Our great sponsors
-
copacetic
🧵 CLI tool for directly patching container images using reports from vulnerability scanners
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
secure-supply-chain-on-aks
Learn how to use open-source tools to secure your container deployments on Azure Kubernetes Service.
Copacetic, another open-source gem, works in tandem with Trivy to tackle vulnerabilities in container images.
Ratify is an admission controller. It's available both as a binary and as a Kubernetes tool installed via a Helm Chart. It ensures that only signed images are deployed. It's an invaluable tool for safeguarding your AKS cluster by preventing unsigned container images from being deployed.
Learn how to add these tools to your existing pipelines, with this step-by-step workshop!
Notation is another command-line too that lets you digitally sign artifacts. And those signatures essentaily become the stamps of approval for the different things in your software supply chain. For example, container images.
Related posts
- Automating Kubernetes Deployments with FluxCD for Patched and Signed Container Images
- Ask HN: Have You Left Kubernetes?
- Infino - Fast and scalable service to store time series and logs - written in Rust
- Parseable - an open source log observability platform
- Parseable – unify log data to Parquet on S3