Building Secure & Auditable Container Images Using Chainguard's Tooling - Melange, Apko & Wolfi

Explore secure container image building using Chainguard's tooling in this conference talk from GOTO Amsterdam 2023. Dive into the world of minimal container images with known, auditable contents as Matt Turner, DevOps Leader and Software Engineer at Tetrate, demonstrates how to take control of supply-chain security. Learn about multi-stage builds, scratch and distroless base images, and discover how Chainguard's tools elevate image creation to the next level. Follow along with practical demonstrations on creating small, minimal images with complete SBOMs, publishing images, and submitting build attestations to immutable public audit logs. Gain insights into managing ca-certs in container images, keeping them up-to-date, and avoiding potentially problematic certificates. The talk covers container image basics, building techniques, Apko for custom distroless images, and includes a hands-on demo, providing a comprehensive overview of secure container image development.

Intro
Container images
How do you build container images?
Apko - Custom distroless
Demo
Outro