►
Description
Protecting Kubernetes Resource Manifests in End-to-end SDLC - Yuji Watanabe, IBM
A
A
But
the
main
topic
of
this
is
more
about
the
tech.
My
sharing
my
experience
in
the
community
collaboration
in
actually
in
this
single
store
and
open
system.
So
I've
explained
my
experience
in
the
public
in
the
timeline
in
this
gravitas
manifest
Integrity
area,
so
first
I'm
using
Watanabe
and
I'm
working
on
I'm
senior
technical
staff,
member
in
IBM
research
and
I'm.
A
I'm
my
main
interest
is
the
software
supply
chain
security
and
in
many
area-
and
so
I
will
explain
this
today,
so
the
first
I
will
explain
how
how
I
meet
with
secret
committee
and
how,
after
that,
how
I
engage
with
the
community
in
this
area.
So,
finally,
I
will
explain
that
our
more
future
goal
around
entering
the
software
supply
chain.
A
So
this
is
the
kind
of
motivation
I'm
originally
had
so
the
maybe
you
see
a
lot
of
the
instruction
like
this
download
car
download
script
from
Network
then
to
some
shapescript
example.
The
other
example
is
if
you
deploy
some
application
on
the
kubernetes
cluster,
so
you
you
may
see
some
instruction
like
this.
The
cube
create
some
URL.
So
this
is
a
very
typical
instruction.
A
You
will
see
in
the
installation
instruction,
but
the
question
is:
if
this
script
is
modified,
compromised
the
you,
may
you
don't
know
what
happened
in
the
Euro
cluster,
so
same
situation
happen
also
in
the
community
manifest
like
this.
So
if
manifest
is
compromised
you
you
may
bring
the
some
but
application
to
your
custom.
A
So
this
is
a
motivation
so
before
going
to
the
details,
so
cubatus
is
basically
the
configuration
management
engine.
So
if
you
deploy
some
Young
Money
manifest
computers,
controller
changes,
your
screw
cluster
stress,
State
configuration
according
to
the
speed
manifest
so
yeah.
If
we
are
going
to
manifest,
is
compromise,
your
cluster
is
also
big
compromise,
so
so
the
Manifest
is
very
important.
A
So
the
signature
comes
comes
here.
So
if
manifest
is
succined,
you
can
check
the
Manifest
is
not
compromised
and
who
is
who
provides
that
manifest?
Then
you,
after
confirming
that
those
manifest
Integrity
you
can
deploy
the
application
to
the
cluster.
So
you
you
can
detect
the
tampering
to
the
Manifest
manifest
before
actually
deploying
the
application.
So
that's
why
we
you
we
need
signature
for
the
Aya
manifest.
A
So
then
we
initially
we
started
the
kind
of
the
yamuna
manifest
signing
and
enforcement
project
called
Integrity
Shield
it
last
year,
February
March
and
we
published
the
operator
to
the
open
operator
Hub
and
also
that
we
published
some
block
to
the
other
to
announce
our
new
new
open
source
technology.
So
this
is
a
starting
point
of
our
reactivity.
A
So
then
we
find
some
significance
status
had
a
big
announcement,
so
we
give
the
our
project
integrating
a
manifest.
Integrity
project
should
be
validated
to
the
66
towards
ultimate
goal,
so
we
contacted
the
sixth
technical
advisory
Community.
Then
they
they
gave
us
a
suggestion
which
represents
our
initial
idea
to
the
community
call
then
actually
I
joined
the
the
meeting.
A
Then
I
presented
the
idea
to
the
all
the
Secret
store
community.
Then
we
got
a
lot
of
feedbacks.
Some
alignment
is
required
with
ongoing
sexual
project,
so
send
the
last
June
last
year
that
we
have.
We
actually
put
our
part
of
the
core
component
of
the
individual
project
to
the
sales
work,
so
it
includes
manifest
signing
and
verification.
So
this
is
the
starting
point
of
the
collaboration
with
six
two.
A
So
basically,
these
two
is
the
the
programming
for
the
qvcd
equipment.
If
you
learn
the
command
like
this,
the
you,
the
Manifest
computers,
has
a
signature.
So
by
deploying
this
this
manifest
the
you.
So
every
anyone
can
verify
the
content
of
the
Manifest
is
not
tampered
so
so
for
so
that
we
add
the
two
annotation
message
and
signature
in
the
Manifest
annotation.
A
So
this
is
a
yellow,
manifest6
first
contribution,
then
we
expected
to
have
the
more
broader
collaboration
with
open
source
community.
So
after
this,
after
this,
we
got
some
contact
from
the
other
community
creators
policy
working
group,
so,
okay,
so
then
they
they
invited.
They
had
some
interest.
How
we
use
manifest
signing
in
the
to
make
the
yaml
policy
a
protect
the
camera
policy
Integrity
Integrity,
so
we
presented
our
ongoing
idea.
A
Integrity
shield
and
sixth
signing
tool
to
the
computer's
policy
working
group
called
this
early
Studio,
so
the
and
we
got
also
a
lot
of
feedback.
So
this
is
a
different
Community
from
the
sales
store,
but
they
are
also
very
interested
in
the
sixth
technology.
So
we
presented
this
same.
There
are
some
some
guys
are
many
people
are.
A
Shows
some
interest
and
one
guy
from
the
kiberino
community.
It
actually
suggested
us
to
integrate
this
new
manifest
signing
capability
to
the
kiberio
project.
Kiberno
is:
is
a
very
famous
policy
engine
calculated
pollution,
the
it's
a
protects,
the
kubota's
resource
by
based
on
the
policy,
so
they
have.
They
already
has
Integrity
policy
for
the
image
image
signature,
but
they
didn't
have
the
capability
to
verify
the
Manifest
signature
so
by
bringing
our
manifest
signing
technology
to
the
kiberino,
the
cabin
protects,
the
both
artifacts
in
images.
A
So
for
this
that
we
collaborated
with
the
cabin
committee
actually
is
submitted.
The
new
feature
extension
proposal
to
the
key
value-
and
this
is
we
have-
we
did
some
code
contribution
to
the
kiberno
in
the
latest
release.
So
it's
actually
the
published
in
the
included
in
the
table
1.8
the
the
announced
last
month
so
is
very
popular.
A
So
if
you
bring
the
caberno
policy
engine
to
the
euro
cluster,
and
then
you
sign
the
yamuna
Manifest
by
using
our
signing
tool,
then
the
you
can
protects
manifest
and
by
using
signal
6
for
signing
and
it
it
can
be
verified
at
across
the
site.
So
then
we
present
actually
that
this
is
a
very
expanded
collaboration
for
us,
so
we
started
from
60,
but
we
we
could
collaborate
with
other
committee
based
based
on
the
sing
store.
A
So
then
we
I
actually
presented
at
six
track
on
this
here,
the
in
Detroit
last
month,
the
this
one.
This
person
is
Jim
bhagwati
from
the
near
Mata.
He
is
a
member
create
from
the
contributor
to
the
kiberino
and
he
and
I
presented
need
this
new
work
on
the
six-door
camp
six
token
this
year.
So
actually
the
woman
presented
here
this
is
my
correct.
She
actually
contributed
to
the
new
version
of
the
Cubano
code,
so
she
actually
recognized
from
the
community.
That's
regarding
the
contribution
of
this.
A
So
this
is
a
very
happy
moment
for
me
that
we
could
collaborate
with
the
community
and
had
some
impact
the
to
the
to
in
this.
So
then
the
actually
the
based
on
these
six
plus
signing
manifest
signing
project
that
we
had
a
three
three
project.
Three
session
talk
at
the
cubicon
this
year,
so
one
one
is
about
the
key
bearing
integration.
Another
one
is
CD
integration
and
another
one
is
open.
Cluster
management,
integration
so
many
pieces.
A
All
these
work
are
basically
based
on
the
Yaman
manifest
signing
technology
based
with
second
store.
So
the
this
is,
this
collaboration
expand
our
activity,
a
collaboration
in
this
open,
open
source
community.
So
this
was
really
happy
moment
for
me,
so,
the
from
from
this
we
are
trying
to
create
the
so-called
end-to-end
separative.
What
what
is?
What
does
this
mean?
That,
basically,
is
a
so
make
me
make
is
produced
from
the
in
the
money
plant
and
packaged
securely.
A
But
if
we
from
the
end
user
Viewpoint,
the
the
music
must
be
delivered
securely,
the
maintained
in
your
refrigerator
refrigerator
and
then
then,
until
before
you
to
actually
drink
the
milk,
so
all
these
parts
must
be
protected.
Software
is
also
same
so
from
the
git
repo
it's
built
as
a
product
in
its
image,
but
it
also
has
produced
some
manifest
to
deployed
application.
So
then
it
comes
to
the
cluster.
The
same
employee
application
is
deployed,
so
all
these
delivery
Parts
must
be
protected,
so
so
the
maybe
you
can
easily
imagine
the
many
attack
points
here.
A
So
image
might
be,
might
be
compromised
and
manifest
might
be
compromised
before
actually
deployed
on
the
crust,
even
after
deployment
deploy
in
the
application,
and
some
attacker
comes
into
the
Clusters
and
as
Manifest
may
be
changed.
So
all
this
point
should
be
protected
by
some
by
some
mechanism.
So
our
goal
is
to
protect
those
Integrity
by
using
signature
mechanism.
Image
is
image,
signature
is
there
is
cosine,
but
we
added
another
one:
additional
signature
protection
on
the
Manifest,
so
both
image
and
manifest
can
be
protected
by
six
to
assigning
so
it
it's.
A
So
this
can
enhance
the
whole
end
to
end
the
supply
chain.
So
this
is
my
iot
I'm.
Actually,
our
team
is
working
on
this
and
it's
still
ongoing,
so
I'm
very
happy
to
join
this
community
and
collaborating
collaboration
and
I'm
I'm
looking
forward
to
working
with
you
all
the
and
in
this
very
exciting
Community.
Thank
you
so
much.