contents

contents

acknowledgments

about this book

How this book is organized

about the author

about the cover illustration

1 Securing DevOps

1.1 The DevOps approach

1.1.1 Continuous integration

1.1.2 Continuous delivery

1.1.3 Infrastructure as a service

1.1.4 Culture and trust

1.2 Security in DevOps

1.3 Continuous security

1.3.1 Test-driven security

1.3.2 Monitoring and responding to attacks

1.3.3 Assessing risks and maturing security

Part 1. Case study: applying layers of security to a simple DevOps pipeline

2 Building a barebones DevOps pipeline

2.1 Implementation roadmap

2.2 The code repository: GitHub

2.3 The CI platform: CircleCI

2.4 The container repository: Docker Hub

@font-face { font-family: 'livebook'; src:url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.eot?1.9.0'); src:url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.eot?1.9.0') format('embedded-opentype'), url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.woff?1.9.0') format('woff'), url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.ttf?1.9.0') format('truetype'), url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.svg?1.9.0') format('svg'); font-weight: normal; font-style: normal; }