Hardening Your CI/CD: Terraform, Docker, and Kubernetes Security

As I continue this series on CI/CD pipeline security, it is time to now work on securely building and deploying our application. This post picks up where my Build Secure Python Pipelines: Adding Tests and Hooks in Action post left off. In this post, we’ll continue our pipeline development by adding a container build and … Read more

Build Secure Python Pipelines: Adding Tests and Hooks in Action

A roll of US currency gripped by a rusty metal clamp that is hanging from a chain, set against a red corrugated background

As we continue this series started in my Getting Started with Secure CI/CD: Essential Practices for Beginners post, I’ll be securing my Python code with automated testing and hooks. While some of this information builds on some previous posts I’ve created in the past, I still wanted to incorporate these together in a meaningful way. … Read more

Getting Started with Secure CI/CD: Essential Practices for Beginners

I think it’s time to focus on a few key practices for beginners to implement secure CI/CD. I’ve been building the idea on the idea of a CI/CD pipeline in a bunch of the below posts: All of these articles are a scattering of topics based upon some of the daily randomness that I’ve faced … Read more

How to Install and Use Starboard to Protect Your Kubernetes Cluster

In my Securing Your CI/CD Pipeline: A Beginner’s Guide to Implementing Essential Security Measures post, I started to tinker with SecOps a little with Terrascan. I also stumbled upon another tool called Starboard from Aqua security. In this post, I’m going to focus on using Starboard installation and usage as a Kubernetes Operator to see … Read more

Securing Your CI/CD Pipeline: A Beginner’s Guide to Implementing Essential Security Measures

If you take a look at this blog, you’ll see that I’ve begun to tinker with devops quite a bit. If you’ve ever taken the trouble to look me up on LinkedIn, you’ll also see that I’ve had a little history doing security stuff. Given my love of security, the next logical step of my … Read more

Automate Your Database Changes with a CI/CD Pipeline

I first started talking about building a database CI/DI pipeline in my previous post, How to Build a CI/CD Pipeline for Your Database. That previous post was focused more on the infrastructure that would be managed by the DevOps team. Now I want to focus on efficient database management with CI/CD. In this post, I’m … Read more

Terraform Import Made Easy: Conquering Infrastructure Management Complexities

I will admit that I’m quite a bit of a rookie when it comes to Terraform and the whole infrastructure as code scene but I’m learning. One of the most powerful tools I’ve found when trying to convert your current infrastructure into Terraform is the terraform import command. After too many times of doing an … Read more

Infrastructure as Code with Terraform and GitHub Actions: A Kubernetes Case Study

As I’ve been working with Terraform more and more these days, I felt that it would be a good idea to move away from some of my other hacked together solutions in favor of Terraform. My next logical step was to focus on kubernetes management with terraform and github actions. This idea builds upon my … Read more