March 2022
Intermediate to advanced
40 pages
54m
English
Content preview from The Rise of Continuous Packaging
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Preface
Packaging, the creation of artifacts for distribution and deployment, is a major part of the modern DevOps-based cloud native software development pipeline. This report targets decision makers and technical users who use packaging in their daily workflow and need to understand the importance of securing their software supply chain.
The report sets context around the issues of continuous integration and continuous delivery/deployment (CI/CD) pipelines used for developing microservices-based cloud native software as contrasted with traditional monolithic architecture. A discussion of the challenges of the software supply chain follows, including explanations of a few common threats to source and build integrity. After a brief summary of tactics for ensuring the validity of source code and dependencies at every step of the pipeline, the report details the benefits of continuous packaging, a strategy that improves security through isolation, automation, and universal hosting. By assuring the provenance, validity, and integrity of both dependencies and build outputs, continuous packaging makes it easier to resist threats and avoid risks throughout the CI/CD software delivery pipeline.
After reading the report, you’ll understand:
-
Why software supply chain security is important
-
Examples of supply chain threats and risks
-
A few techniques for securing the supply chain
-
What continuous packaging is and why it’s crucial to CI/CD pipelines
Read on for information that will ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.