Running trusted payloads with Nomad and Waypoint

Things like Infrastructure as Code, Service Discovery and Config Management can and have helped us to quickly build and rebuild infrastructure, but we have not nearly spent enough time to train our self to review, monitor and respond to outages. With the introduction of CI/CD best practices into our day to day workflows we protect ourselves for introducing “bad” code into production and exposing flaws to our (end-)users. But what about influences from bad actors in- and out-side our projects. This talk will focus on the additional steps we can add to our Waypoint build pipelines to also protect ourselves to so called supply chain attacks while running our jobs in Nomad. We will discuss scanning for vulnerabilities in incoming code, packages and images and signing the content artifacts we trust before exposing them to our users.

Speaker

  • Bram Vogelaar
    Bram Vogelaar
    The Factory

    Bram Vogelaar spent the first part of his career as a Molecular Biologist, he then moved on to supporting his peers by building tools and platforms for them with a lot of Open Source technologies. He now works as a devops engineer at the Factory, a cloud consultancy in the Netherlands.

Date

Jul 19 2022

Time

11:00 - 11:45

Location

Room Barcelona II