Who Are You Building For: Pipelines Have a Purpose

Resources:

• View Full-Screen Presentation
• Watch Recording
• Session Details

Software is built for a purpose. The same property applies to build platforms!

We will show you how we are leveraging Tekton and Tekton Chains at Red Hat to create a build platform that meets developers where they are at. Developers start with the pipeline defined in their git repository – free for them to modify and update on their terms, with Tekton tasks ready to scan artifacts for vulnerabilities and Renovate pre-configured to help keep dependencies up to date.

This platform helps make sure that the artifacts are going somewhere. Using the detailed SLSA Provenance generated by Tekton Chains, the build platform enables policy driven development. Developers can see in their PRs whether they are on track to meet the target’s requirements – whether it is pushing to a development or production environment. Gone are the days saying “I didn’t know I had to do that!”

We won’t send the artifacts just anywhere, however, as we can tailor policies to ensure that you are meeting all of the requirements. The platform can inspect the provenance to ensure that artifacts are built using trusted steps and all required checks are good for takeoff!

Developer Journey

This talk walks through the complete developer journey in Konflux:

1. Quick Onboarding - Zero to working pipeline in minutes
2. Pipeline Customization - Making it work for your project
3. Security Integration - Enabling vulnerability scanning and compliance
4. Hermetic Builds - Supply chain hardening with prefetch
5. Policy Violations - Learning from policy-driven development
6. Dependency Management - Automated security updates with Mintmaker
7. Release Triggers - Build once, deploy everywhere

Links

• Event: Open Source Summit NA
• Session: sched.co/1zfjl
• Konflux: konflux-ci.dev
• Tekton Chains: tekton.dev/docs/chains

Speakers: Andrew McNamara & Julen Landa Alustiza, Red Hat