You're reading from Modern DevOps Practices Implement and secure DevOps in the public cloud with cutting-edge tools, tips, tricks, and techniques

Product type Paperback

Published in Sep 2021

Publisher Packt

ISBN-13 9781800562387

Length 530 pages

Edition 1st Edition

Tools

Docker

Concepts

Continuous Delivery

Author (1):

Gaurav Agarwal

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1: Container Fundamentals and Best Practices

2. Chapter 1: The Move to Containers FREE CHAPTER

3. Chapter 2: Containerization with Docker

4. Chapter 3: Creating and Managing Container Images

5. Chapter 4: Container Orchestration with Kubernetes – Part I

6. Chapter 5: Container Orchestration with Kubernetes – Part II

7. Section 2: Delivering Containers

8. Chapter 6: Infrastructure as Code (IaC) with Terraform

9. Chapter 7: Configuration Management with Ansible

10. Chapter 8: IaC and Config Management in Action

11. Chapter 9: Containers as a Service (CaaS) and Serverless Computing for Containers

12. Chapter 10: Continuous Integration

13. Chapter 11: Continuous Deployment/Delivery with Spinnaker

14. Chapter 12: Securing the Deployment Pipeline

15. Section 3: Modern DevOps with GitOps

16. Chapter 13: Understanding DevOps with GitOps

17. Chapter 14: CI/CD Pipelines with GitOps

18. Other Books You May Enjoy

Managing secrets

Most application code requires access to sensitive information. These are called secrets in the DevOps world. A secret is any data that helps someone prove their identity, authenticate, and authorize privileged accounts, applications, and services. Some of the potential candidates that constitute secrets are listed here:

Passwords
API tokens, GitHub tokens, and any other application key
Secure Shell (SSH) keys
Transport Layer Security (TLS), Secure Sockets Layer (SSL), and Pretty Good Privacy (PGP) private keys
One-time passwords

A good example could be a container running within Kubernetes that requires access to an API key to authenticate with a third-party API or username and password to authenticate with a backend database. Developers need to understand where and how to store secrets so that they are not exposed inadvertently to people who are not supposed to view them.

When we run a CI/CD pipeline, it becomes imperative to understand...