Blog

Establishing a Secure Pipeline

In a recent post we walked through using Tekton and Cosign to build, sign and verify container images within Kubernetes. Red Hat utilizes OpenShift, signing and scanning in its own build systems to deliver release artifacts. Red Hat’s secure software delivery is...

read more

Signing Images

The release of Kubernetes 1.24 includes signed images, which highlights the importance of delivering secure images. Whether container images are being distributed to customers or run within your own datacenters, you must ensure that the assets within the software have...

read more

The UOR Framework

Universal Object Reference (UOR) is a radically different approach to serverless and decentralized systems. The term “everything is an object” may be familiar to some. It is typically used to convey a fundamental object-oriented programming concept. We can also apply...

read more

Sharding for Security and Scalability

Rekor, sigstore’s transparency log, recently reached an important milestone in its v0.6 release: it now supports log sharding.  Log sharding means that the entries associated with a single Rekor server can now be distributed among multiple backend logs, which...

read more

Introducing MicroShift

Exploring a small form factor OpenShift designed for field deployed edge computing devices Edge Computing spans a broad range of use cases and deployment models. On one end, it can refer to micro data centers located in controlled environments that are formed by a...

read more