Improve supplychain security in the build service
an idea by kbabioch
Updated over 1 year ago. 1 hackers ♥️. 1 follower. Has no hacker: grab it!

In the past I've worked on a set of scripts to identify potential for improvement of the supply chain within our build service. For now RPM files can be scanned for unused signature files that are available upstream and look for potentially unused https:// links, although they are available.

These scripts work on a prototype-basis, but there is a lot of follow-up work to do, e.g.:

  • Re-structuring and tidying up the source
  • Improve the API of the libraries
  • Implement advanced features (look through all of the existing # TODO comments)
  • Add test cases to make scripts and libraries more robust
  • Move from GitHub to internal GitLab instance
  • Implement robust continuous integration
  • Create script that will scan through the (Factory) source tree on a regular basis

No Hackers yet

Join this project

Looking for hackers with the skills:

programming python security coding ci infrastructure script

This project is part of:

Hack Week 17

Activity

  • over 1 year ago: isaacschwartzman left this project.
  • over 1 year ago: isaacschwartzman started this project.
  • almost 3 years ago: kbabioch liked this project.
  • almost 3 years ago: kbabioch added keyword "script" to this project.
  • almost 3 years ago: kbabioch added keyword "python" to this project.
  • almost 3 years ago: kbabioch added keyword "security" to this project.
  • almost 3 years ago: kbabioch added keyword "coding" to this project.
  • almost 3 years ago: kbabioch added keyword "ci" to this project.
  • almost 3 years ago: kbabioch added keyword "infrastructure" to this project.
  • almost 3 years ago: kbabioch added keyword "programming" to this project.

    • All Activity

    Comments

    Be the first to comment!

    Similar Projects

    Learn python, python-gtk3, play with orangepi zero, experiment ili9341 and 20x4 LCD screen by aginies

    Project Description

    Learn python: get dat...

    Uyuni/SUSE Manager: build Python APE and a Salt+Python bundle to support ANY client operating system by pagarcia

    Uyuni/SUSE Manager build client tools for each ...

    Language Server Protocol implementation for Salt States by cbosdonnat

    [Language Server Protocol](https://microsoft.gi...

    Learn python by building a homepage with Flask by mbrugger

    I thought it would be time to learn a new progr...

    Testing and adding GNU/Linux distributions on Uyuni by juliogonzalezgil

    Join the Gitter channel! [https://gitter.im/uy...

    Kanidm - A modern opensource IDM by firstyear

    Project Description

    Kanidm is a modern, fas...

    Dawnscanner: revive the project and create an RPM package by pperego

    [comment]: # (Please use the project descriptio...

    Make geekos app available in SUSE EKS cluster by digitaltomm

    The current [geekos install](http://geekos.prv....

    Predictive test selection for SUSE Manager by jordimassaguerpla

    I once had a bad dream.

    I started good, a su...

    multipath-tools: improve CI by mwilck

    Project Description

    multipath-tools is ...

    Improve openSUSE infrastructure by lrupp

    There is always something to do if you run the ...