Improve supplychain security in the build service
an idea by kbabioch
Updated 3 months ago. 1 hackers ♥️. 1 follower. Has no hacker: grab it!

In the past I've worked on a set of scripts to identify potential for improvement of the supply chain within our build service. For now RPM files can be scanned for unused signature files that are available upstream and look for potentially unused https:// links, although they are available.

These scripts work on a prototype-basis, but there is a lot of follow-up work to do, e.g.:

  • Re-structuring and tidying up the source
  • Improve the API of the libraries
  • Implement advanced features (look through all of the existing # TODO comments)
  • Add test cases to make scripts and libraries more robust
  • Move from GitHub to internal GitLab instance
  • Implement robust continuous integration
  • Create script that will scan through the (Factory) source tree on a regular basis

No Hackers:

Join this project

Looking for mad skills in:

programming python security coding ci infrastructure script

This project is part of:

Hack Week 17

Activity

  • 3 months ago: isaacschwartzman left Improve supplychain security in the build service
  • 3 months ago: isaacschwartzman started Improve supplychain security in the build service
  • over 1 year ago: kbabioch liked Improve supplychain security in the build service
  • over 1 year ago: kbabioch added keyword "script" to Improve supplychain security in the build service
  • over 1 year ago: kbabioch added keyword "infrastructure" to Improve supplychain security in the build service

    • Show History

    Comments

    Be the first to comment!

    Similar Projects

    June Circuits '19 by ammartinez

    Circuits is a coding marathon to challenge deve...

    Make "salt-toaster" available to be used outside SUSE by PSuarezHernandez

    The salt-toaster (https://github.com/openSUSE...

    Finish packaging Angr in OBS by a_faerber

    Following a FOSDEM presentation on [Angr](http:...

    Evaluate mirrormanager (or mirrormanager2) for download.opensuse.org mirror management by lrupp

    As there is no progress around [MIrrorPinky](ht...

    Porting Askbot to Python 3 by rbueker

    During the last year Askbot, a question and ans...

    Uyuni: improve spacewalk-repo-sync performance by moio

    Let's make reposync faster

    Every day,

    ...

    libpathrs by cyphar

    The plan is to implement a safe path resolution...

    June Circuits '19 by ammartinez

    Circuits is a coding marathon to challenge deve...

    obsci - a CI for open build service packages by tbechtold

    Currently it's pretty difficult to create tests...