Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

We Built the Kubernetes SBOM and Now You Can Write Your Own

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Discover how to create your own Software Bill of Materials (SBOM) in this informative conference talk from KubeCon + CloudNativeCon Europe 2022. Explore the journey of the Kubernetes Release Engineering team in developing an SBOM for Kubernetes, and learn about the tools and libraries they created to help developers generate SPDX-compliant Bills of Materials for their own projects. Gain insights into the importance of SBOMs in the software supply chain, the benefits for developers and operators, and the intricacies of the SPDX standard. Watch a live demonstration of building an SPDX SBOM using the tools discussed, and understand how to implement automatic license detection for files and container images. Delve into topics such as Kubernetes container images, release processes, declarative SBOM definitions, and future plans for enhancing software transparency and security.

Syllabus

Intro
Kubernetes Container Images
Kubernetes Release Overview
Our Mission
SBOM Definition
Kubernetes Release
Building the SBOM
Linear Response
Linux Foundation
SPDX
Building a better Kubernetes system
Creating a bill of materials
Declarative SBOM definition
Demo
Test Project
Output Director
Overview
Licensing
Git Ignore
Visualization
Structure
Provenance
attestation
future plans

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of We Built the Kubernetes SBOM and Now You Can Write Your Own

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.