Search results for: distribution


Dragonfly completes security audit!

Posted on September 15, 2023 | By Dragonfly maintainers

Project post originally published on the Dragonfly blog This summer, over four engineer weeks, Trail of Bits and OSTIF collaborated on a security audit of Dragonfly2. A CNCF Incubating Project, Dragonfly2 functions as file distribution for peer-to-peer technologies. Included in the scope was the…


36 CNCF term 2 LFX mentees have successfully completed the program!

Posted on September 12, 2023

Congratulations to the 36 interns who have graduated from the LFX Program after working with CNCF projects over June, July, and August!     Mentees had the opportunity to work on many different projects across our Graduated, Incubating, and Sandbox…


Secure software supply chain for OCI Artifacts on Kubernetes

Posted on September 12, 2023

Guest post originally published on SparkFabrik’s blog The concept of the Software Supply Chain is growing in importance since the Cloud Native approach has become increasingly central to modern application development. As in traditional industry, an increasingly complex…


Introducing the Wasm landscape (in English and Chinese)

Posted on September 6, 2023 | By Chris Aniszczyk, Vivian Hu. and Michael Yuan

By Chris Aniszczyk, Vivian Hu and Michael Yuan “Containers are the new normal, and WebAssembly is the future.”   — CNCF Annual Survey 2022 key findings. Originally created as a secure sandbox to run compiled C/C++ code in…


Using dragonfly to distribute images and files for multi-cluster kuberenetes

Posted on September 1, 2023

Dragonfly provides efficient, stable, securefile distribution and image acceleration based on p2p technology to be the best practice and standard solution in cloud native architectures. It is hosted by the Cloud Native Computing Foundation(CNCF) as an Incubating Level…


Verifying images in a private Amazon ECR with Kyverno and IAM Roles for Service Accounts (IRSA)

Posted on August 29, 2023 | By Shuting Zhao

Community post originally published on GitHub by Shuting Zhao, a maintainer of Kyverno When running workloads in Amazon Elastic Kubernetes Service (EKS), it is essential to ensure supply chain security by verifying container image signatures and other metadata….


Notary Project announces a major release!

Posted on August 28, 2023 | By Notary Project Release Team

Project post originally published on the Notary Project blog by the Notary Project Release Team The Notary Project maintainers are proud to announce a major release, including Notary Project specifications v1.0.0, notation v1.0.0, notation-go v1.0.0, and notation-core-go v1.0.0 which are ready for production…


FYI: The dark side of ChatGPT is in your software supply chain

Posted on August 24, 2023

Guest post originally published on the ARMO blog by Ben Hirschberg Let’s face it, the tech world is a whirlwind of constant evolution. AI is no longer just a fancy add-on; it’s shaking things up and becoming part…


Unleashing in-toto: The API of DevSecOps

Posted on August 17, 2023 | By Aditya Sirish and Cole Kennedy

Guest post by Aditya Sirish, in-toto maintainer and Cole Kennedy, member of the in-toto steering committee The Integration Revolution Being part of the DevOps world, you’re likely no stranger to the DevSecOps buzz — the strategy of embedding…


The future of API gateways on Kubernetes

Posted on August 14, 2023 | By Pubudu Gunatilaka

Guest post originally published on WS02’s blog by Pubudu Gunatilaka Key Takeaways  Introduction  The exponential growth of the Internet and cloud computing has given rise to applications that are smaller, more distributed, and designed for highly dynamic environments…