Why CodeQL Belongs in Your DevSecOps Pipeline Static analysis is most effective when it runs where developers work. GitHub Actions provides native integration with CodeQL, enabling you to: Reference Workflow The workflow below scans supported languages on a nightly cadence and for every pull request targeting main. It stores the CodeQL database as an artifact for […]
It’s all about Infrastructure as Code and how we manage and provision our cloud resources, and tools like Terraform have become central to these processes. Here, we delve into the best practices for using Terraform with providers that require tokens or keys. Managing Keys and Tokens in Terraform Terraform relies on providers to interface with
Not a chance. I outsource that memory to kubectl and keep my brain for coffee orders and incident timelines. ☕🚀 Here’s how I look clever without memorizing a phone book of resources: 1) See every resource + its short name This shows NAME, SHORTNAMES, APIGROUP, NAMESPACED, KIND. 2) When you remember the full name and
Today, I’d like to share a practical example of working with HashiCorp Packer. This amazing open-source tool is used for creating identical machine images for multiple platforms from a single source configuration. In this case, we will focus on creating a custom image and pushing it to the Azure Compute Gallery. Let’s get started! Step
DevSecOps stands for Development, Security, and Operations. It is an evolution of the DevOps practice that integrates security practices throughout the software development lifecycle instead of treating security as an afterthought. In traditional software development, security reviews and testing often occur late in the release process. This approach can lead to vulnerabilities being discovered just
GitHub is a web-based hosting service for Git repositories that provides tools for collaboration, code review, and project management. It builds on Git by offering a central place to store and manage repositories, making it easy for teams to contribute from anywhere. What is GitHub? GitHub is more than just a hosting service for Git
Git is a distributed version control system that allows developers to track changes in source code while collaborating with others. It records every change made to a project, enabling you to explore previous versions and revert when necessary. Getting started with Git involves a few basic commands: These commands form the foundation for using Git