kubernetes Featured

Secure Docker Image Pulls from Cloudsmith to Kubernetes using OIDC

Explore how to use OpenID Connect (OIDC) to enable Kubernetes to pull Docker images from Cloudsmith without relying on long-lived credentials. This approach significantly enhances security and simplifies credential management.

Integrations

Integrating Dependabot with Cloudsmith Using OIDC

This guide will walk you through configuring GitHub Dependabot to authenticate with Cloudsmith using OIDC.

Integrations Featured

GitOps Pipelines with Codefresh and Cloudsmith

Integrating Cloudsmith, a cloud-native artifact management platform, with Codefresh enhances your CI/CD workflows in several significant ways. Read this blog to learn more about this powerful combination, and its automation of artifact handling and simplification of deployments!

Cloudsmith Featured

"Cloud Native" - Why it matters?

The difference between "Cloud Native" and "Cloud Hosted" products lies in their architecture, design philosophy, and how they leverage cloud infrastructure. Let’s break down the key distinctions.

Cloudsmith

What happens when you upload a Package?

Packages in Cloudsmith repository are so much more than just “bits on disk”, and treating them as such is really doing them a disservice!

Events

Cloudsmith is headed to Salt Lake City for KubeCon North America 2024

The Cloudsmith team is heading to KubeCon / CloudNativeCon North America in Salt Lake City, Nov ember 13-15.

Cloudsmith

How to Manage Your Package Promotion Workflows with Cloudsmith

Package promotion workflows are a great way to isolate and protect production repositories away from public upstreams, so they only receive clear and vetted packages.

Level up your private npm registries in Deno with Cloudsmith

We’re excited to announce that Deno, the modern JavaScript and TypeScript runtime, now supports private npm registries. You can now leverage Cloudsmith to securely host and share your npm modules directly within your Deno projects.

Reflecting on ShipItCon 2024: High-performing teams need flow

ShipItCon, one of Europe’s most vibrant indie tech conferences, just wrapped up in Dublin last week.  It brought together software engineers and technologists to tackle a central theme - Flow.

OIDC

Announcing the Release of Cloudsmith CLI GitHub Action 🚀

We just released the Cloudsmith CLI GitHub Action. This new GitHub Action simplifies the process of installing and pre-authenticating the Cloudsmith CLI using OpenID Connect (OIDC) or an API Key. Whether managing packages, pushing artifacts, or automating your CI/CD workflows, this action is designed to streamline your experience and

What Makes Cloudsmith Special: Reflections on 1 Year as CEO

Find out what Glenn sees as Cloudsmith's three winningest characteristics as he looks back on his first 12 months as CEO.

Using Cloudsmith as a Dependency Firewall

Cloudsmith does more than store and manage artifacts. It protects them, too. In this article, we explain how you can prevent software supply chain threats by using our platform as a vital isolation layer between your binaries and risks in public open source repositories.

5 Lessons on the Evolution From DevOps to Platform Engineering

Get the highlights from our July webinar on platform engineering, featuring senior Cloudsmithers and Humanitec's Luca Galante.

Security

Fortify Dependency Management With Cloudsmith + Dependabot

Protect ALL of your packages and deliver consistent builds by combining Dependabot's automated dependency updates with Cloudsmith's package centralization, upstream capabilities, and security controls.

Security

Implementing Zero Trust Security With Cloudsmith in 5 Steps

Learn how to strengthen and maintain your Zero Trust security posture, improve compliance, and reduce risk with Cloudsmith's armory of access, pipeline, publishing, and monitoring controls.

Kong Entrusts Cloudsmith With Global Distribution

API giant Kong has handed the reins of its software distribution to Cloudsmith. Learn why in this case study recap + video.

Featured

12 Signs of Stellar Support in an Artifact Management Vendor

Prevent buyer's remorse. Use these ‘green flags’ from our Senior Director of Customer Success to find + pick a vendor that’ll keep you moving forward whenever the unexpected threatens to hold you back.

Featured

Enhance Security with Chainguard and Cloudsmith

At Cloudsmith, we are excited to announce our support for the Chainguard Registry as an upstream source. By consolidating all your artifacts, packages, and now Chainguard Images into Cloudsmith, your organization can: * Reduce risk of attack with no/low vulnerability base images provided by Chainguard. * Effortlessly deploy and distribute your

Two Cathedrals: Cloudsmith + GitHub

Learn why using Cloudsmith with GitHub extends visibility, control + management beyond source code to your entire supply chain.

kubernetes Featured

Streamline Kubernetes Workflows with Cloudsmith

Use Cloudsmith to store your Helm charts alongside your Docker images thanks to Cloudsmith’s support for multi-format repositories. This gives you a unified platform for all your K8s needs, ensuring all your dependencies are stored, managed, and delivered from a single, secure source.

Zero Trust Pipelines with OIDC, Cloudsmith, and GitHub Actions

In CI/CD workflows, leaked credentials pose a significant threat, potentially leading to unauthorized access, data breaches, and system compromises, ultimately disrupting development pipelines and undermining the integrity of software deployment processes.

6 Must-See DevOps Talks at PlatformCon 2024

Ciara’s sifted through over 130 talks from next month's PlatformCon to shortlist the DevOps pick of the litter for you.

"My CI/CD Platform was Breached!" Now What?

On January 4, 2023, CircleCI warned its customers to rotate “any and all secrets” after a compromise by an unauthorized third party.

open source

Cloudsmith ♥ OSS

CEO Glenn Weinstein highlights Cloudsmith's support of the open source community.

Events

That's a Wrap on KubeCon 2024!

Ciara Carey reflects on her experience at the KubeCon event in Paris including her top 10 talks and current industry trends.