Adventures in Production with GitOps, Secure Pipelines & Compliance - Brandon Lum & Ricardo Aravena
![CNCF [Cloud Native Computing Foundation]](http://yt3.ggpht.com/txe66EjpkDQQlx_4jDV0yA0PPsww0rqQrFhMpDqagLWN2-EUBBO65IuIyy5tEFVmpI4_RRduzXc=s48-c-k-c0x00ffffff-no-rj)
HTML-код
- Опубликовано: 18 окт 2024
- Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Adventures in Production with GitOps, Secure Pipelines and Compliance - Brandon Lum, IBM & Ricardo Aravena, Rakuten
In the last two years, Kubernetes GitOps has become more common in many organizations helping them enhance their software CI/CD by removing manual commands and keeping release versions consistent. However, there are still some gaps when it comes to security and compliance technologies.
We will go over some of the most popular open-source tools for GitOps, container images scanning, encryption and signing tools and how they work together. Among them, Flux, Scaffold, Ignite, Aqua scanner, in-toto, and Grafeas. In addition, we will talk about incorporating compliance into DevSecOps pipelines and explore the importance of application specifications such as CNAB.
In the end, the audience will understand how to create a container software pipeline in a fully automated, encrypted and secure way with Kubernetes in production environments, with compliance built-in.
There seems to be some bleed from another audio source around 02:31+