Building Secure & Auditable Container Images Using Chainguard's Tooling - Melange, Apko & Wolfi
Offered By: GOTO Conferences via YouTube
Course Description
Overview
Explore secure container image building using Chainguard's tooling in this conference talk from GOTO Amsterdam 2023. Dive into the world of minimal container images with known, auditable contents as Matt Turner, DevOps Leader and Software Engineer at Tetrate, demonstrates how to take control of supply-chain security. Learn about multi-stage builds, scratch and distroless base images, and discover how Chainguard's tools elevate image creation to the next level. Follow along with practical demonstrations on creating small, minimal images with complete SBOMs, publishing images, and submitting build attestations to immutable public audit logs. Gain insights into managing ca-certs in container images, keeping them up-to-date, and avoiding potentially problematic certificates. The talk covers container image basics, building techniques, Apko for custom distroless images, and includes a hands-on demo, providing a comprehensive overview of secure container image development.
Syllabus
Intro
Container images
How do you build container images?
Apko - Custom distroless
Demo
Outro
Taught by
GOTO Conferences
Related Courses
Designing for Advanced Security within AWSPluralsight Exchange 2016: Client Access Services
LinkedIn Learning VMware vSphere: Configure and Administer Security
LinkedIn Learning Microsoft DevOps Solutions: Designing a Sensitive Information Strategy
Pluralsight Palo Alto Networks Network Security Fundamentals
Palo Alto Networks via Coursera