Improve supplychain security in the build service
an idea by kbabioch
Updated almost 4 years ago. 1 hackers ♥️. 1 follower. Has no hacker: grab it!

In the past I've worked on a set of scripts to identify potential for improvement of the supply chain within our build service. For now RPM files can be scanned for unused signature files that are available upstream and look for potentially unused https:// links, although they are available.

These scripts work on a prototype-basis, but there is a lot of follow-up work to do, e.g.:

  • Re-structuring and tidying up the source
  • Improve the API of the libraries
  • Implement advanced features (look through all of the existing # TODO comments)
  • Add test cases to make scripts and libraries more robust
  • Move from GitHub to internal GitLab instance
  • Implement robust continuous integration
  • Create script that will scan through the (Factory) source tree on a regular basis

No Hackers yet

Join this project

Looking for hackers with the skills:

programming python security coding ci infrastructure script

This project is part of:

Hack Week 17

Activity

  • almost 4 years ago: isaacschwartzman left this project.
  • almost 4 years ago: isaacschwartzman started this project.
  • almost 5 years ago: kbabioch liked this project.
  • almost 5 years ago: kbabioch added keyword "script" to this project.
  • almost 5 years ago: kbabioch added keyword "python" to this project.
  • almost 5 years ago: kbabioch added keyword "security" to this project.
  • almost 5 years ago: kbabioch added keyword "coding" to this project.
  • almost 5 years ago: kbabioch added keyword "ci" to this project.
  • almost 5 years ago: kbabioch added keyword "infrastructure" to this project.
  • almost 5 years ago: kbabioch added keyword "programming" to this project.
  • almost 5 years ago: kbabioch originated this project.


    • Comments

    Be the first to comment!

    Similar Projects

    Give some love to spec-cleaner by kstreitova

    Project Description

    spec-cleaner is an open...

    OSSelot collaboration on legal reviews of community packages by lkocman

    [comment]: # (Please use the project descriptio...

    Linux Immersive Learning System (LILS) by dgarcia

    [comment]: # (Please use the project descriptio...

    zypper plugin for discovering reverse dependencies by bzoltan1

    Often when we test maintenance updates or when ...

    Testing and adding GNU/Linux distributions on Uyuni by juliogonzalezgil

    Join the Gitter channel! [https://gitter.im/uy...

    Rancher Token Revoker by mbolot

    [comment]: # (Please use the project descriptio...

    Create tool for managing RPM package signing keys by dheidler

    [comment]: # (Please use the project descriptio...

    Run sandboxed Firefox with image and sound inside a container by nguyens

    [comment]: # (Please use the project descriptio...

    Sandboxed USB Inspection by nguyens

    [comment]: # (Please use the project descriptio...

    Expanding e2e tests on Windows self-hosted runners via CI by iguimaraes

    Achievements:

    • Documented all necessary s...