Building a Better Software Supply Chain - DevConf.US 2024
HTML-код
- Опубликовано: 27 сен 2024
- Speaker(s): Ann Marie Fred
---
At Red Hat, we had a standard build pipeline for software, but it had a problem. It consisted of more than 250 services across more than 1000 host systems, which made it difficult to understand, and it required dozens of people to maintain.
We started the project now known as Konflux in order to simplify release cycles; improve the security of our software supply chain; improve the data collected for attestation, provenance, and software bill-of-materials; reduce the number of duplicate services; simplify maintenance; reduce maintenance costs; collaborate on open source projects; and improve the onboarding experience for our development teams.
We chose Kubernetes as the foundation of our architecture, because of its proven model for deploying scalable, secure services. We chose Tekton, along with Tekton Chains and Tekton Results, for our build and test pipelines, because of their open and flexible design. We chose Argo CD because of its GitOps model, full featured support for Kubernetes, and community adoption. We chose a suite of open source command-line tools for the security checks and other automation. And we’re using Backstage to teach developers how to onboard, by example.
Along the way, we learned a great deal about what we should and shouldn’t standardize in our pipelines. This talk will explain how we implemented the system, and more importantly, the course corrections we made to our plans as we built it out. You will come away from this session with a reference architecture as well as a list of key lessons learned in CI/CD and software supply chain security.
---
Full schedule, including slides and other resources:
pretalx.com/de...
![Yailin La Mas Viral, @kreizyk.official - Dale 2 (Remix) [Video Oficial]](http://i.ytimg.com/vi/JaYHBzgqz94/mqdefault.jpg)
