devguy :verified: · @developerguy
365 followers · 564 posts · Server hachyderm.io

💊Every treatment starts with accepting the diagnosis! Embrace the truth☝️
"You can be the next victim of the Software Supply Chain Attacks" UNLESS...
✍️Sign your software ()
🔔Do vulnerability scanning ( )
🚨 Protection at runtime ( )

#Cosign #trivy #grype #kyverno #policycontroller

Last updated 1 year ago

Jay Cuthrell · @jay
102 followers · 361 posts · Server cuthrell.com
devguy :verified: · @developerguy
353 followers · 527 posts · Server hachyderm.io

The SIG-Release made a significantly important task they started signing container images from v1.24 and it continued with signing artifacts with v1.26 ! You can use to verify control plane images signatures🥳
cncf.io/blog/2023/05/01/kyvern

#kubernetes #stargazer #electrifying #kyverno

Last updated 1 year ago

devguy :verified: · @developerguy
326 followers · 400 posts · Server hachyderm.io

This is a really great blog post by the Virtru Platform Engineering team which they talked about the strategies to secure their software supply chain by using open-source tools @sigstore
@kyverno🥇

virtru.com/blog/securing-kuber

#Cosign #sigstore #projectsigstore #kyverno #softwaresupplychainsecurity #supplychainsecurity

Last updated 2 years ago

devguy :verified: · @developerguy
320 followers · 383 posts · Server hachyderm.io

📢You can reach out to our talk at KCD Pakistan with @furkanturkal about creating a secure base image with using @wolfi packages and using it with to build OCI-compliant container images and signing them in keyless and verifying them with
➡️ youtube.com/watch?v=W1Xct6ZtmH

#apko #ko #Cosign #kyverno

Last updated 2 years ago

Akuity · @akuity
3 followers · 9 posts · Server cloud-native.social

We love combining with other essential projects. In this blog post, our "busy but happy 😉" developer advocate Nick looks closely at and uses it to enforce best practices!

Check it out at akuity.io/blog/argo-cd-kyverno

#argoproj #opensource #kyverno #kubernetes

Last updated 2 years ago

Andrew Block · @sabre1041
87 followers · 244 posts · Server hachyderm.io

Excellent article demonstrating how to integrate and @kyverno@twitter.com with a private deployment of @projectsigstore@twitter.com. Love seeing more examples to illustrate how to create a deployment of your own! flxw.de/tuf-kyverno-and-custom

#tuf #sigstore #kyverno #security

Last updated 2 years ago

Volkan Özçelik · @volkan
27 followers · 1067 posts · Server z2h.dev
Daniel Schaaff · @papaschaaff
5 followers · 14 posts · Server hachyderm.io

I used kyverno for the first time today and it was such a smooth experience. Only 30 mins to get up and running with a mutating we hook solving a problem nicely for me.

#kubernetes #kyverno

Last updated 2 years ago

Ed W8EMV · @w8emv
180 followers · 155 posts · Server hachyderm.io

a thought for you @ChrisShort and

when links get sent off to Mastodon here, they generate a mini summary which is good. the harder part here relative to Twitter is that if you want to search for something the only search mechanism is by hashtag and not full text, so later retrieval is hard.

A possible aid to later access would be to add the obvious hashtag if there is one, e.g. so if there's news about a Kyverno release you'd tag with and so forth.

#devopsish #kyverno

Last updated 2 years ago