Watch / Rawkode Live 1:35:00
Live · Tutorial · Rawkode Live

Securing Cloud-Native Workloads: Hands-On with Notary Project, ORAS, and Ratify

1:35:00
§ Overview

About this video

What You'll Learn

  1. Sign container images and artifacts with Notation using trusted certificates.
  2. Store detached signatures in OCI registries alongside images with ORAS.
  3. Enforce admission-time trust checks in Kubernetes with Ratify and Gatekeeper.

Yi Zha from Microsoft demos how Notary Project, ORAS, and Ratify secure the container supply chain on Kubernetes: signing images with notation, storing signatures as OCI artifacts, and enforcing trust at admission via Ratify and OPA Gatekeeper.

§ Technologies featured
Notary Project Notary Project ORAS ORAS Ratify Ratify Open Policy Agent (OPA) Open Policy Agent (OPA) Kubernetes Kubernetes

Meet the Cast

David Flanagan HOST

David Flanagan

@rawkode

Yi Zha GUEST

Yi Zha

@yizha1

Weekly Cloud Native insights

Stay ahead in cloud native

Tutorials, deep dives, and curated events. No fluff.

More from Rawkode Live

View all 173 episodes
Hands-on Introduction to Odin
Upcoming

Hands-on Introduction to Odin

Hands-on Introduction to Iroh
Upcoming

Hands-on Introduction to Iroh

Hands-on Introduction to Yoke
1:15:06

Hands-on Introduction to Yoke

Hands-on Introduction to sympozium
1:31:50

Hands-on Introduction to sympozium

Friday, January 23rd, 2026 - Chevron7
44:26

Friday, January 23rd, 2026 - Chevron7

Hands-on Introduction to jujutsu (jj)
1:01:55

Hands-on Introduction to jujutsu (jj)

Notary Project

More about Notary Project

View technology
Manage and Run AI/ML Models as OCI Artifacts with ORAS
1:06:35

Manage and Run AI/ML Models as OCI Artifacts with ORAS

More about ORAS

View technology
Manage and Run AI/ML Models as OCI Artifacts with ORAS
1:06:35

Manage and Run AI/ML Models as OCI Artifacts with ORAS

Open Policy Agent (OPA)

More about Open Policy Agent (OPA)

View all 10 videos
Simplifying Kubernetes Adoption Challenges
37:19

Simplifying Kubernetes Adoption Challenges

Custom Controls with GPT
9:41

Custom Controls with GPT

Helm, Kustomize, and Pod Security Policies
18:27

Helm, Kustomize, and Pod Security Policies

Kubernetes

More about Kubernetes

View all 172 videos
Hands-on Introduction to Yoke
1:15:06

Hands-on Introduction to Yoke

Navigating Kairos: Immutable Operating Systems with a Cloud Native Twist
39:59

Navigating Kairos: Immutable Operating Systems with a Cloud Native Twist

Kubernetes Security Scanning: The 4 Tools You Actually Need
18:37

Kubernetes Security Scanning: The 4 Tools You Actually Need