DevOps Pro Moscow 2021

Rob Bos

Должность:  DevOps Consultant

Компания:  Xpirit BV

Страна:  The Netherlands

Биография

Rob has a strong focus on ALM and DevOps, automating manual tasks and helping teams deliver value to the end-user faster, using Continuous Integration / Continuous Delivery and other DevOps techniques. This is applied on anything Rob comes across, whether it’s an application, infrastructure, serverless or Data Science environments. Additionally, Rob focusses on the management of production environments, including dashboarding, usage statistics for product owners and stakeholders, but also as part of the feedback loop to the developers.

Доклад

GitHub Actions & Security

When working in the real world with continuous integration / continuous deployment, you have to take care of your pipelines.

— Who can push to an environment?
— Who could change the connection strings to the database?
— Who can create new resources in your cloud environment?
— Do you trust your third party extensions?

I’ll go over each of these aspects of your GitHub Actions Workflows and show you what to look for and how to improve your security stance without locking every DevOps engineer out.

Ключевые слова

Security
GitHub Actions

« Hазад