Building a Secure Supply Chain with Docker
0 likes465 views
The document details a presentation by Ashwini Oruganti and Andy Clemenko on Docker Inc.'s Docker EE signing and scanning promotion processes, which emphasize improved automation over manual and cumbersome methods. It outlines workflows for developers, including automatic image promotion and access control for repositories. It also mentions a free demo of Docker EE hosted services available on their website.
More Related Content
![Learning the Alphabet: A/B, CD and [E-Z] in the Docker Datacenter by Brett Ti...](https://cdn.slidesharecdn.com/ss_thumbnails/alphabet-160624232958-thumbnail.jpg?width=560&fit=bounds)
Similar to Building a Secure Supply Chain with Docker (20)
![From Curiosity to ROI — Cost-Benefit Analysis of Agentic Automation [3/6]](https://cdn.slidesharecdn.com/ss_thumbnails/session-3-250903141006-a3917e1a-thumbnail.jpg?width=560&fit=bounds)
Building a Secure Supply Chain with Docker
- 1. Secure Supply Chain Security Engineer - Docker inc. Ashwini Oruganti Solutions Architect - Docker inc. Andy Clemenko
- 6. • Manual • Cumbersome • Multiple sources
- 7. Legos?
- 8. Fire?
- 14. Automated builds
- 20. 321
- 21. docker trust
- 22. Demo Signing Policy + docker trust
- 26. Image Promotion ! Promotes “blessed” images from one repository to another ! Repositories each have their own access control ! Images can be re-tagged automatically to a new tag ! Can be done “manually” or automatically by a “policy” dev / qa / staging / prod /
- 27. Demo git commit -sam "updated app.py” && git push
- 28. Workflow Git
- 31. Workflow Git CI Build/Pull Push CI Pull & Sign DTR Private Repo Scan/Promote
- 32. Workflow Git CI Build/Pull Push CI Pull & Sign DTR Private Repo Scan/Promote DTR Public Repo
- 33. Docker EE Hosted Demo ● Free 4 Hour Demo ● No Servers Required ● Full Docker EE Cluster Access docker.com/trial