Loading…
In-person + Virtual
October 11-15
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2021 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Daylight Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Thursday, October 14 • 11:55am - 12:30pm
A Safer Curl | Bash for the Cloud - Carolyn Van Slyck, Microsoft

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Most of us have used curl to download a script and run it immediately. Using curl | bash provides instant gratification. We can quickly get up and running with an application without requiring a steep learning curve or a strong attention span. Unfortunately, the common advice is that this is not safe! But what if it was?

Let's walk through how we can work with people's natural tendencies, keep the one-liner and make it more secure. We will use Porter and Notary to transform an example cloud-native application deployment from a dicey bash script, executed with bash and hope, into a safer one-liner installation that was designed to be used in production.

You will learn:
  • Why curling a script to bash is insecure, and why bundles mitigate those risks.
  • How to reuse existing tools and scripts in a bundle, without starting over from scratch.
  • What a safer one-line user experience could look like.

Speakers
avatar for Carolyn Van Slyck

Carolyn Van Slyck

Principal Software Engineer, Microsoft
Carolyn is a software developer based in the wilds of suburban Chicago, working remote on the Microsoft Azure team. Her passion is developer tools, and building vibrant inclusive open-source communities around them.Carolyn is a maintainer for Porter and the Cloud Native Application... Read More →


slides pdf

Thursday October 14, 2021 11:55am - 12:30pm PDT
Petree Hall D + Online