DevSecOps teams love containers! It is a foundational technology that can improve development velocity, operational efficiency and reduce risk. However, realizing these outcomes can be a challenge especially if you have containers built by hand or with disparate processes across your engineering teams.
Most proven solution around building application image is using Dockerfile that requires some amount of manual efforts. These homegrown container build pipelines start showing rough edges as container usage scales into the hundreds and thousands, making a developer's or an end user's life miserable as dockerfile-based containers are hard to productionize and scale. This also has a security impedance in supply chain which has to be taken care of. Developers struggle to maintain complicated dockerfiles, while operations teams face ongoing challenges to track the myriad dependencies and OS patch levels across a container fleet.
In this talk, I am going to present an approach simplifying the developer/devops experience through Buildpacks , more precisely with 'kpack' on a cloud-native platform (Kubernetes) together with image verification and identification through Cosign.