Overview

A repository consisting of various pipeline templates. This supports the Paved Road devsecops approach with a 1:many model. This also enforces proper deployment behaviours as local pipelines cannot override the templates.

Caveats

.github dir should have required approvers

Called Workflows

Templates designed to be stored centrally in a repository
Repo must be either private or public
- if private (preferred), create deploy keys and store as described in github docs
Stored in the .github/workflows dir as required by GH
Scans code for compliance using Chekhov (for AWS pipelines)
Requires the Github OpenID identity provider to be configured in AWS

Calling workflows

Stored in the .github/workflows folder of your code repo
Store SSH_KEY as a secret on the repo
Store platform relevant secrets (Cloudflare tokens, or AWS roles)

Name		Name	Last commit message	Last commit date
Latest commit History 180 Commits
.github		.github
called_workflows		called_workflows
calling_workflows		calling_workflows
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Overview

Caveats

Called Workflows

Calling workflows

About

Releases

Packages

Gravitas-Security/DevSecOps-pipelines

Folders and files

Latest commit

History

Repository files navigation

Overview

Caveats

Called Workflows

Calling workflows

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages