We’re hosting a Continuous Delivery Mini Summit in co-location with Open Source Summit Europe 2022 on September 12, from 9:00-12:30 in Dublin, Ireland.
This half-day event aims to connect the Continuous Delivery community—from leaders, industry experts, practitioners, and open source developers—to share and discuss how to improve the world’s capacity to deliver software with security and speed.
It’ll be a great chance to catch up, learn from each other, and hear about the latest trends in Continuous Delivery.
Thank you to everyone who submitted a talk for this surprise event! 🎉
|Time||Session Title||Session Type||Speakers||Abstracts|
|09:00||Welcome Session||Opening||Fatih Degirmenci, CD Foundation||Fatih will take a few minutes to welcome everyone to the CD Mini Summit.|
|09:10||Fidelity’s Golden Pathways||Presentation||Alan Harney & Brian Neary, Fidelity Investments||Reducing the cognitive load on our engineers and building best practice into our continuous delivery/deployment pipelines is paramount to improving stability, resiliency, velocity of value and improving productivity of engineers. This is where our golden pathways come in – building common reusable pipeline platforms with our best practice baked in, removing the need for time-consuming snowflake automation.|
|09:40||Shortening the feedback loop with Preview Environments in Jenkins X||Presentation||Christoffer Vig, CoWork||Rapid feedback is an essential piece of Continuous Delivery. We need to see how the new feature will behave in a production environment, or something as close to production as possible. If the feature is judged OK, we may release, or else, adjust. Jenkins X creates a new preview environment for each new pull request, deploying the application under test into a new configurable namespace in Kubernetes. |
I want to show you some tools you can use to modify the preview environment to make it more production-like. This moves the feedback loop and the judgment of new features to an early phase, thereby increasing the quality and speed of Continuous Delivery.
|10:10||You Can’t Secure Your Software Supply Chain Without a Pipeline||Presentation||Lori Lorusso, JFrog||Delivering software fast is one piece of the CI/CD puzzle, but delivering it securely is a problem the CDF is working to solve. Developers are no longer thinking about shifting left, the shift has happened. To help ensure a secure SDLC, the CDF is investing in security solutions and wants your help to find and invest more into projects that work to solve this issue. With your help we can secure the software supply chain – it all starts with the pipeline.|
|11:00||Events in Action With Spinnaker, Tekton and Keptn||Presentation||Jalander Ramagiri, Adam Kenihan, Ericsson Software Technology||Many organizations use more than one CI/CD tools as part of their pipelines and most of the time the organizations implement their own glue code in order to make the tools work with each other. Due to these concerns, CDEvents project hosted by the CDF started working on a common specification for Continuous Delivery events based on CloudEvents hosted by the Cloud Native Computing Foundation (CNCF). |
CDEvents enables interoperability in the complete software production ecosystem, helping CI/CD tools and services to communicate with each other about occurrences in a CI/CD ecosystem. As part of its work, the community created a Go-SDK to introduce native CDEvents support to various cloud native CI/CD technologies such as Keptn and Tekton. A new Java-SDK has also been developed to bring other CI/CD technologies into the picture such as Spinnaker. In this session, we will talk about the interoperability challenges within the CI/CD ecosystem and how CDEvents aims to overcome those.
|11:30||Keyless Signing with Tekton and Sigstore||Presentation||Billy Lynch, Chainguard||Increased vulnerabilities and attacks in open source have made software supply chain security a critical priority for CI/CD systems. One solution that is quickly growing in adoption is Sigstore, an Open Source Security Foundation (OpenSSF) project for signing, verifying, and protecting software supply chains. |
In this talk, you’ll learn how Sigstore works, how you can leverage Sigstore with tools like Tekton to build CI pipelines to sign artifacts, and how this all fits into software supply chain security frameworks like SLSA. We’ll take a look at how you can use features like Sigstore’s keyless signing to easily sign artifacts with your Tekton workload’s own identity without needing to provision long-lived credentials!
|12:00||CD and Software Supply Chain Panel||Panel||Lori Lorusso, JFrog; Andrea Frittoli, IBM; Ger McMahon, Fidelity Investments, Georg Kunz, Ericsson; and Mark Chmarny, Google||The Panel, moderated by Lori, will discuss Continuous Delivery and the Software Supply Chain with experts from various parts of the industry.|
|12:30||Closing Words||Closing||Fatih Degirmenci, CD Foundation||Fatih will say a few words to close the event.|
Thank you to our program committee for making this possible and putting a great program together.
- Andrea Frittoli, IBM
- Brad McCoy, Basiq
- Kara de la Marck, CD Foundation
- Lori Lorusso, JFrog
- Mark Chmarny, Google
- Oleg Nenashev, Dynatrace
To attend the Continuous Delivery Summit, you need to register for Open Source Summit Europe and add the Mini Summit as a free add-on!
Already registered for Open Source Summit Europe?
Then great news! You simply have to modify your registration to add the Continuous Delivery Mini Summit for free!
Limited Seating: The event will be open to everyone who registered, but there are a limited number of seats and they will be allocated to first-come, first-served. So grab a coffee and get there early!
Read the event’s Code of Conduct and Health and Safety Requirements.
Tell everyone you’re attending
Share the event with other folks and get them to join in on the fun!
Tweet @CDeliveryFdn #CDMiniSummit
Social Media graphic ⬇️
If you have any questions, email email@example.com.