SBOMs and Supply Chain Security
A Software Bill of Materials tells you exactly what's in your software. Syft generates one, Grype scans it for CVEs. Together they're your supply chain paper trail.
Tag: ci/cd
All the articles with the tag "ci/cd".
Trivy + Cosign: Scan and Sign Your Images
You're pulling container images from strangers on the internet. Trivy scans them for CVEs. Cosign proves they haven't been tampered with. Use both.
Stop Living Dangerously on :latest Docker
Using :latest in production is a ticking time bomb. Pin your Docker image versions or watch a surprise update break everything at 2 AM.
Automating Docker via Ansible
Automate Docker container deployment with shell scripts, cron, and Ansible — stop SSHing in and restarting things by hand.