DevSecOps with Tekton and OpenShift

Incoming call from… CISO

DevOps + Sec = Dev Sec Ops

Use Case

├── app
│ ├── Dockerfile
│ ├──
│ └── requirements.txt
└── kubernetes
├── base
│ └── be
│ ├── deployment-config.yaml
│ ├── image-builder.yaml
│ └── service.yaml
└── kustomization.yaml
FrondEnd and BackEnd pipeline
# Deploy simple Tekton pipeline
oc apply -k ""
# Run task
tkn pipeline start build-and-deploy \
-w name=sharedworkspace,volumeClaimTemplateFile=

OK, what is about Security?

DevSecOps pipeline execution
oc apply -k
tkn pipeline start build-and-deploy \
-w name=shared-workspace,\
The issue with port binding
Error message from Bandit about port binding
Kube-lint error message
Part of Dockerfile for Backend
Trivy scan results for backend
Dockerfile frontend
Trivy scan result for frontend


Image scanning with Red Hat image





Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store