OPEN SOURCE
Securing Cloud-Native Workloads: Hands-On with Notary Project, ORAS, and Ratify
• 95 min watch
In the cloud-native ecosystem, maintaining a secure software supply chain for cloud-native workloads is essential. This session will provide real-world examples of how to use open-source tools Notary Project, ORAS and Ratify to ensure the integrity and authenticity of cloud-native workloads on Kubernetes.
- Background
- Why ensuring integrity and authenticity?
- End-to-End sign and verification experience
- CNCF project Notary Project intro
- CNCF project Ratify intro
- CNCF project ORAS intro
- Set up environment
- Prepare your container images
- Sign your container images
- Publish your container images and signatures to production
- Set up Ratify and policies
- Deploy your container images on K8s and check results
- What’s next
Related Videos
1:04:07
Hands-On with Preq - Community-Driven Reliability Problem Detection
Join us for an exclusive live stream as we explore Preq (pronounced "preek"), the free and open-source tool that's revolutionizing how teams detect and prevent reliability issues before customers noti
Preq
1:29:29
Hands-On with Kairos - Edge Kubernetes Made Simple
Join us for an exclusive live stream as we dive deep into Kairos, the open-source project that's revolutionizing OS lifecycle management across edge, cloud, and bare metal environments!
Kairos
1:47:02
Hands-on Introduction to k0rdent
**Hands-on Introduction to k0rdent**
k0rdent
1:07:16
Comments