Shuting Zhao
Kyverno maintainer, Staff Engineer at Nirmata
Actions
Shuting Zhao is a Kyverno maintainer and a Staff Engineer at Nirmata. Her passion for open source extends beyond her professional role, as she has also taken on the role of mentor for several LXF mentorship programs since March 2021, she enjoys helping others contribute to open source and make an impact.
Kyverno Playground: Make Policy Testing a Breeze and Enjoy the Process!
Kyverno is a policy engine designed specifically for Kubernetes, allowing for the seamless management of policies through admission control or CI/CD pipelines. To streamline and simplify the testing process for Kyverno, the Kyverno team has developed an isolated test environment called Kyverno Playground.
In this session, Shuting will guide you through the process of creating Kyverno policies from scratch. She will demonstrate how to apply these policies to different resource types and configurations using the Kyverno Playground. By the end of the session, you will have gained the knowledge and skills to effortlessly build and test Kyverno policies, all without the need for a Kubernetes cluster.
Kicking Security Chain Attacks to the Curb with Kyverno and Notary in GitOps
As supply chain initiatives drove the need for distributing detached signatures for container images and signed SBOM, reference types are required to supplement the information to the OCI registry. With the support of referrers API in OCI v1.1 Spec, it becomes extremely easy to associate software supply chain artifacts with container images in content distribution. It also allows policy tools like Kyverno to consume the supply chain artifact’s data for security checks pre-deployment.
Modern Kubernetes deployments contain multiple applications, clusters, and environments, especially in large organizations. How to verify the image integrity, security, and compliance to manage applications at scale?
In this session, Feynman Zhou and Shuting Zhao will showcase how you can establish trust for container images and verify resources using CNCF projects like Notary, Kyverno, and ORAS. They will demonstrate how to implement these tools in GitOps to improve software supply chain security.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top