Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pipeline Tampering Risks & Prevention #47

Open
3 tasks
ducthinh993 opened this issue Jun 27, 2022 · 2 comments
Open
3 tasks

Pipeline Tampering Risks & Prevention #47

ducthinh993 opened this issue Jun 27, 2022 · 2 comments
Assignees
@ducthinh993
Labels
documentation Improvements or additions to documentation enhancement New feature or request idea Share a good idea

Comments

@ducthinh993
Copy link

Hi folks,
As a DevSecOps practitioner for many sizes of development, there is a critical one for maintaining DevSecOps Pipeline to prevent integrity violation and DRY principle with the pipeline consuming

Abstraction Ideas:

  • Pipeline definition store as separate repos
  • Consuming pipeline as git sub-modules
  • Pipeline call should be visible and measured

Benefits:

  • Pipeline enforcement
  • Pipeline integrity
  • Pipeline scalability

I'm happy to help but not so sure which category should we put it on
@Ali-Yazdani Ali-Yazdani added documentation Improvements or additions to documentation enhancement New feature or request idea Share a good idea labels Jun 27, 2022
@Ali-Yazdani
Copy link
Collaborator

Hi,
Thanks for the great suggestion, Please create a file and start to write them down. After that, we can review them and see if it needs to reorganize.

So easy 😄

@Ali-Yazdani
Copy link
Collaborator

Dear @ducthinh993,
I assigned it to you. Please feel free and start work on it.
I'm looking forward to approving your Pull Request.

@ducthinh993 ducthinh993 changed the title Adding Pipeline Integrity & Scalability Guidance Pipeline Tampering Risks & Prevention Jul 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ducthinh993 ducthinh993

Labels
documentation Improvements or additions to documentation enhancement New feature or request idea Share a good idea
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Ali-Yazdani @ducthinh993