Updates and recent posts about Sigstore..

Posts
Description

Link

@faun shared a link, 8 months, 3 weeks ago

FAUN.dev()

v1.34: Of Wind & Will (O' WaW)

Kubernetes v1.34 drops with58 updates, and23 just hit stable. Highlights: Dynamic Resource Allocation (DRA), per-Pod resource limits, and secure image pulls using Pod-specific ServiceAccount tokens. Scalability gets a lift from streaming list responses. Security tightens with finer anonymous auth r.. read more

Link

@faun shared a link, 8 months, 3 weeks ago

FAUN.dev()

Kubernetes v1.34 brings networking refinements for cloud-native infrastructure

Kubernetes 1.34 comes packed withnetworking upgradesbuilt for scale. Less overhead. Fewer headaches. Easier to run big clusters without sweating packet flows. This triannual release keeps pushing the envelope for both cloud-native setups and the on-prem diehards... read more

Link

@faun shared a link, 8 months, 3 weeks ago

FAUN.dev()

Evolving Kubernetes for generative AI inference

Google Cloud, ByteDance, and Red Hat are wiring AI smarts straight intoKubernetes. Think: faster inference benchmarks, smarter LLM-aware routing, and on-the-fly resource juggling—all built to handle GenAI heat. Their new push,llm-d, bakesvLLMdeep into Kubernetes. That unlocks disaggregated serving .. read more

Link

@faun shared a link, 8 months, 3 weeks ago

FAUN.dev()

The architecture of AI is different from all of the computing that came before it

AI is breaking open source out of its old habits. Compute-heavy models now demand GPU-first stacks, leaner infrastructure, and fresh rules for how we build and scale. Jonathan Bryce points out: scalability and reliability still matter—but AI’s deployment needs throw the old architecture playbook ou.. read more

Link

@faun shared a link, 8 months, 3 weeks ago

FAUN.dev()

From Novice to Pro: Mastering Lightweight Linux for Your Kubernetes Project

Alpine, Flatcar, Fedora CoreOS, Talos, and Ubuntu Core are carving out strong niches as Kubernetes-first base OSes. Each leans into immutability, container-native design, and just enough system overhead to get out of the way. That lean profile isn’t just a flex—it means lower resource drag and a de.. read more

Story

@laura_garcia shared a post, 8 months, 3 weeks ago

Software Developer, RELIANOID

💡 What is a VIP Load Balancer?

AVIP (Virtual IP)load balancer distributes traffic across multiple servers using a single IP. It ensures: ✅ Scalability ✅ High availability ✅ Session persistence ✅ Smart traffic routing 🚀RELIANOIDtakes VIP load balancing to the next level with: 🔒 SSL offloading 📊 Dynamic health monitoring ⚖️ Advance..

Link

@anjali shared a link, 8 months, 3 weeks ago

Customer Marketing Manager, Last9

A Practical Guide to Python Application Performance Monitoring(APM)

Monitor, debug, and optimize Python apps in production with APM—track transactions, DB queries, errors, and external calls.

Story

@idjuric660 shared a post, 8 months, 3 weeks ago

Technical Content Writer, Mailtrap

How to Send Emails from Supabase using SMTP or Email API

Whether you’re confirming user signups, sending notifications, or automating workflows, Supabase makes it easy to integrate and send emails with SMTP or third-party APIs. And in this guide, I’ll walk you through every step of the process, including: - Sending emails using Supabase Auth[click here to..

Link

@anjali shared a link, 8 months, 3 weeks ago

Customer Marketing Manager, Last9

APM Logs: How to Get Started for Faster Debugging

Understand how APM logs connect metrics, traces, and events to speed up debugging and uncover root causes faster.

Link

@anjali shared a link, 8 months, 3 weeks ago

Customer Marketing Manager, Last9

OpenTelemetry API vs SDK: Understanding the Architecture

Understand how the OpenTelemetry API and SDK work together, clean instrumentation in code, and flexible data processing in configuration.

Sigstore is an open source initiative designed to make software artifact signing and verification simple, automatic, and widely accessible. Its primary goal is to improve software supply chain security by enabling developers and organizations to cryptographically prove the origin and integrity of the software they build and distribute.

At its core, sigstore removes many of the traditional barriers associated with code signing. Instead of managing long-lived private keys manually, sigstore supports keyless signing, where identities are issued dynamically using OpenID Connect (OIDC) providers such as GitHub Actions, Google, or Microsoft. This dramatically lowers operational complexity and reduces the risk of key compromise.

The sigstore ecosystem is composed of several key components:

- Cosign: A tool for signing, verifying, and storing signatures for container images and other artifacts. Signatures are stored alongside artifacts in OCI registries, rather than embedded in them.

- Fulcio: A certificate authority that issues short-lived X.509 certificates based on OIDC identities, enabling keyless signing.

- Rekor: A transparency log that records signing events in an append-only, tamper-evident ledger. This provides public auditability and detection of suspicious or malicious signing activity.

Together, these components allow anyone to verify who built an artifact, when it was built, and whether it has been tampered with, using publicly verifiable cryptographic proofs. This aligns closely with modern supply chain security practices such as SLSA (Supply-chain Levels for Software Artifacts).

sigstore is widely adopted in the cloud-native ecosystem and integrates with tools like Kubernetes, container registries, CI/CD pipelines, and package managers. It is commonly used to sign container images, Helm charts, binaries, and SBOMs, and is increasingly becoming a baseline security requirement for production software delivery.

The project is governed by the OpenSSF (Open Source Security Foundation) and supported by major industry players.