CNCF fuzzing open source projects for security and reliability
By Chris Aniszczyk, Adam Korczynski, David Korczynski Introduction In this blog post we will present an overview of the state of fuzzing CNCF projects. We published a blog post on this in June 2022 titled Improving…
Top 5 GitOps sessions you don’t want to miss at cdCon + GitOpsCon 2023 (May 8-9 in Vancouver)!
In modern tech stacks, CI/CD enables GitOps. With so many organizations using CD and GitOps practices and technologies to build new features quickly, reliably, and securely, it was a natural evolution for the CNCF and CD…
Five minutes! Get a lightweight cloud native application control plane
Guest post by Zhongpei Qiao of Alibaba and KubeVela The continuous maturity of cloud native technology has allowed numerous infrastructure capabilities to be directly utilized by business applications. However, many developers have struggled with the high…
Helm completes fuzzing security audit
Project post originally published on Helm blog by Adam Korczynski, David Korczynski, and Martin Hickey In the past year, the team at Ada Logics has worked on integrating continuous fuzzing into the Helm core project. This was an effort…
The Notary project completes fuzzing security audit
Community post also published on the Notary blog by Adam Korczynski, David Korczynski, and Feynman Zhou Reviewed by Pritesh Bandi, Samir Kakkar, Shiwei Zhang, Toddy Mladenov, Vani Rao, Yi Zha The Notary Project is happy to…
Preserving authorship in a GitOps world with Kyverno
Community post originally posted on Neon Mirrors by Chip Zoller It seems just about everyone is doing GitOps in Kubernetes these days. With so many available tools and the maturity of them, it’s hard to avoid…
An overview of the CNCF and OSTIF impact report for the second half of 2022 and early 2023
By Chris Aniszczyk and Amir Montazery CNCF and Open Source Technology Improvement Fund (OSTIF) have been working together for the last several years to conduct security audits for CNCF’s Graduated and Incubating projects. As a result…
KubeVela brings software delivery control plane capabilities to CNCF Incubator
The CNCF Technical Oversight Committee (TOC) has voted to accept KubeVela as a CNCF incubating project. KubeVela is an application delivery engine built with the Kubernetes control plane that makes deploying and operating applications across hybrid…
Join us at cdCon + GitOpsCon, co-located with Open Source Summit North America this May 8 —9!
CNCF is excited to announce that in partnership with the CD Foundation, we will be hosting cdCon + GitOpsCon, co-located with Open Source Summit North America, from May 8 – 9 in Vancouver, Canada! We are…
By Chris Aniszczyk (also on LinkedIn) I hope everyone had enjoyed the holidays with loved ones! The CNCF recently released its annual report on all the work we accomplished last year. I recommend everyone take an opportunity to…