OCB: Secure your Open Source Supply Chain with Sigstore
Bob Callaway and Ivan Font of Red Hat will introduce a new project called ‘sigstore’ that was recently launched under the Linux Foundation. Sigstore aims to empower software developers to easily and securely sign software artifacts such as release files, container images, binaries, bill of material manifests, and more. Signing materials are then stored into a tamper-resistant public log. They’ll show a demo of the system working in OpenShift to sign container images and integrated into a build pipeline with Tekton and Open Policy Agent.
Speakers: Bob Callaway and Ivan Font (Red Hat)
Host: Karena Angell (Red Hat)
Slides: https://speakerdeck.com/redhatopenshift/secure-your-open-source-supply-chain-with-sigstore
by OpenShift
linux foundation