A show about getting your best ideas into the world and seeing what happens. We talk about code, ops, infrastructure, and the people that make it happen. Gerhard Lazu and friends explore all things DevOps, infra, and running apps in production. Whether you’re cloud native, Kubernetes curious, a pro SRE, or just operating a VPS… you’ll love coming along for the ride. Ship It honors the makers, the shippers, and the visionaries that see it through. Some people search for ShipIt or ShipItFM and can’t find the show, so now the strings ShipIt and ShipItFM are in our description too.
Securing K8s releases (KubeCon EU 2022)
Today we are at KubeCon CloudNativeCon EU 2022, talking to Adolfo García Veytia about securing Kubernetes releases. Adolfo is a Staff Software Engineer at Chainguard, and one of the technical leads for SIG release, meaning that he helps ship Kubernetes. You most likely know him as Puerco, and have seen first-hand his passion for securing software via SBOMs, cosign and SLSA. Puerco’s love for bikes and Chainguard are a great match 🚴♂️
Changelog++ members save 5 minutes on this episode because they made the ads disappear. Join today!
Sponsors
- MongoDB – An integrated suite of cloud database and services — They have a FREE forever tier, so you can prove to yourself and to your team that they have everything you need. Check it out today at mongodb.com/changelog
- FireHydrant – The reliability platform for every developer. Incidents impact everyone, not just SREs. FireHydrant gives teams the tools to maintain service catalogs, respond to incidents, communicate through status pages, and learn with retrospectives. Small teams up to 10 people can get started for free with all FireHydrant features included. No credit card required to sign up. Learn more at firehydrant.io
-
Sentry – Working code means happy customers. That’s exactly why teams choose Sentry. From error tracking to performance monitoring, Sentry helps teams see what actually matters, resolve problems quicker, and learn continuously about their applications - from the frontend to the backend. Use the code
SHIPITand get the team plan free for three months. - Chronosphere – Chronosphere is the observability platform for cloud-native teams operating at scale. When it comes to observability, teams need a reliable, scalable, and efficient solution so they can know about issues well before their customers do. Teams choose Chronosphere to help them move faster than the competition. Learn more and get a demo at chronosphere.io.
Featuring
Notes and Links
- KCCNCEU 2022: Make the Secure Kubernetes Supply Chain Work for You - Adolfo García Veytia, Chainguard
- KCCNCEU 2022: Releasing Kubernetes Less Often and More Secure - The SIG Release Update - Adolfo García Veytia & Carlos Panato, Chainguard; Sascha Grunert, Red Hat; Stephen Augustus, Cisco
- Kubernetes signals massive adoption of Sigstore for protecting open source ecosystem
- kubectl plugin for signing Kubernetes manifest YAML files with sigstore
- CLI utility to generate SPDX-compliant Bill of Materials manifests
Something missing or broken? PRs welcome!