Join us

ContentUpdates and recent posts about Sigstore..
 Activity
environmentalbit3940
@environmentalbit3940 started using tool GNU/Linux , 1 week ago.
 Activity
environmentalbit3940
@environmentalbit3940 started using tool GitLab CI/CD , 1 week ago.
 Activity
environmentalbit3940
@environmentalbit3940 started using tool Ansible , 1 week ago.
Link
devopslinks
@devopslinks shared a link, 1 week ago
FAUN.dev()

Top 10 best practices for Amazon EMR Serverless

Amazon EMR Serverless allows users to run big data analytics frameworks without managing clusters, integrating with various AWS services for a comprehensive solution. The top 10 best practices for optimizing EMR Serverless workloads focus on performance, cost, and scalability, including consideratio.. read more  

Top 10 best practices for Amazon EMR Serverless
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Link
devopslinks
@devopslinks shared a link, 1 week ago
FAUN.dev()

AWS RDS Cost Optimization Guide: Cut Database Costs in 2026

Amazon RDS costs are not fixed - they vary based on configuration and usage. Making informed configuration and governance decisions is key to optimizing costs. Graviton instances offer better price-performance for common databases, while storage costs can be reduced by decoupling performance from ca.. read more  

AWS RDS Cost Optimization Guide: Cut Database Costs in 2026
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Link
devopslinks
@devopslinks shared a link, 1 week ago
FAUN.dev()

Introducing Agentic Observability in NGINX: Real-time MCP Traffic Monitoring

NGINX ships an open-sourceAgentic ObservabilityJS module. It parsesMCPtraffic and extracts tool names, error statuses, and client/server identities. The module uses nativeOpenTelemetryto export spans. A Docker Compose reference wires upOTel collector,Prometheus, andGrafanafor realtime throughput, la.. read more  

Introducing Agentic Observability in NGINX: Real-time MCP Traffic Monitoring
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Link
devopslinks
@devopslinks shared a link, 1 week ago
FAUN.dev()

Building a Database on S3

This paper from 2008 proposes a shared-disk design over Amazon S3 for cloud-native databases, separating storage from compute. Clients write redo logs to Amazon SQS instead of directly to S3 to hide latency. The paper presents a blueprint for serverless databases before the term existed... read more  

Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Link
devopslinks
@devopslinks shared a link, 1 week ago
FAUN.dev()

AI Isn't Replacing SREs. It's Deskilling Them.

This post discusses the impact of AI on the role of Site Reliability Engineers (SREs) by drawing parallels to historical research on automation. It highlights the risk of deskilling and never-skilling for SREs who heavily rely on AI tools for incident response. The post also suggests potential appro.. read more  

Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Course
eon01
@eon01 published a course, 1 week ago
Founder, FAUN.dev

Learn Git in a Day

#DevOps  #version...  #vcs  #git  #gitlab 
GitLab git Ubuntu

Everything you need, nothing you don't

Learn Git in a Day
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email

|

Sell your course on FAUN.dev
 Activity
shurup
@shurup gave 🐾 to Helm Cheat Sheet: Everything You Need to Know to Start Using Helm , 1 week, 3 days ago.
Sigstore is an open source initiative designed to make software artifact signing and verification simple, automatic, and widely accessible. Its primary goal is to improve software supply chain security by enabling developers and organizations to cryptographically prove the origin and integrity of the software they build and distribute.

At its core, sigstore removes many of the traditional barriers associated with code signing. Instead of managing long-lived private keys manually, sigstore supports keyless signing, where identities are issued dynamically using OpenID Connect (OIDC) providers such as GitHub Actions, Google, or Microsoft. This dramatically lowers operational complexity and reduces the risk of key compromise.

The sigstore ecosystem is composed of several key components:

- Cosign: A tool for signing, verifying, and storing signatures for container images and other artifacts. Signatures are stored alongside artifacts in OCI registries, rather than embedded in them.

- Fulcio: A certificate authority that issues short-lived X.509 certificates based on OIDC identities, enabling keyless signing.

- Rekor: A transparency log that records signing events in an append-only, tamper-evident ledger. This provides public auditability and detection of suspicious or malicious signing activity.

Together, these components allow anyone to verify who built an artifact, when it was built, and whether it has been tampered with, using publicly verifiable cryptographic proofs. This aligns closely with modern supply chain security practices such as SLSA (Supply-chain Levels for Software Artifacts).

sigstore is widely adopted in the cloud-native ecosystem and integrates with tools like Kubernetes, container registries, CI/CD pipelines, and package managers. It is commonly used to sign container images, Helm charts, binaries, and SBOMs, and is increasingly becoming a baseline security requirement for production software delivery.

The project is governed by the OpenSSF (Open Source Security Foundation) and supported by major industry players.