Cloud Flight Simulator Part 1: GitLab CI, Workflows, and Secrets

Before you can help DevOps teams solve security problems and improve their security programs, you need to understand how they think, how they work, and the tools that they use. Join SEC540: Cloud Security & DevSecOps Automation authors and instructors Ben Allen, Eric Johnson, and Jon Zeolla to start the new year for a 4 Part Cloud Security Flight Simulator series.

In Part 1, join SEC540 lead author and instructor Eric Johnson for a discussion on Continuous Integration (CI). The 2023 SANS DevOps Survey estimates that nearly 60% of DevOps teams are using version control systems with integrated continuous integration (CI) capabilities such as GitHub and GitLab. In this webcast, you will learn how to create a GitLab CI workflow that deploys a container to a Kubernetes cluster. Along the way, we will explore how GitLab CI uses OpenID Connect (OIDC) identity tokens to authenticate with other cloud services, such as HashiCorp Vault and Kubernetes, to deploy the container.

Explore the rest of the Cloud Flight Simulator Series: