Updates and recent posts about Sigstore..

Posts
Description

Link

@devopslinks shared a link, 2 months, 1 week ago

FAUN.dev()

Demystifying : Why You Shouldn’t Fear Observability in Traditional Environments

OpenTelemetry is friendly with the past. It now pipesreal-time observability into legacy systems- no code rewrite, no drama. Pull structured metrics straight from raw logs, Windows PDH counters, or SQL Server stats. It doesn’t stop there. Got MQTT-based IoT gear? OTLP export or lightweight adapters .. read more

Link

@devopslinks shared a link, 2 months, 1 week ago

FAUN.dev()

The only Terraform pipeline you will ever need: GitHub Actions for Multi-Environment Deployments

A sharp new GitHub Actions pipeline can now sniff out which Terraform environments changed - anywhere in the repo, no matter how nested - and run them in parallel. Fast, clean, and automatic. It leans onmatrix jobs,Checkovfor static analysis,Workload Identity Federationfor secure cloud access (no ha.. read more

Link

@devopslinks shared a link, 2 months, 1 week ago

FAUN.dev()

CloudBees CEO: Why Migration Is a Mirage Costing You Millions

A new CloudBees survey shows 57% of enterprises dropped over $1M on cloud migrations last year. Each effort blew past budget by an average of $315K. The kicker? Many teams still treatmodernization as migration- a shortcut that usually leads to drained budgets, burned-out devs, and delays in shipping.. read more

Link

@devopslinks shared a link, 2 months, 1 week ago

FAUN.dev()

Scaling PostgreSQL to power 800 million ChatGPT users

OpenAI pushedPostgreSQLto handle millions of QPS across 800M users. How? Nearly 50 read replicas, heavy read offloading, and serious trimming on write pressure. Writes? Sent elsewhere. Sharded systems likeCosmosDB, lazy writes, and app-level tweaks helped sidestep PostgreSQL’sMVCCwrite amplification.. read more

Link

@devopslinks shared a link, 2 months, 1 week ago

FAUN.dev()

How GEICO lowered its $300M cloud spend and decoupled security from the network

GEICO's IT infrastructure transformation journey highlights the shift from legacy network-centric security model to a more modern, identity-first approach. By centralizing identity and secrets management using HashiCorp Vault, GEICO improved security, reliability, and compliance across their hybrid .. read more

Course

@eon01 published a course, 2 months, 1 week ago

Founder, FAUN.dev

Painless Docker - 2nd Edition

#DevOps #DevSecO... #Docker ... #Docker ... #docker

A Comprehensive Guide to Mastering Docker and its Ecosystem

Story

@laura_garcia shared a post, 2 months, 1 week ago

Software Developer, RELIANOID

🚀 FinovateEurope 2026

📍 London, UK | 🗓️ 10–11 February 2026 Market-ready innovations. Executive-level networking. Inspiring insights. FinovateEurope brings together banking leaders, fintech innovators, investors, and technology providers to shape the future of financial services at a critical moment for the global fint..

Activity

@jordanunix posted an event DevOpsDayLA at SCALE23x The Southern California Linux and Open Source Expo by DevOpsDayLA , 2 months, 1 week ago.

News FAUN.dev() Team

@kala shared an update, 2 months, 1 week ago

FAUN.dev()

This Is the First AI That Helped Build Itself - Meet GPT-5.3-Codex

#cyberse... #GPT-5.3... #coding ... #SWE-Ben... #Termina...

GPT-5.3-Codex, an advanced model, enhances coding performance and reasoning, operating 25% faster than its predecessor. It excels in industry benchmarks, supports the software lifecycle, and can autonomously build complex applications. The model is available on multiple platforms with plans for API access.

This Is the First AI That Helped Build Itself - Meet GPT-5.3-Codex

Activity

@kala added a new tool GPT-5.3-Codex , 2 months, 1 week ago.

Sigstore is an open source initiative designed to make software artifact signing and verification simple, automatic, and widely accessible. Its primary goal is to improve software supply chain security by enabling developers and organizations to cryptographically prove the origin and integrity of the software they build and distribute.

At its core, sigstore removes many of the traditional barriers associated with code signing. Instead of managing long-lived private keys manually, sigstore supports keyless signing, where identities are issued dynamically using OpenID Connect (OIDC) providers such as GitHub Actions, Google, or Microsoft. This dramatically lowers operational complexity and reduces the risk of key compromise.

The sigstore ecosystem is composed of several key components:

- Cosign: A tool for signing, verifying, and storing signatures for container images and other artifacts. Signatures are stored alongside artifacts in OCI registries, rather than embedded in them.

- Fulcio: A certificate authority that issues short-lived X.509 certificates based on OIDC identities, enabling keyless signing.

- Rekor: A transparency log that records signing events in an append-only, tamper-evident ledger. This provides public auditability and detection of suspicious or malicious signing activity.

Together, these components allow anyone to verify who built an artifact, when it was built, and whether it has been tampered with, using publicly verifiable cryptographic proofs. This aligns closely with modern supply chain security practices such as SLSA (Supply-chain Levels for Software Artifacts).

sigstore is widely adopted in the cloud-native ecosystem and integrates with tools like Kubernetes, container registries, CI/CD pipelines, and package managers. It is commonly used to sign container images, Helm charts, binaries, and SBOMs, and is increasingly becoming a baseline security requirement for production software delivery.

The project is governed by the OpenSSF (Open Source Security Foundation) and supported by major industry players.