Chalk™ captures metadata at build time, and can add a small 'chalk mark' (metadata) to any artifacts, so they can be identified in production. Chalk can also extract chalk marks and collect additional metadata about the operating environment when it does this.
Using Chalk, you can build a graph connecting development and production, so that devops engineers understand what is happening in the development process, and so that developers can understand what is happening in the infrastructure. With this information they can work better together.
Visibility into development and production also enables security engineers to better manage risk.
You can use Chalk to solve a variety of specific use cases such as:
Many companies and the US Government are now mandating suppliers providing supply chain statements when delivering software. This how to is an easy button to deliver the SBOM, code and builds provenance and supports SLSA, Supply-chain Levels for Software Artifacts, level 2 compliance (an emerging supply chain standard) before SLSA level 1 has been mandated. Follow this how-to on our docs site here.
From a code base, easily understand the environments where code and even particular branches are running. Gather code owners for the applications and code repos. Follow this how-to on our docs site here.
Understanding which services run in containers can help you build a service map. Use Chalk to automatically create periodic reports on container network tables, or visibility into service availability. Follow this how-to on our docs site here.
Automatically create SBOMs for every build of every code repo, including auto-deploying and using built-in SBOM generation and collection tools. Send these SBOMs to a central location for further analysis, and to maintain a record across your environment. Follow this how-to on our docs site here.
All documentation for Chalk is available at https://crashoverride.com/docs and is also fully accessible though the command line interface.
We recommend following the getting started guide on our documentation web site. Full documentation is also available directly inside the CLI.
We provide free binary downloads on our release page.
If you encounter any issues with Chalk please submit a Github issue to this repo.
We are constantly learning about emerging use cases for Chalk, and are always interested in hearing about how others are using it. We are also interested in ideas and feature requests.If you would like to talk, please get in touch using hello@crashoverride.com.
We welcome contributions but do require you to complete a contributor license agreement or CLA. You can read the CLA and about our process here.
If you need additional help including a demo of the cloud platform, please contact us using hello@crashoverride.com
Chalk is licensed under the GPL version 3 license.
Our cloud hosted platform is built using Chalk. It make enterprise deployment easy, and provides additional functionality including prebuilt integrations to enrich your data, an in-built query editor, an API and more.
There are both free and paid plans. You can join the waiting list for early access.