All OpsCast Conversations
Search and filter through the complete archive of DevOps, Cloud Security, and Kubernetes discussions.
Hardening Docker in Production: A Deep Dive into Container Security and Optimization
In this episode, we explore the critical aspects of securing and optimizing Docker in production environments, focusing on minimizing attack surfaces, leveraging advanced security profiles, and ensuring compliance with industry standards. Tune in as our experts discuss the latest strategies and tools for hardening Docker deployments. From multi-stage builds to runtime security controls, we've got you covered.
Scaling Helm for Enterprise DevOps: Secure, Efficient, and Automated
In this episode, we delve into the world of Helm, exploring how to engineer secure charts at scale, leveraging tools like Trivy and Checkov for security scanning, and integrating with GitOps for streamlined deployment. We'll discuss best practices for testing, managing secrets with HashiCorp Vault, and utilizing Helmfile for multi-environment orchestration. Tune in for expert insights on securing your Kubernetes deployments with Helm.
Scaling GitHub Actions for Enterprise DevOps: Security, Compliance, and Efficiency
In this episode, we dive into the world of GitHub Actions, exploring how to scale and secure this powerful CI/CD tool for enterprise DevOps. From reusable workflows and composite actions to SLSA Level 3 supply chain compliance, we'll cover the key considerations for senior engineers and architects. Join us as we examine the intersection of DevOps, security, and compliance in GitHub Actions.
Unlocking GitLab's Full Potential: Advanced CI/CD Pipelines and DevSecOps Integrations
In this episode, we dive into the advanced features of GitLab CI/CD, exploring DAG pipelines, security scanning integration, and compliance frameworks. Tune in to learn how to optimize your pipeline performance and strengthen your organization's security posture. From protected environments to OIDC integration, we cover the key aspects of GitLab that senior engineers need to know.
Modernizing Jenkins for Cloud-Native Pipelines: Security, Scalability, and Best Practices
In this episode, we dive into the world of Jenkins, exploring pipeline as code, security hardening, and its role in a cloud-native world. Join us as we discuss declarative pipeline best practices, shared libraries, and integration with Kubernetes. Whether you're looking to modernize your existing Jenkins setup or migrate to a new CI/CD platform, this episode has you covered.
Tekton Pipelines: Unlocking Cloud-Native CI/CD on Kubernetes with Supply Chain Security
In this episode, we dive into the world of Tekton Pipelines, exploring its architecture, and how it enables cloud-native CI/CD on Kubernetes with a strong focus on supply chain security. We discuss the latest features and best practices for implementing Tekton in enterprise environments. From Tekton Tasks and Pipelines to Tekton Chains and SLSA provenance, we cover it all.