by Carly Rodriguez | Monday, Feb 7, 2022 | Education Docker Security

Containers have given the tech industry a convenient way to bundle up dependencies and code into a portable image that can run seamlessly across different computing environments. This convenience, however, can sometimes come at a cost. In order to leverage docker building capabilities within a Gitlab environment, the docker-executor must be given host privileges to run a docker-in-docker service that will allow connection to the docker daemon on the host machine.

by Parth Patel | Monday, Dec 6, 2021 | Secure Supply Chain Open-Source Security

Admission Controllers are an important piece of ensuring that production clusters only deploy signed and trusted applications. Running these tools within your cluster allows for automated detection and enforcement of your organization's policies. They can be especially useful when dealing with supply chain security! Open Policy Agent Gatekeeper has become one of the standards used for a variety of validating and mutating webhooks. But another tool, Kyverno, has been growing in popularity (and functionality) to meet the challenges of supply chain security.

by Parth Patel | Monday, Nov 8, 2021 | Secure Supply Chain Open-Source Security

Tekton has been growing in popularity as a go-to CI/CD cloud native pipeline tool. Tekton installs and runs as an extension on a Kubernetes cluster and comprises a set of Kubernetes Custom Resources that define the building blocks you can create and reuse for your pipelines. It provides the ability to create custom pipelines with various tasks, from building images, storing and scanning the images, and deploying them to a kubernetes cluster.

by Matthew DeVenny | Monday, Nov 1, 2021 | CI/CD

At BoxBoat we are always trying to accelerate DevOps processes for our customers – that's why we have lots of tooling around CI/CD, which you can find on our GitHub. We are excited to announce that we have added another tool to the boat - Dockhand LRU Registry Modern CI/CD platforms typically have the option to utilize Kubernetes based build agents or runners to streamline builds allowing you to build on your Kubernetes clusters.

by Daniel Morrison | Thursday, Oct 21, 2021 | Azure Kubernetes Open-Source

There are many pros to hosting your own Azure DevOps(ADO) Pipeline Agents including: cost savings, increased control, and a cloud-native design. However, self-hosting anything can be tricky, and maintenance of agents can be tiresome. For these reasons a short-lived, ephemeral agent is ideal. One powerful way to achieve this is by running your agents on Kubernetes. Let’s dive into setting up our own agent's Docker image and self-hosted agent pool.