Skip to content
Part two This is the second post in a three-part series on how Cilium hardens its CI/CD pipeline. Part 1 covered access control: who can trigger builds and what code CI is allowed to execute. This post covers the dependency layer: what code those builds pull in, and how we make sure it hasn’t been tampered with. Locking down dependencies Once you control who triggers builds, the next question is w...
Securing CI/CD for an open source project: Locking down dependencies | Huntaegis