It turns out that there are different ways to architect a CICD pipeline that might be more or less sensitive to a breach.
This just doesn't come down to whether you use a cloud-hosted CICD service (eg CircleCI or Travis), or if you self host your runners (eg using a Jenkins server).
What really matters is:
To illustrate these points, Sharon will walk through a few different architectures that she's seen in the wild, discuss their strengths and weaknesses, and finally present some neat tricks that everyone should know about, including using sigstore to harden your build pipeline.
It turns out that there are different ways to architect a CICD pipeline that might be more or less sensitive to a breach.
This just doesn't come down to whether you use a cloud-hosted CICD service (eg CircleCI or Travis), or if you self host your runners (eg using a Jenkins server).
What really matters is:
To illustrate these points, Sharon will walk through a few different architectures that she's seen in the wild, discuss their strengths and weaknesses, and finally present some neat tricks that everyone should know about, including using sigstore to harden your build pipeline.
