💊Every treatment starts with accepting the diagnosis! Embrace the truth☝️
"You can be the next victim of the Software Supply Chain Attacks" UNLESS...
✍️Sign your software (#cosign)
🔔Do vulnerability scanning (#trivy #grype)
🚨 Protection at runtime (#kyverno #policycontroller)
#Cosign #trivy #grype #kyverno #policycontroller
🔥⏲️ Fudge Sunday "GitOps Goes the World" A look at GitOps and Policy-as-Code (PaC).
#gitops #policyascode #iac #pac #cicd #cicdpipelines #sbom #k8s #immutable #immutability #devx #developerexperience #idp #developerproductivity #platformengineering #platformengineer #opengitops #kyverno #kubernetes #argo #argocd #flux #newsletters #newsletter
#gitops #policyascode #iac #pac #cicd #cicdpipelines #sbom #k8s #immutable #immutability #devx #developerexperience #idp #developerproductivity #platformengineering #platformengineer #opengitops #kyverno #kubernetes #argo #argocd #flux #newsletters #newsletter
The #Kubernetes SIG-Release made a significantly important task they started signing container images from v1.24 #Stargazer and it continued with signing artifacts with v1.26 #Electrifying! You can use #kyverno to verify control plane images signatures🥳
https://www.cncf.io/blog/2023/05/01/kyverno-verify-kubernetes-control-plane-images/
#kubernetes #stargazer #electrifying #kyverno
This is a really great blog post by the Virtru Platform Engineering team which they talked about the strategies to secure their software supply chain by using open-source tools @sigstore
@kyverno🥇
#cosign #sigstore #projectsigstore #kyverno #softwaresupplychainsecurity #supplychainsecurity
#Cosign #sigstore #projectsigstore #kyverno #softwaresupplychainsecurity #supplychainsecurity
📢You can reach out to our talk at KCD Pakistan with @furkanturkal about creating a secure base image with #apko using @wolfi packages and using it with #ko to build OCI-compliant container images and signing them #cosign in keyless and verifying them with #kyverno
➡️ https://www.youtube.com/watch?v=W1Xct6ZtmHo
We love combining #argoproj with other essential #opensource projects. In this blog post, our "busy but happy 😉" developer advocate Nick looks closely at #Kyverno and uses it to enforce #Kubernetes best practices!
Check it out at https://akuity.io/blog/argo-cd-kyverno-best-practice-policies/
#argoproj #opensource #kyverno #kubernetes
Excellent article demonstrating how to integrate #TUF and @kyverno@twitter.com with a private deployment of @projectsigstore@twitter.com. Love seeing more examples to illustrate how to create a #sigstore deployment of your own! #sigstore #kyverno #security https://flxw.de/tuf-kyverno-and-custom-sigstore
#tuf #sigstore #kyverno #security
Kyverno is a Kubernetes Native Policy Manager
#kyverno #policy #policymanagent #kubernetes #tools #infra
I used kyverno for the first time today and it was such a smooth experience. Only 30 mins to get up and running with a mutating we hook solving a problem nicely for me. #kubernetes #kyverno
a thought for you @ChrisShort and #devopsish
when links get sent off to Mastodon here, they generate a mini summary which is good. the harder part here relative to Twitter is that if you want to search for something the only search mechanism is by hashtag and not full text, so later retrieval is hard.
A possible aid to later access would be to add the obvious hashtag if there is one, e.g. so if there's news about a Kyverno release you'd tag with #kyverno and so forth.