Why Konflux?
Are fragmented tools slowing you down? Are security gaps keeping you up at night?
Managing complex software development is challenging. Konflux is here to help.
Konflux is an open-source continuous integration and delivery (CI/CD) application that helps you secure and simplify the process of building, testing, and releasing rock-solid software faster. Konflux is not merely a DevOps platform; it is a comprehensive solution that hardens your deployment process against emerging threats. For example, Konflux enables you to identify and mitigate vulnerabilities proactively by offering detailed insights into your software’s release pipeline.
Key Features of Konflux
CI/CD Automation
Konflux simplifies your DevOps processes through:
-
Automated Pipelines: Konflux provides default pipeline configurations for building, testing, and deploying production software. You can trigger these pipelines via Git events, such as when team members accept push or pull requests. Konflux posts the results back to your source control management system.
-
Integration with GitHub and GitLab: Konflux allows you to integrate your build processes into GitHub or GitLab. This integration uses the Tekton framework to run pipelines in your Konflux cluster. We will add more source control management providers in the future.
-
Red Hat Subscription Support: Konflux allows you to integrate subscription content into your pipeline to build software that uses these RPMs as dependencies.
Collaboration
Konflux encourages you to collaborate with its open-source community through resources such as its community and overview pages on GitHub.
Customization and Flexibility
Konflux allows you to customize your project to meet your specific requirements, maintain high security standards, and adapt to various enterprise needs. Konflux’s adaptable platform ensures compliance without sacrificing flexibility.
Open Source
The core components of Konflux are distributed under the Apache 2.0 license and built on top of Kubernetes and OpenShift. You can set Konflux up locally or as a cloud-native platform for your development teams. Konflux utilizes standard command-line tools, such as Kubernetes' kubectl
and OpenShift’s oc
, for managing resources.
Robust Software Supply Chain Security
Konflux offers unparalleled transparency into your software’s build process, helping you address vulnerabilities before they become issues. Konflux emphasizes robust security through the following mechanisms:
-
Hermetic Builds: Konflux supports using hermetic builds to isolate your build processes from changes to the host system to ensure consistency and produce accurate Software Bills of Materials (SBOMs) for tracking components, dependencies, and so forth.
-
SLSA Compliance: Konflux supports level three Supply Chain Levels for Software Artifacts (SLSAs) reference.[1], allowing you to generate secure, detailed records for each build step to ensure transparency and trust in your software supply chain.
-
Stringent Access Controls: Konflux allows you to implement policies using native Kubernetes features like Role-Based Access Control (RBAC) and tenant namespaces to safeguard your sensitive data and ensure access compliance without giving up flexibility.
-
Vulnerability Detection: Konflux automatically scans for critical vulnerabilities every time you submit a pull request and verifies your container images against custom rules and secure frameworks.
Testing and Deployment
Konflux provides the following features to facilitate testing and deploying your software:
-
Build Once, Deploy Anywhere: Konflux optimizes your release process for multiple deployments without redundancy, which reduces your time-to-market
-
Integration Testing: Konflux runs your integration tests for complex applications and displays the results in your source control management system.
-
Supports Multiple Architectures: Konflux supports architectures like amd64 and arm64, offering you flexibility when targeting diverse deployment environments.