Lightning Talk: Scaling Container Builds with Software Supply Chains

Conference: KubeCon + CloudNativeCon Europe 2022

2022-05-17

Authors: Duane DeCapite

Summary

Scaling Container Builds with Software Supply Chains

Buildpacks, flux, and Cartographer projects can automate the software supply chain and help to address container builds at scale while minimizing the burden on developers
Buildpacks simplifies the process of going from source code to a running container without requiring Docker files
Buildpacks creates an S-bomb natively as part of the build process and supports a wide variety of S-bom formats
Rebasing capability in Buildpacks is key for large organizations with hundreds of apps that use a common base OS layer
Cartographer is a Kubernetes native supply chain that automates best practices and a shift left methodology
Flux is a Git watcher that runs the supply chain when the developer commits code to the repository
Choreography is more flexible than linear orchestration and is based on a Kubernetes API
Supply chain can be triggered automatically without a code commit from the developer

Large organizations with hundreds of apps that use a common base OS layer can benefit from the rebasing capability in Buildpacks. When a package in the base OS layer changes, all the applications need to be rebuilt. Buildpacks can upload a single patch copy of the OS packages in the environment to the container registry, making the rebase process happen quickly. This can happen in the order of milliseconds, and then a tool like Kpack can automate the run of the Buildpack builds and then a supply chain like Cartographer can deploy the app images at scale.

Abstract

This lightning talk will summarize how the open source Buildpacks, flux and Cartographer projects can automate the software supply chain and help to address container builds at scale while minimizing the burden on developers.Click here to view captioning/translation in the MeetingPlay platform!

Materials:

Tags:

software supply chain