SUSE Hack Week: Improve supplychain security in the build service

In the past I've worked on a set of scripts to identify potential for improvement of the supply chain within our build service. For now RPM files can be scanned for unused signature files that are available upstream and look for potentially unused https:// links, although they are available.

These scripts work on a prototype-basis, but there is a lot of follow-up work to do, e.g.:

Re-structuring and tidying up the source
Improve the API of the libraries
Implement advanced features (look through all of the existing # TODO comments)
Add test cases to make scripts and libraries more robust
Move from GitHub to internal GitLab instance
Implement robust continuous integration
Create script that will scan through the (Factory) source tree on a regular basis

No Hackers yet

Join this project Leave this project

Looking for hackers with the skills:

programming python security coding ci infrastructure script

This project is part of:

Hack Week 17

Activity

over 5 years ago: isaacschwartzman left this project.

over 5 years ago: isaacschwartzman started this project.

almost 7 years ago: kbabioch liked this project.

almost 7 years ago: kbabioch added keyword "script" to this project.

almost 7 years ago: kbabioch added keyword "python" to this project.

almost 7 years ago: kbabioch added keyword "security" to this project.

almost 7 years ago: kbabioch added keyword "coding" to this project.

almost 7 years ago: kbabioch added keyword "ci" to this project.

almost 7 years ago: kbabioch added keyword "infrastructure" to this project.

almost 7 years ago: kbabioch added keyword "programming" to this project.

almost 7 years ago: kbabioch originated this project.

Comments

Be the first to comment!

Similar Projects

This project is one of its kind!