The Kubernetes Release Engineering team is working towards higher levels of SLSA compliance in its release process. SLSA, or Supply chain Levels for Software Artifacts, is a security framework to gradually increase the security of software releases.
In this talk, Adolfo will go through the changes that the Kubernetes organization is currently undergoing, like signing images and artifacts, to reach higher SLSA levels. Join this session to understand how these improvements will directly impact Kubernetes users and other projects under the k8s organization.
Adolfo García Veytia (puerco) is a software engineer with
Chainguard, Inc where he works helping open source projects
achieve better levels of security in their release processes.
He is also a Technical Lead with Kubernetes SIG Release. He
actively works on the Release Engineering team, specializing
in improvements to the software that drives the automation
behind every Kubernetes release.
Adolfo is passionate about writing software with friends,
helping new contributors, and amplifying the Latinx presence
in the Cloud Native community.