devguy :verified: · @developerguy
365 followers · 564 posts · Server hachyderm.io💊Every treatment starts with accepting the diagnosis! Embrace the truth☝️
"You can be the next victim of the Software Supply Chain Attacks" UNLESS...
✍️Sign your software (#cosign)
🔔Do vulnerability scanning (#trivy #grype)
🚨 Protection at runtime (#kyverno #policycontroller)
#Cosign #trivy #grype #kyverno #policycontroller
Jay Cuthrell · @jay
102 followers · 361 posts · Server cuthrell.com🔥⏲️ Fudge Sunday "GitOps Goes the World" A look at GitOps and Policy-as-Code (PaC).
#gitops #policyascode #iac #pac #cicd #cicdpipelines #sbom #k8s #immutable #immutability #devx #developerexperience #idp #developerproductivity #platformengineering #platformengineer #opengitops #kyverno #kubernetes #argo #argocd #flux #newsletters #newsletter
#gitops #policyascode #iac #pac #cicd #cicdpipelines #sbom #k8s #immutable #immutability #devx #developerexperience #idp #developerproductivity #platformengineering #platformengineer #opengitops #kyverno #kubernetes #argo #argocd #flux #newsletters #newsletter
devguy :verified: · @developerguy
353 followers · 527 posts · Server hachyderm.ioThe #Kubernetes SIG-Release made a significantly important task they started signing container images from v1.24 #Stargazer and it continued with signing artifacts with v1.26 #Electrifying! You can use #kyverno to verify control plane images signatures🥳
https://www.cncf.io/blog/2023/05/01/kyverno-verify-kubernetes-control-plane-images/
#kubernetes #stargazer #electrifying #kyverno
devguy :verified: · @developerguy
326 followers · 400 posts · Server hachyderm.ioThis is a really great blog post by the Virtru Platform Engineering team which they talked about the strategies to secure their software supply chain by using open-source tools @sigstore
@kyverno🥇
#cosign #sigstore #projectsigstore #kyverno #softwaresupplychainsecurity #supplychainsecurity
#Cosign #sigstore #projectsigstore #kyverno #softwaresupplychainsecurity #supplychainsecurity
devguy :verified: · @developerguy
320 followers · 383 posts · Server hachyderm.io
📢You can reach out to our talk at KCD Pakistan with @furkanturkal about creating a secure base image with #apko using @wolfi packages and using it with #ko to build OCI-compliant container images and signing them #cosign in keyless and verifying them with #kyverno
➡️ https://www.youtube.com/watch?v=W1Xct6ZtmHo
Akuity · @akuity
3 followers · 9 posts · Server cloud-native.socialWe love combining #argoproj with other essential #opensource projects. In this blog post, our "busy but happy 😉" developer advocate Nick looks closely at #Kyverno and uses it to enforce #Kubernetes best practices!
Check it out at https://akuity.io/blog/argo-cd-kyverno-best-practice-policies/
#argoproj #opensource #kyverno #kubernetes
Andrew Block · @sabre1041
87 followers · 244 posts · Server hachyderm.ioExcellent article demonstrating how to integrate #TUF and @kyverno@twitter.com with a private deployment of @projectsigstore@twitter.com. Love seeing more examples to illustrate how to create a #sigstore deployment of your own! #sigstore #kyverno #security https://flxw.de/tuf-kyverno-and-custom-sigstore
#tuf #sigstore #kyverno #security
Volkan Özçelik · @volkan
27 followers · 1067 posts · Server z2h.devKyverno is a Kubernetes Native Policy Manager
#kyverno #policy #policymanagent #kubernetes #tools #infra
Daniel Schaaff · @papaschaaff
5 followers · 14 posts · Server hachyderm.ioI used kyverno for the first time today and it was such a smooth experience. Only 30 mins to get up and running with a mutating we hook solving a problem nicely for me. #kubernetes #kyverno
Ed W8EMV · @w8emv
180 followers · 155 posts · Server hachyderm.ioa thought for you @ChrisShort and #devopsish
when links get sent off to Mastodon here, they generate a mini summary which is good. the harder part here relative to Twitter is that if you want to search for something the only search mechanism is by hashtag and not full text, so later retrieval is hard.
A possible aid to later access would be to add the obvious hashtag if there is one, e.g. so if there's news about a Kyverno release you'd tag with #kyverno and so forth.