Version after version; how the open source project Kubernetes releases its software
Guest post by Leonard Pahlke, CNCF Ambassador & Chair TAG Environmental Sustainability In this article, we look at how the open source project Kubernetes manages its software releases. By exploring the established and evolved community structures, this discussion…
5G deployment, as simple as GitOps thanks to FluxCD
End user post by David Blaisonneau, Software/Cloud Expert for Network services at Orange, and Sylvain Desbureaux, DevSecOps engineer at Orange Context Orange is a worldwide Telecom operator supporting end-user and enterprise market customers. In Europe, it’s nearly 70…
Vitess announces security audit results
Project post by the Vitess maintainers The Vitess Maintainer team is pleased to announce the results of a recent third-party security audit of the Vitess code base. Vitess had previously been audited in 2019. Given the amount of…
Guest post originally published on Flux’s blog by Daniel Holbach As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities which are available…
Ant Group security technology’s Nydus and Dragonfly image acceleration practices
Guest post by Dragonfly maintainers Introduction ZOLOZ is a global security and risk management platform under Ant Group. Through biometric, big data analysis, and artificial intelligence technologies, ZOLOZ provides safe and convenient security and risk management solutions for…
Kyverno — verify Kubernetes control plane images
Guest post originally published on Medium by Charles-Edouard Brétéché In this story we are going to deploy a local Kubernetes cluster using kind, then we will deploy Kyverno and use it to verify Kubernetes control plane images signature. What is Kyverno ? Kyverno is an open-source policy engine for Kubernetes that allows you to…
7 core components of an Internal Developer Platform
Guest post originally published on Mia-Platform’s blog by the Mia-Platform team The world of software development is constantly and rapidly changing. New technologies emerge every day to solve problems that slow down the daily work of IT departments….
Building secure software supply chains in CNCF with SLSA assessments
To continue efforts to improve the security of our graduated and incubating projects, we recently worked with Chainguard to assess the software supply chain security practices of two of our graduated projects, Argo and Prometheus. These efforts build…
CNCF fuzzing open source projects for security and reliability
By Chris Aniszczyk, Adam Korczynski, David Korczynski Introduction In this blog post we will present an overview of the state of fuzzing CNCF projects. We published a blog post on this in June 2022 titled Improving Security by…
Announcing the Kyverno 1.10 Pre-Release
Project post also on the Nirmata blog by the Kyverno maintainers Kyverno is a policy engine built for Kubernetes that helps secure and automate Kubernetes configurations. In Kubernetes policies are configurations that govern the configuration and runtime behaviors…