Download Your Guide to Securing Software Delivery
WEBINAR @ 18 OCT REGISTER NOW
1000+ DOWNLOADS GRAB IT NOW
Background The self-signed certs (certificates) for mutual TLS, used as a means of security and authentication for communication between Spinnaker microservices, are usually short-lived (maybe for three months) and expire after the specified period of time. If the mTLS certs are approaching expiry, these certs need to be updated to extend their expiry time. The cert-manager is […]
February 27, 2021
Our applications have secrets. These are credentials to remote systems like a database, or tokens to infrastructure like Kubernetes systems or keys used within the application for CI/CD process. And the question always is, how can we secure this data during the process of deployment using Spinnaker? How do we manage different secrets for different […]
December 1, 2020
Introduction As the Spinnaker is evolving, new features are being incorporated and one of them is External Account Configuration which allows the configurations to be externalized via Git, Hashicorp Vault, databases, CredHub, etc. You may be asked if we can keep the cloud provider account details in a remote repository? If so, what if an account change […]
January 7, 2020
Spinnaker provides a way to encrypt secrets used by some of its services like clouddriver and igor (till this blog is published, only clouddriver, igor and echo services support this feature) through the Spring Config Server implementation. This document guides through the process of configuring encrypted secrets in Git repository and using them in two […]
December 19, 2019
After adding a Jenkins master to Spinnaker through hal command, the ci part of the hal config looks like the following: ci: jenkins: enabled: true masters: - name: opsmx-jenkins-master permissions: {} address: http://opsmx-jenkins.com/jenkins username: opsmx_username password: password_in_plain_text Can we pass the Jenkins credentials as environment variables to Spinnaker? Yes. This blog explains how it can […]
December 2, 2019