Software Supply Chain - Making SBOM a Reality
Black Hat via YouTube SBOM is Here - Making Progress - Not Excuses
BSidesLV via YouTube How Software Transparency Can Help Save the World
Security BSides San Francisco via YouTube DBOM and SBOM - New Options for Better Supply Chain Cybersecurity
RSA Conference via YouTube