Container Pipeline
Running Rules for CI/CD
- Maintain a code repository
- Automate the build
- Keep the build fast
- Make the build self-testing
- Commit early, commit often
- Every commit to the mainline gets built
- Everyone can see the results of the build
- Automate the deployment
Things to Secure the Container Pipeline
- Secure Pipelines
- Image scanning
- Signed Images
- Verify Trusted Images
- Kickoff Security Assessment