Technology
Self-Hosted CI Runner Security: Isolation, OIDC and Secrets
A practical model that lowers supply-chain risk on self-hosted CI runners with isolation, network boundaries and OIDC-based short-lived authorization.
#supply-chain
3 posts found.
Tutorials
An SBOM-Based Image Admission Gate with Syft and Grype
A practical guide to admitting container images not just by a CVE list, but by component inventory and policy threshold.
Tutorials
A Guide to Container Supply Chain Signing with Cosign
A practical and enterprise-friendly setup guide for signing container images with Cosign and verifying them in the delivery pipeline.