Explore a safer approach to the popular "curl | bash" method for cloud deployments in this 27-minute conference talk by Carolyn Van Slyck from Microsoft. Learn why the conventional curl-to-bash technique is considered insecure and discover how to transform risky bash scripts into safer, production-ready one-liner installations. Gain insights on leveraging Porter and Notary to enhance security while maintaining the simplicity of instant deployment. Understand the benefits of using bundles to mitigate risks, techniques for incorporating existing tools and scripts into bundles, and envision a more secure user experience for one-line installations in cloud-native application deployments.
Overview
Syllabus
A Safer Curl | Bash for the Cloud - Carolyn Van Slyck, Microsoft
Taught by
CNCF [Cloud Native Computing Foundation]