Now that we have a process that automatically builds a container image whenever changes are committed to the git repository, we need a way to get those changes out, either into a development or test environment, or to the production environment. In the gitops world, a deployment is also initiated by a change to the […]

This article is the fourth in the series on how to set up an automated end-to-end workflow for deploying to a Kubernetes cluster. The previous steps accomplished a lot, even if they sound simple. Each involved multiple additional tasks to set up tools and systems, the classic yak shaving scenario. While the first two steps […]

The first article in this series introduced our objective, which is to create an automated workflow that delivers code to a runtime environment once it has been committed to a Git repository. In this part we will look at the next step, which is to package the app so that it can be run in […]

The core function of DevOps is to facilitate and automate the process of delivering code that developers write into production. Where CI/CD is involved, that means that code is compiled, tested and packaged, as applicable, whenever code is committed to a repository. A DevSecOps approach integrates security into the DevOps process through such steps as […]

As someone who builds and maintains cloud infrastructure, I have always been leery from a security perspective of giving 3rd party services, such as CI/CD platforms, access to the resources. All the service vendors claim to take stringent precautions and implement foolproof processes, but still, vulnerabilities getexploited and errors happen. Therefore, my preference is to use tools […]