A few of our Guardians will be at the Linux Foundation’s Open Source Summit Europe this week. We’re excited to meet with friendly faces and meet new peers from the community!
Aside from the talks you don’t want to miss from our team (see schedule below), we’re eager to talk about all things software supply chain security from SLSA and Sigstore’s recent momentum to SBOMs and container security and more.
Talks
Three Guardians will give talks at the Open Source Summit EU. To make it easy for you to fit them into your schedule, here are all the details:
Monday, September 12
11:30am-12:00pm IST
Keyless Signing with Tekton and Sigstore (CDF Mini-summit)
Chainguard Staff Software Engineer Billy Lynch (@wflynch) how you can bring cloud native technologies like Tekton and Sigstore together to meet SLSA requirements for artifact signing. The talk will walk through how to start from a basic build and show how you can use Sigstore to sign your artifacts without needing to provision long-lived credentials!
Tuesday, September 13
9:00am-9:40am IST
From Kubernetes with <3 Open Tools for, Open Secure Supply Chains
Chainguard Staff Software Engineer Adolfo García Veytia (@puerco) will discuss recent work across the Kubernetes Release Engineering Team (a subproject of SIG Release) to harden the Kubernetes supply chain, aiming to make it SLSA Level 3 compliant by the time Kubernetes 1.26 is released. If you’re an organization or project looking for tooling and hands on guidance for a SLSA-compliant pipeline, this talk and demo is for you.
Wednesday, September 14
15:15-15:55pm IST
Gitsign - Keyless Git Commit Signing
Chainguard Staff Software Engineer Billy Lynch (@wflynch) will talk about why securing the software supply chain is more than just signing containers. The talk will cover Gitsign, one of Sigstore's latest projects that brings "keyless" signing to Git, how it works and how it fits into the rest of Sigstore, as well as how it can be applied to your development, CI/CD, and GitOps workflows.
Thursday, September 15
14:05-14:45pm IST
Show Me The Schema! RPCs and Learning To Love Code Gen
Chainguard Software Engineer Eddie Zaneski (@eddiezane) will explore the state of modern RPC (remote procedure call) frameworks and their backing IDLs (interface definition language). During his talk, learn why you should publish more about your API than just documentation and how code generation can improve developer experience and productivity.
We look forward to seeing you all there! If you want to grab a pint (or two) and catch up on all things Chainguard at Open Source Summit Europe, follow us @chainguard_dev or get in touch with the team.
Sláinte!