Avinash Singh
DevOps and Platform Engineer
Actions
Avinash is a DevOps and Platform Engineer with 10+ years of experience across web, data and AI applications. He is passionate about developer experience and CI-CD process optimisations in cloud native applications. At present, he is extensively working in software supply chain security and green software development.
Links
Fostering Trust and Transparency in Software Supply Chain
We check ingredients on food labels as we care about what we consume. But when it comes to software, do you get the same level of transparency? Can you know every component used to build a software? How sure are you that the list of components is untampered with?
In this talk, we’ll explore how the Software Bill of Materials (SBOMs) can be attested to provide a tamper proof list of libraries, tools, and processes used to develop, build, and deploy a software.
We’ll dive into how we can integrate Syft in a Tekton pipeline to generate accurate, tamper-proof Software Bill of Materials (SBOMs) using in-toto attestations. Attested SBOM will be attached to the container image using cosign. You’ll also learn how to verify container images for accurate untampered SBOMs using Enterprise Contracts.
We will demonstrate security in a sample application’s CI pipeline. We’ll make the content available in a git repository, giving attendees ready-to-use examples to implement in their projects.
Building Energy-Efficient Cloud-Native Software for a Sustainable Future
Sustainability has become a priority across all business sectors, and software developers have an essential role in making a meaningful impact. But how can we, as developers, contribute to sustainability by creating green software?
This talk will provide insights on designing a CI pipeline that ensures your software is energy-efficient.
We will demonstrate how to use Kepler, a sandbox CNCF project, to estimate energy consumption while the application is being developed. The CI pipeline will measure application’s energy consumption on every pull request (PR) and optionally gate releases based on consumption benchmarks.
We will use Tekton to design CI for a sample application, to demonstrate and share actionable insights from our proof of concept. The stack(including Kepler) will be deployed on a local Kind cluster. Attendees will have access to content in a public repository, enabling them to follow along and apply the techniques to their projects.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top