by Parth Patel | Monday, Dec 6, 2021 | Secure Supply Chain Open-Source Security

Admission Controllers are an important piece of ensuring that production clusters only deploy signed and trusted applications. Running these tools within your cluster allows for automated detection and enforcement of your organization's policies. They can be especially useful when dealing with supply chain security! Open Policy Agent Gatekeeper has become one of the standards used for a variety of validating and mutating webhooks. But another tool, Kyverno, has been growing in popularity (and functionality) to meet the challenges of supply chain security.

by Parth Patel | Monday, Nov 8, 2021 | Secure Supply Chain Open-Source Security

Tekton has been growing in popularity as a go-to CI/CD cloud native pipeline tool. Tekton installs and runs as an extension on a Kubernetes cluster and comprises a set of Kubernetes Custom Resources that define the building blocks you can create and reuse for your pipelines. It provides the ability to create custom pipelines with various tasks, from building images, storing and scanning the images, and deploying them to a kubernetes cluster.

by Matthew DeVenny | Monday, Nov 1, 2021 | CI/CD

At BoxBoat we are always trying to accelerate DevOps processes for our customers – that's why we have lots of tooling around CI/CD, which you can find on our GitHub. We are excited to announce that we have added another tool to the boat - Dockhand LRU Registry Modern CI/CD platforms typically have the option to utilize Kubernetes based build agents or runners to streamline builds allowing you to build on your Kubernetes clusters.

by Daniel Morrison | Thursday, Oct 21, 2021 | Azure Kubernetes Open-Source

There are many pros to hosting your own Azure DevOps(ADO) Pipeline Agents including: cost savings, increased control, and a cloud-native design. However, self-hosting anything can be tricky, and maintenance of agents can be tiresome. For these reasons a short-lived, ephemeral agent is ideal. One powerful way to achieve this is by running your agents on Kubernetes. Let’s dive into setting up our own agent's Docker image and self-hosted agent pool.

by Matthew DeVenny | Wednesday, Oct 20, 2021 | Kubernetes Secrets Dockhand

Secrets Management on Kubernetes with GitOps can be challenging. Often times, engineers resort to creating secrets manually, injecting secrets through scripts with a CI/CD tool, or even worse, just committing the secrets directly to git. The Dockhand Secrets Operator solves that problem by allowing you to make arbitrary secrets in a standard way with only the secret bits stored in the backend(s) of your choice. At this time the following secrets managers are supported: AWS Secrets Manager, Azure Key Vault, GCP Secrets Manager or HashiCorp Vault.