Leverage HashiCorp #Vault as a trusted certificate authority (CA) to issue short-lived code signing certificates to a GitHub Actions workflow. https://hashi.co/3WBEXYD
HashiCorp’s Post
More Relevant Posts
-
HashiCorp Vault enhances security in workflows by serving as a trusted certificate authority (CA) to issue short-lived code signing certificates. This is crucial for software supply chain security, enabling verification of code authenticity and defending against supply chain attacks by enforcing code-integrity controls.
Leverage HashiCorp #Vault as a trusted certificate authority (CA) to issue short-lived code signing certificates to a GitHub Actions workflow. https://hashi.co/3WBEXYD
Code signing with HashiCorp Vault and GitHub Actions
hashicorp.com
To view or add a comment, sign in
-
Code signing with HashiCorp Vault and GitHub Actions Leverage HashiCorp Vault as a trusted certificate authority
Code signing with HashiCorp Vault and GitHub Actions
hashicorp.com
To view or add a comment, sign in
-
Code signing with HashiCorp Vault and GitHub Actions Leverage HashiCorp Vault as a trusted certificate authority
Code signing with HashiCorp Vault and GitHub Actions
hashicorp.com
To view or add a comment, sign in
-
To continue the topic of configuration. We know there are many great reasons to keep the configuration out of the application. One of these reasons is configuration frequently contains sensitive information. Such as credentials. We do not want to leak sensitive information. However we still want to store and version configuration, as changes may lead to outages and we always want to be able to restore the last known good state as quickly as possible. There are a few approaches to achieving that. I frequently see a dedicated solution used for this, like AWS S3 bucket, AWS ParamStore/SecretsManager, HashiCorp Vault, etc... I have a few concerns with the approach of storing configuration in a separate solution from the application. First is architectural, it introduces additional points of failure. Second is convenience, I now have to maintain and remember multiple storage solutions to run a single application. I really enjoy storing and running an app as a single package and not having to manage the dependencies I do not have to manage. So how would I reconcile the desire to store the configuration together with an application and at the same time not to store sensitive information? Encrypt sensitive data, and store it encrypted. Store all the sensitive data in Git, just like you store your code. As long as you keep the keys secret, your data should be secure even in plain sight. Here is how: https://lnkd.in/eYjTVHsW Your comments are always welcome.
GitHub - maxfortun/git-openssl-secrets
github.com
To view or add a comment, sign in
-
Deploy infra stack using self-managed ArgoCD with Cert Manager, ExternalDNS, External Secrets Op, Ingress-Nginx, Keycloak and RabbitMQ (8/17) #gitops #argocd #certmgr #externaldns #externalsecretsoperator #nginxingesscontroller #keycloak #rabbitmq #tutorial https://lnkd.in/egpvWb4v
Deploy infra stack using self-managed ArgoCD with Cert Manager, ExternalDNS, External Secrets Op…
medium.com
To view or add a comment, sign in
-
Say goodbye to IAM users in CI/CD pipelines! With Terraform 1.6 this became a lot easier. Take a look at my recent blog post where I'll show you a practical example with Github Actions and new functionality in Terraform 1.6:
Adopt Open ID Connect (OIDC) in Terraform for secure multi-account CI/CD to AWS - Home
hedrange.com
To view or add a comment, sign in
-
Deploy infra stack using self-managed ArgoCD with Cert Manager, ExternalDNS, External Secrets Op, Ingress-Nginx, Keycloak and RabbitMQ (8/17) #infrastructuremanagement #argocd #cert-manager #externaldns #eso #nginxingess #keycloak #rabbitmq https://lnkd.in/egpvWb4v
Deploy infra stack using self-managed ArgoCD with Cert Manager, ExternalDNS, External Secrets Op…
medium.com
To view or add a comment, sign in
-
Find out more on how Cloudback uses replicating backups to secure your GitHub repositories. https://lnkd.in/dqr3kWab #GitHub #backup #cloudback #replicatingbackups
New feature: Replicating GitHub Backups | Cloudback Blog
cloudback.it
To view or add a comment, sign in
272,347 followers