Hardening Your CI/CD: Terraform, Docker, and Kubernetes Security

As I continue this series on CI/CD pipeline security, it is time to now work on securely building and deploying our application. This post picks up where my Build Secure Python Pipelines: Adding Tests and Hooks in Action post left off. In this post, we’ll continue our pipeline development by adding a container build and … Read more

Getting Started with Secure CI/CD: Essential Practices for Beginners

I think it’s time to focus on a few key practices for beginners to implement secure CI/CD. I’ve been building the idea on the idea of a CI/CD pipeline in a bunch of the below posts: All of these articles are a scattering of topics based upon some of the daily randomness that I’ve faced … Read more

Enhancing Kubernetes Security and Compliance with Starboard Audit Reports: A Practical Guide

In my How to Install and Use Starboard to Protect Your Kubernetes Cluster post, I first installed Starboard and reviewed a vulnerability scan report. After reviewing the results, I then tried to action some of the vulnerabilities in my MySQL deployment. In addition to vulnerability scans, Starboard can also conduct configuration audits of your Kubernetes … Read more

Securing Your CI/CD Pipeline: A Beginner’s Guide to Implementing Essential Security Measures

If you take a look at this blog, you’ll see that I’ve begun to tinker with devops quite a bit. If you’ve ever taken the trouble to look me up on LinkedIn, you’ll also see that I’ve had a little history doing security stuff. Given my love of security, the next logical step of my … Read more

Terraform Import Made Easy: Conquering Infrastructure Management Complexities

I will admit that I’m quite a bit of a rookie when it comes to Terraform and the whole infrastructure as code scene but I’m learning. One of the most powerful tools I’ve found when trying to convert your current infrastructure into Terraform is the terraform import command. After too many times of doing an … Read more

Infrastructure as Code with Terraform and GitHub Actions: A Kubernetes Case Study

As I’ve been working with Terraform more and more these days, I felt that it would be a good idea to move away from some of my other hacked together solutions in favor of Terraform. My next logical step was to focus on kubernetes management with terraform and github actions. This idea builds upon my … Read more

Managing Your Terraform State File

I started messing with GitHub Actions a little more in my Using GitHub to Manage Kubernetes post. I also did some tinkering around with Terraform in my How to Use Terraform to Deploy a Python Script to AWS Lambda post. As I started messing with Terraform even more, I realized how cool it would be … Read more