Verifiable GitHub Actions with eBPF - Jose Donizetti & Itay Shakury, Aqua Security
Abstract
GitHub actions have been one of the most popular ways to build and release software, with recent developments in supply chain security it became a major target for malicious attacks. A couple of years ago a widespread hack to codecov, a popular service prevalent in build pipelines, caught the industry’s attention. In response, a new solution to protect the build pipeline was created on top of Tracee, OSS Runtime Security solution, and introduced the concept of profiling with eBPF and verifying software builds. In this talk we will present that solution and explore the lessons learned in the past two years since the initial release.