Seattle, WA
December 10–13, 2018
Click Here for More Information & Registration
View Venue Map
Back To Schedule
Tuesday, December 11 • 10:50am - 11:25am
Birds of a Feather: What Should a Container Build Manifest Look Like? - Nisha Kumar, VMware

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
We create containers by reusing several pieces of software from disparate locations, internal and external to our organization. We then rely on the providers (trusted or not) of the pieces to publish the software component list, or we run vulnerability and compliance scan tools against the fully built containers before pushing it to an internal registry. These methods are more fail safes than applying software delivery best practices, i.e., start from a well defined Bill of Materials (BoM).

Can we build a container from a well defined software component manifest? What would that manifest look like? This BoF is to discuss what we need in order to build a better container delivery pipeline that adheres to software delivery best practices. To kick us off, I will present a survey on currently used tools and practices.

avatar for Nisha Kumar

Nisha Kumar

Open Source Engineer, VMware
Nisha Kumar is an Open Source Engineer at VMware’s Open Source Technology Center. She is one of the maintainers of Tern, a container image inspection tool for OSS license compliance. She has spoken at several events including All Things Open, SCaLE, and a previous KubeCon.

Tuesday December 11, 2018 10:50am - 11:25am PST
  CI/CD, Birds of a Feather