robrich · @robrich
48 followers · 315 posts · Server hachyderm.io

docker.com/blog/mergediff-buil - the innards of how resolves dependencies between build stages. Great post Erik Sipsma.

#docker #buildkit

Last updated 1 year ago

Adam ♿ · @voltagex
407 followers · 1477 posts · Server aus.social

echo export BUILDKIT_PROGRESS=plain >> ~/.bashrc

jfc

#docker #buildkit

Last updated 1 year ago

devguy :verified: · @developerguy
354 followers · 551 posts · Server hachyderm.io

I was so excited (still I'm) about the v0.11 release of the @Docker ✨With that release, creating an and provenance for your builds has been never been easy!
I'm so glad to see that @openpolicyagent project uses these🥳✨
github.com/open-policy-agent/g

#buildkit #SBOM #SLSA #gatekeeper

Last updated 1 year ago

Arthur Lutz (Zenika) · @arthurzenika
362 followers · 528 posts · Server pouet.chapril.org

J'ai appris un truc aujourd'hui :

🐳 "Multi-platform images" docs.docker.com/build/building

📦 github.com/docker/buildx#build

(et tout ça grâce à une version de java qui publie des DebianRevisionNumber différents pour chaque architecture, miam).

#buildkit #buildx #devops #docker

Last updated 2 years ago

devguy :verified: · @developerguy
345 followers · 505 posts · Server hachyderm.io

🎊I'm super glad to see lots of great content related to software supply chain security on @Docker official website based on the recent development effort in v0.11 🥳
🔖 Build Attestations
📄 SBOM
🧾
💃
and many more 👇
docs.docker.com/build/attestat

#buildkit #provenance #SLSA

Last updated 2 years ago

devguy :verified: · @developerguy
342 followers · 499 posts · Server hachyderm.io

TLDR;
🕺🏻 was introduced in v4.17 and it continues to improve:
• includes a vulnerability quick-view
•recommendations directly on the command line
•improved remediation guidance with utilization
📦🔎Container File Explorer is now GA!

There is more 👇
docker.com/blog/docker-desktop

#docker #scout #buildkit #SBOM

Last updated 2 years ago

devguy :verified: · @developerguy
336 followers · 470 posts · Server hachyderm.io

🚨⚠️The @Docker project provides build information as a metadata file when building images which allows you to find digest information of the image you are pushing, which protects you from relying on the registry which can be man-in-the-middled☝️
docker.com/blog/capturing-buil

#buildkit

Last updated 2 years ago

devguy :verified: · @developerguy
336 followers · 466 posts · Server hachyderm.io

3️⃣ But if you are only interested in learning more about the supply chain security features included in the v0.11 release, here is the blog post for you from one of my friends @felipecruz that explains generating provenance and 🌟
felipecruz.es/buildkit-supply-

#buildkit #SLSA #SBOM #registryexplorerextensionthrad

Last updated 2 years ago

devguy :verified: · @developerguy
336 followers · 465 posts · Server hachyderm.io

2️⃣ v0.11 released a bunch of other greatest features in addition to generating provenance, here is the full list of the features shipped with v0.11 👇
docker.com/blog/highlights-bui

#buildkit #SLSA #registryexplorerextensionthrad

Last updated 2 years ago

devguy :verified: · @developerguy
336 followers · 463 posts · Server hachyderm.io

🛎️🚨Registry Explorer Extension is one of the most useful and helpful extensions that lets you visualize all the parts of the @OCI_ORG image specification in a nicer way and even it allows you to see 💃 provenance information generated with the =v0.11 🧵☝️

#docker #SLSA #buildkit #registryexplorerextensionthrad

Last updated 2 years ago

devguy :verified: · @developerguy
334 followers · 447 posts · Server hachyderm.io

📢🥁Undoubtedly, v0.11 is one of the utmost releases in history because it includes many supply chain security features, such as generating both provenance and software-bill-of-materials.

🚨🛎️I believe most of us have heard the news that @Docker started to generate and provenance during the build with the v0.11 but did you know how easy it is to start generating them?

🧁You just need to add two new lines to your Docker's build-and-push action!

#buildkit #SLSA #SBOM

Last updated 2 years ago

devguy :verified: · @developerguy
332 followers · 432 posts · Server hachyderm.io

6⃣ Since I'm one of the
@Docker
Captains, there is no doubt that I should be maintaining the and packages. I added myself to the maintainers of these packages as well!
/cc
@amyg12345

➡️ nix-env -iA nixpkgs.(buildkit|docker-buildx)

#buildkit #buildx

Last updated 2 years ago

Saiyam Pathak :sammy: · @saiyam
471 followers · 973 posts · Server cloud-native.social

A must read blog it is!
---
RT @developerguyba
and @Docker Buildx are two of my favorite projects that anyone who really knows me will know. I wrote an article about them once and published it on @kubesimplify. I got an email about this article getting a badge as "Featured on HashNode", thanks to all my supporters🎊
twitter.com/developerguyba/sta

#buildkit

Last updated 2 years ago

devguy :verified: · @developerguy
331 followers · 411 posts · Server hachyderm.io

and @Docker Buildx are two of my favorite projects that anyone who really knows me will know. I wrote an article about them once and published it on @kubesimplify . I got an email about this article getting a badge as "Featured on HashNode", thanks to all my supporters🎊

blog.kubesimplify.com/the-secr

#buildkit

Last updated 2 years ago

Anders Borch · @anders
61 followers · 375 posts · Server mastodon.cyborch.com

@josh searching for “drone supply chain attack” gives me a bunch of very interesting results, but nothing really related to drone.io 😅

When you say you want to move away from docker, what are you optimizing for? It seems all the cool kids are already switching to and

#containerd #buildkit

Last updated 2 years ago

devguy :verified: · @developerguy
326 followers · 401 posts · Server hachyderm.io

My newsletter is out, including the followings:

Personal Updates, OCI v1.1 (Referrers API), Docker BuildKit, Kubernetes and Cloud Security Associate (KCSA), KCD Pakistan, ko, ContainerPlumbing Day, CDF Ambassador 2023, SLSA 3 Container Generator

@cra @bmitch @felipecruz @furkanturkal @ianlewis

developerguy.substack.com/p/pe

#oci #ko #kcdpakistan #SLSA #docker #buildkit #ksca #cdfambassador #ociv111 #referrersapi #containerplumbing #supplychainsecurity #supplychainartifacts

Last updated 2 years ago

devguy :verified: · @developerguy
320 followers · 384 posts · Server hachyderm.io

📢🥁Undoubtedly, v0.11 is one of the utmost releases in history because it includes many supply chain security features, such as generating both provenance and software-bill-of-materials.
Here is a quick takeaway from @felipecruz 🏃‍♂️💨
➡️felipecruz.es/buildkit-supply-

#buildkit #SLSA

Last updated 2 years ago

Andreas Bergmeier :rust: · @abergmeier
10 followers · 95 posts · Server fosstodon.org

And on that note I also wonder how much effort it would be to connect something like to CAS.

#buildkit

Last updated 2 years ago

Guillaume Lours · @glours
288 followers · 5194 posts · Server framapiaf.org

RT @Docker@twitter.com

You can never attest too much, methinks, with the latest release series of , v0.11. Dive in to learn more about build-time attestations and , how to build images that contain SBOMs, and how to start analyzing the resulting data: dockr.ly/3DbpxzJ 🔥

🐦🔗: twitter.com/Docker/status/1617

#SBOMS #buildkit

Last updated 2 years ago

devguy :verified: · @developerguy
317 followers · 365 posts · Server hachyderm.io

🥵 What a week! There's a lot to be announced, such as @goreleaser support,@chainguard_dev quality talk, @kcdturkey , a fantastic release from , fixes in several repositories about @Docker @oci_org Artifacts

▶️ Working on the newsletter: developerguy.substack.com

#ko #SBOM #buildkit

Last updated 2 years ago