Seattle, WA
December 10–13, 2018
Click Here for More Information & Registration
View Venue Map

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

CI/CD [clear filter]
Tuesday, December 11


Birds of a Feather: What Should a Container Build Manifest Look Like? - Nisha Kumar, VMware
We create containers by reusing several pieces of software from disparate locations, internal and external to our organization. We then rely on the providers (trusted or not) of the pieces to publish the software component list, or we run vulnerability and compliance scan tools against the fully built containers before pushing it to an internal registry. These methods are more fail safes than applying software delivery best practices, i.e., start from a well defined Bill of Materials (BoM).

Can we build a container from a well defined software component manifest? What would that manifest look like? This BoF is to discuss what we need in order to build a better container delivery pipeline that adheres to software delivery best practices. To kick us off, I will present a survey on currently used tools and practices.

avatar for Nisha Kumar

Nisha Kumar

Open Source Engineer, VMware
Nisha Kumar is an Open Source Engineer at VMware’s Open Source Technology Center. She is one of the maintainers of Tern, a container image inspection tool for OSS license compliance. She has spoken at several events including All Things Open, SCaLE, and a previous KubeCon.

Tuesday December 11, 2018 10:50am - 11:25am