Project Lightning Talk: ORAS: Create and Distribute a Multi-platform Image with Secu... Andrew Block
Andrew Block
KubeCon + CloudNativeCon Europe 2025 · Project Lightning Talk
In this lightning talk at KubeCon EU, Andrew Block, a Distinguished Architect at Red Hat and a maintainer of the ORAS project, delved into the capabilities of ORAS for managing and distributing **multi-platform images** and other **OCI artifacts**. The presentation highlighted how the open-source ORAS (OCI Registry As Storage) CLI and SDK empower developers and organizations to leverage existing container registries, such as DockerHub, Quay, Zot, and Harbor, not just for container images, but for a diverse range of cloud-native assets. This paradigm shift allows for the standardization of artifact management, distribution, and crucially, the enhancement of software supply chain security.
AI review
This lightning talk by Andrew Block on ORAS effectively demonstrates how to leverage existing OCI registries beyond simple container images, focusing on multi-platform artifact distribution and crucial software supply chain security. Block, an ORAS maintainer, provides a clear, no-nonsense overview of how the tool enables attachment of SBOMs and signatures, making it a highly practical and actionable solution for modern cloud-native defense. It's a solid technical presentation that cuts through the noise and delivers real value.