In the past I've worked on a set of scripts to identify potential for improvement of the supply chain within our build service. For now RPM files can be scanned for unused signature files that are available upstream and look for potentially unused https:// links, although they are available.

These scripts work on a prototype-basis, but there is a lot of follow-up work to do, e.g.:

  • Re-structuring and tidying up the source
  • Improve the API of the libraries
  • Implement advanced features (look through all of the existing # TODO comments)
  • Add test cases to make scripts and libraries more robust
  • Move from GitHub to internal GitLab instance
  • Implement robust continuous integration
  • Create script that will scan through the (Factory) source tree on a regular basis

Looking for mad skills in:

programming python security coding ci infrastructure script

This project is part of:

Hack Week 17

Activity

  • 9 months ago: kbabioch liked Improve supplychain security in the build service
  • 9 months ago: kbabioch added keyword "script" to Improve supplychain security in the build service
  • 9 months ago: kbabioch added keyword "infrastructure" to Improve supplychain security in the build service
  • 9 months ago: kbabioch added keyword "ci" to Improve supplychain security in the build service
  • 9 months ago: kbabioch added keyword "coding" to Improve supplychain security in the build service
  • Show History

    Comments

    Be the first to comment!

    Similar Projects

    openSUSE Xen Testing (and vice-versa) by dfaggioli

    Currently, the [Xen-Project](https://www.xenpro...


    FATE sync for Taiga by suntorytimed

    What is Taiga?

    On the first view Taiga (...


    Get Oni to work with pylint by cbosdonnat

    Fix a few bugs within [python-language-server](...


    pmpman -> why dont we automate the music on our phone / mp3 player? by osynge

    Usecase.

    • My phone / media player has le...


    Training Labs Python Port, Liberty Support and OpenSUSE 13.2 support by dguitarbite

    Porting training labs to Python. This includes ...