Cloud Native

In the vast and dynamic ecosystem of software development, security is a fundamental pillar that ensures the reliability and integrity of digital products. In particular, with the growing adoption of containers, the need to validate the authenticity and integrity of Docker images has become crucial. This is where Cosign comes into play, a tool developed by the Sigstore project, designed to simplify the signing and verification of Docker images. This practice ensures that the code you are about to deploy is exactly what was intended, free from malicious alterations. In this article, we will dive into the world of Cosign, exploring how it works, how it can be used to sign a Docker image, and why it is an essential element for improving software supply chain security. I will also illustrate a practical example, showing how I integrated Cosign into a GitHub pipeline to automate the image signing process. For a detailed view and access to the source code, I invite you to visit my GitHub repository. ...

The procedure described here is no longer supported. The kubernetes package has changed repository. For more information, please refer to the official documentation. In a world where containerization is becoming increasingly central, having a solid understanding of how to configure Kubernetes is essential. In this article, I’ll guide you step by step through installing a Kubernetes cluster using containerd as the runtime. And if you’re wondering, “Why containerd?”, the answer is simple: it’s lightweight, efficient, and perfectly integrated with Kubernetes. ...

In the course of my work with AWS ECR (Elastic Container Registry), I ran into a problem: The repository access key expires every six hours. Working with a non-AWS Kubernetes test cluster, I had to constantly update these credentials manually, a repetitive and tedious process. From this experience came the idea to create a tool that automated this process: k8s-aws-ecr-secret-updater. This tool is a Kubernetes cronjob, designed to automatically update the AWS ECR repository access credentials. ...