Topics include Supply Chain Security, Vulnerability Management, Neat Tricks, and Contributor insights.
On December 14, 2022 the Ortelius community hosted the 1st ‘Holiday Gathering’ to celebrate the community committers of Ortelius, discuss microservice best practices, supply chain management and challenges of implementing a truly shared component-driven architecture. It was hosted on the Ortelius Twitch TV Channel giving our committers a platform for presenting technical topics. The first hour was hosted live via zoom. Below are links to the on-demand recordings from the December 14th event.
Thank you to all who participated and attended.
9:00 AM - 10:00 AM Beer and Donuts
Dining with Abraham Ortelius Presented by Sacha Wharton and Arvind Singharpuria Join Sacha Wharton and Arvind Singharpuria as they review a menu of tools you can use to become an Ortelius ‘Champion’ contributor. Arvind will cover what is required from a personal time commitment. Sacha will walk through the menu of tools he uses to contribute code. This 45 minute session will be packed with information. It is a full 7 course meal of tools and tips.
Using the Ortelius CI/CD Command Line Interface
Presented by Steve Taylor
Learn how to easily integrate Ortelius into your DevOps Pipeline, including the generation of SBOMs if you have not already done so. Steve Taylor walks through how to setup your CI/CD pipeline using the Ortelius Command Line Interface to automate the storing of your supply chain evidence with Ortelius.
The Ortelius Evidence Store of SBOMs Presented by Tracy Ragan Generating an SBOM for a decomposed application can be a massive undertaking. Each dependency has its own build, SBOM and CVE. Creating a single SBOM for the application as a complete software system requires knowing the dependencies and pulling together all of the unique SBOMs into one. Ortelius makes this easy by integrating into your CD Pipeline to store and aggregate this level of information for every logical release candidate. Tracy shows us how it is done.
What is a ’logical’ application in a cloud-native environment? Presented by Joseph Akayesi The growing adoption of microservices has caused an equal growth in application complexity. However, such complexities need not trickle down into the way that we track and version our application’s supply chain. An application in a cloud-native environment can have the ease of a monoliths if we define clear ways to show the ’logical’ application’s dependencies, SBOMs and metadata. Ortelius is one way to get the job done.
The Ortelius XRP Ledger Project - Learn what they are up to Presented by Utkarsh Sharma Many of you are aware that Ortelius received funding to create an immutable SBOM ledger using XRP. Join Utkarsh as he reviews the status of this very important Ortelius project. He will give us insights into how the team is implementing blockchain NFTs to capture SBOMs and how SBOM data is being condensed so it is manageable. This session is important for anyone interested in joining the working group and getting paid for their efforts through bounties.