When using Renovate to update your dependencies, you will come across container images that are hosted in a private container registry or in a private repository of a public container registry. In both cases, you will need to configure Renovate with credentials to authenticate when checking for new versions of your container image. This post demonstrates how to configure Renovate correctly.
Sigstore has been all over my newsfeeds for their efforts in supply chain security especially signing containers and SBoMs documents with shortlived key pairs using cosign. This “keyless” approach can also be applied to signing git commits using gitsign eliminating the need for PGP key pairs. Utilizing these tools involves authenticating via OIDC in a browser. In WSL this requires some preparation to open the authentication page in the default browser on Windows.
This week I attended ContainerConf in Mannheim - the first in-person conference in three years. I had the pleasure to contribute a full-day workshop about CI/CD with GitLab as well as a talk about optimizing container image.
In addition to operating GitLab for our development teams, we are also using GitLab ourselves to automate the deployment and update of our services. Based on this experience I held a webinar for heise to demonstrate the wide range of features provided by GitLab CI.
Part of my daily work is operating a GitLab instance for our development teams. Based on this experience I held the fall 2022 edition of a webinar for heise to share my knowledge.
Modern software is built on top of dozens if not hundreds of dependencies. This help developers to focus on business value instead of reinventing the wheel. But those dependencies must be updated to prevent shipping security vulnerabilities. Renovate scans your source code repository for a wide range of languages and offers updates as merge requests. This post provides an introduction to use Renovate with Docker, containers and container images.
In addition to operating GitLab for our development teams, we are also using GitLab ourselves to automate the deployment and update of our services. Based on this experience I held a webinar for heise to demonstrate the wide range of features provided by GitLab CI.
Part of my daily work is operating a GitLab instance for our development teams. Based on this experience I held a webinar for heise to share my knowledge.
heise Academy has repeated a series of webinars around containers and Kubernetes. I had the honour to contribute two half-day webinars - one about Docker for beginners and a second one about Kubernetes for beginners (see below).
heise Academy has repeated a series of webinars around containers and Kubernetes. I had the honour to contribute two half-day webinars - one about Docker for beginners (see below) and a second one about Kubernetes for beginners.
