https://www.docker.com/blog/mergediff-building-dags-more-efficiently-and-elegantly/ - the innards of how #Docker #BuildKit resolves dependencies between build stages. Great post Erik Sipsma.
I was so excited (still I'm) about the v0.11 release of the @Docker #BuildKit ✨With that release, creating an #SBOM and #SLSA provenance for your builds has been never been easy!
I'm so glad to see that @openpolicyagent #Gatekeeper project uses these🥳✨
https://github.com/open-policy-agent/gatekeeper/blob/2835519d21bc1011483b015886e6a8d12c32f51f/Makefile#L105
#buildkit #SBOM #SLSA #gatekeeper
J'ai appris un truc aujourd'hui :
🐳 "Multi-platform images" https://docs.docker.com/build/building/multi-platform/
📦 https://github.com/docker/buildx#buildx
(et tout ça grâce à une version de java qui publie des DebianRevisionNumber différents pour chaque architecture, miam).
#buildkit #buildx #devops #docker
🎊I'm super glad to see lots of great content related to software supply chain security on @Docker official website based on the recent development effort in #BuildKit v0.11 🥳
🔖 Build Attestations
📄 SBOM
🧾 #Provenance
💃 #SLSA
and many more 👇
https://docs.docker.com/build/attestations/
TLDR;
🕺🏻#Docker #Scout was introduced in v4.17 and it continues to improve:
• includes a vulnerability quick-view
•recommendations directly on the command line
•improved remediation guidance with #BuildKit #SBOM utilization
📦🔎Container File Explorer is now GA!
There is more 👇
https://www.docker.com/blog/docker-desktop-4-18/
#docker #scout #buildkit #SBOM
🚨⚠️The @Docker #BuildKit project provides build information as a metadata file when building images which allows you to find digest information of the image you are pushing, which protects you from relying on the registry which can be man-in-the-middled☝️
https://www.docker.com/blog/capturing-build-information-buildkit/
3️⃣ But if you are only interested in learning more about the supply chain security features included in the v0.11 #BuildKit release, here is the blog post for you from one of my friends @felipecruz that explains generating #SLSA provenance and #SBOM 🌟
https://www.felipecruz.es/buildkit-supply-chain-features/ #RegistryExplorerExtensionThrad
#buildkit #SLSA #SBOM #registryexplorerextensionthrad
2️⃣ #BuildKit v0.11 released a bunch of other greatest features in addition to generating #SLSA provenance, here is the full list of the features shipped with v0.11 👇
https://www.docker.com/blog/highlights-buildkit-v0-11-release/ #RegistryExplorerExtensionThrad
#buildkit #SLSA #registryexplorerextensionthrad
🛎️🚨Registry Explorer Extension is one of the most useful and helpful #Docker extensions that lets you visualize all the parts of the @OCI_ORG image specification in a nicer way and even it allows you to see 💃#SLSA provenance information generated with the #BuildKit =v0.11 🧵☝️#RegistryExplorerExtensionThrad
#docker #SLSA #buildkit #registryexplorerextensionthrad
📢🥁Undoubtedly, #BuildKit v0.11 is one of the utmost releases in history because it includes many supply chain security features, such as generating both #SLSA provenance and software-bill-of-materials.
🚨🛎️I believe most of us have heard the news that @Docker started to generate #SBOM and #SLSA provenance during the build with the #BuildKit v0.11 but did you know how easy it is to start generating them?
🧁You just need to add two new lines to your Docker's build-and-push action!
6⃣ Since I'm one of the
@Docker
Captains, there is no doubt that I should be maintaining the #buildkit and #buildx packages. I added myself to the maintainers of these packages as well!
/cc
@amyg12345
➡️ nix-env -iA nixpkgs.(buildkit|docker-buildx)
A must read blog it is!
---
RT @developerguyba
#Buildkit and @Docker Buildx are two of my favorite projects that anyone who really knows me will know. I wrote an article about them once and published it on @kubesimplify. I got an email about this article getting a badge as "Featured on HashNode", thanks to all my supporters🎊
https://twitter.com/developerguyba/status/1635984947444961283
#Buildkit and @Docker Buildx are two of my favorite projects that anyone who really knows me will know. I wrote an article about them once and published it on @kubesimplify . I got an email about this article getting a badge as "Featured on HashNode", thanks to all my supporters🎊
@josh searching for “drone supply chain attack” gives me a bunch of very interesting results, but nothing really related to drone.io 😅
When you say you want to move away from docker, what are you optimizing for? It seems all the cool kids are already switching to #containerd and #buildkit
My newsletter is out, including the followings:
Personal Updates, OCI v1.1 (Referrers API), Docker BuildKit, Kubernetes and Cloud Security Associate (KCSA), KCD Pakistan, ko, ContainerPlumbing Day, CDF Ambassador 2023, SLSA 3 Container Generator
#oci #ko #kcdpakistan #slsa #docker #buildkit #ksca #cdfambassador #ociv111 #referrersapi #containerplumbing #supplychainsecurity #supplychainartifacts
@cra @bmitch @felipecruz @furkanturkal @ianlewis
https://developerguy.substack.com/p/personal-updates-oci-v11-referrers
#oci #ko #kcdpakistan #SLSA #docker #buildkit #ksca #cdfambassador #ociv111 #referrersapi #containerplumbing #supplychainsecurity #supplychainartifacts
📢🥁Undoubtedly, #BuildKit v0.11 is one of the utmost releases in history because it includes many supply chain security features, such as generating both #SLSA provenance and software-bill-of-materials.
Here is a quick takeaway from @felipecruz 🏃♂️💨
➡️https://www.felipecruz.es/buildkit-supply-chain-features/
And on that note I also wonder how much effort it would be to connect something like #buildkit to CAS.
RT @Docker@twitter.com
You can never attest too much, methinks, with the latest release series of #BuildKit, v0.11. Dive in to learn more about build-time attestations and #SBOMs, how to build images that contain SBOMs, and how to start analyzing the resulting data: https://dockr.ly/3DbpxzJ 🔥
🥵 What a week! There's a lot to be announced, such as @goreleaser #ko support,@chainguard_dev #SBOM quality talk, @kcdturkey , a fantastic release from #BuildKit, fixes in several repositories about @Docker @oci_org Artifacts
▶️ Working on the newsletter: https://developerguy.substack.com