To improve security on GitOps workflows, we have recently added Strict parser mode on Reliza CLI. Here is how this works. Reliza CLI contains “parsetemplate” command which can resolve image tags from configuration yaml files into their versions with digests approved in Reliza Hub for specific environment. We now added “–parsemode” flag which controls 3… Continue reading Strict Parser Mode on Reliza CLI
Tag: Security
No good way to verify public image sha256 in docker hub – security concern
This is a little crazy but apparently we don’t have a good way to verify sha256 digests of public images in docker hub. Related thread is here: https://github.com/docker/hub-feedback/issues/1925 and also this stackoverflow is useful: https://stackoverflow.com/questions/57316115/get-manifest-of-a-public-docker-image-hosted-on-docker-hub-using-the-docker-regi . Problems in the nutshell: Publicly displayed digests on docker hub UI do not match those seen when pulling images… Continue reading No good way to verify public image sha256 in docker hub – security concern
My talk at OWASP Ottawa on SSH Security
No-frills secret sharing with openssl
Motivation Sometimes we need to share a secret with a colleague, and frequently it’s a hassle to do so securely. Worst options include people simply sending plain-text secrets over email or slack. Better, if this is some sort of encrypted email service like ProtonMail, but still it’s a fairly brittle way if we’re dealing with… Continue reading No-frills secret sharing with openssl
4 DataOps Challenges For 2019
This is just my view of what are the most critical issues in the world of Data, AI, Analytics, DevOps related to Data: First of all, DataOps is a new term related to data and analytics management lifecycle – Gartner considers DataOps as one of the key emerging technologies at the moment (although the term… Continue reading 4 DataOps Challenges For 2019