Fast & Secure: Package, Sign, Verify, and Deploy - Koray Oksay and Batuhan Apaydin

Описание к видео Fast & Secure: Package, Sign, Verify, and Deploy - Koray Oksay and Batuhan Apaydin

Supply chain security is crucial for the platform engineering teams. In addition to security concerns, they need to provide seamless and efficient tools for their clients.

This session delves into the intersection of supply chain security and platform engineering by exploring GitOps, Sigstore, and OCI artifacts and registries. Attendees will learn how easy it is to store helm releases in an OCI registry, secure them with Cosign, and verify the signature with Flux with a well-designed demo.

Helm supports OCI registries since version 3.8.0. Flux can verify packages signed with Cosign. We will demonstrate using all these features with the Zot registry and showcase supply chain security.

About the speaker:
Koray Oksay works at Kubermatic as a Kubernetes Consultant and Trainer to help companies with their cloud-native journey. Before that, he worked for startup and enterprise companies in the advertising, banking, and telecom industries as SysAdmin, Application Admin, DevOps Engineer, and SRE for more than 20 years.

Комментарии

Информация по комментариям в разработке