Hardening Your CI/CD: Terraform, Docker, and Kubernetes Security

As I continue this series on CI/CD pipeline security, it is time to now work on securely building and deploying our application. This post picks up where my Build Secure Python Pipelines: Adding Tests and Hooks in Action post left off. In this post, we’ll continue our pipeline development by adding a container build and deployment to Kubernetes. In addition to this, we’ll add some security components to the build and deployment process....

March 1, 2024 · 11 min · Scott

Build Secure Python Pipelines: Adding Tests and Hooks in Action

As we continue this series started in my Getting Started with Secure CI/CD: Essential Practices for Beginners post, I’ll be securing my Python code with automated testing and hooks. While some of this information builds on some previous posts I’ve created in the past, Adding pre-commit Hooks to Python Repo Writing Tests For Your Python Project I still wanted to incorporate these together in a meaningful way. My goal is to help anyone that is trying to figure out how to piece together their own pipeline....

February 18, 2024 · 20 min · Scott

Cribl Splunk_HEC Datasource: The Ultimate Guide for Kubernetes Log Ingestion

After writing my From Scattered to Splunk: Bringing Order to Your Kubernetes Logs post, a buddy of mine Danny Ansell (oh by the way he does work for Cribl and used to work for Splunk) suggested that I could always import my logs into Cribl as well. I’m madly in love with Splunk and do so love one of their tag lines Splunk Rhymes with Drunk, but I’m always on the hunt for kicking the tires on new technology....

February 11, 2024 · 6 min · Scott

Getting Started with Secure CI/CD: Essential Practices for Beginners

I think it’s time to focus on a few key practices for beginners to implement secure CI/CD. I’ve been building the idea on the idea of a CI/CD pipeline in a bunch of the below posts: Securing Your CI/CD Pipeline: A Beginner’s Guide to Implementing Essential Security Measures Automate Your Database Changes with a CI/CD Pipeline How to Build a CI/CD Pipeline for Your Database Infrastructure as Code with Terraform and GitHub Actions: A Kubernetes Case Study Adding pre-commit Hooks to Python Repo Writing Tests For Your Python Project All of these articles are a scattering of topics based upon some of the daily randomness that I’ve faced in my work life....

February 4, 2024 · 7 min · Scott

From Scattered to Splunk: Bringing Order to Your Kubernetes Logs

In my Silence Not Golden: Fixing the Mute Button on Tetragon Logs post, I realized that I was an idiot. I also realized that I needed to get all of my Kubernetes into one place for a number of reasons. I’m most familiar with Splunk so it makes sense to centralize my Kubernetes logs with Splunk. In this post, I’m going to walk through configuring Splunk and Kubernetes so that all of my logs are in a central location....

January 28, 2024 · 6 min · Scott