Davide Imola
Securing secrets in the GitOps Era
#1about 8 minutes
Understanding the fundamentals and benefits of GitOps
GitOps uses a Git repository as the single source of truth for declaratively managing infrastructure and application deployments.
#2about 5 minutes
The security risk of storing secrets in Git
Storing Kubernetes secrets directly in a Git repository is insecure because the values are only Base64 encoded, not truly encrypted.
#3about 15 minutes
Encrypting secrets in Git with Sealed Secrets
Sealed Secrets is a Kubernetes operator that uses public-key cryptography to safely encrypt secrets before they are stored in a Git repository.
#4about 3 minutes
Evaluating the pros and cons of Sealed Secrets
While Sealed Secrets are easy to configure and integrate with GitOps, they can be cumbersome for frequent value changes and history retrieval.
#5about 7 minutes
Managing secrets with external secret managers
External secret managers like HashiCorp Vault or cloud provider solutions offer centralized control, web UIs, and easier secret rotation.
#6about 2 minutes
Integrating external secret managers into Kubernetes
Applications can access secrets from external managers by using provider-specific SDKs or by using a Secret Store CSI driver to sync them as native Kubernetes secrets.
#7about 18 minutes
Q&A on GitOps secret management practices
The speaker answers audience questions on topics including key management strategies, multi-tenancy, secure transmission, and CI/CD pipeline integration.
Related jobs
Jobs that call for the skills explored in this talk.
Matching moments
07:30 MIN
Using Sealed Secrets to safely store secrets in Git
Securing Secrets in the GitOps era
04:08 MIN
The risk of exposing credentials in Git repositories
Securing Secrets in the GitOps era
05:19 MIN
Q&A: GitOps, CI tools, and security management
GitOps: The past, present and future
02:13 MIN
Understanding the fundamentals of GitHub Secrets
Best Practices for Using GitHub Secrets
03:33 MIN
Introduction to GitOps and the talk agenda
Get ready for operations by pull requests
02:32 MIN
Securing workflows with secrets and best practices
CI/CD with Github Actions
03:42 MIN
Securely handing over credentials and application secrets
SRE Methods In an Agency Environment
02:45 MIN
Key takeaways for securing your application pipeline
Securing Your Web Application Pipeline From Intruders
Featured Partners
Related Videos
58:57Securing Secrets in the GitOps era
Alex Soto
36:33Best Practices for Using GitHub Secrets
Marcel Lupo
56:06Stop Committing Your Secrets - GIt Hooks To The Rescue!
Dwayne McDaniel
30:07External Secrets Operator: the secrets management toolbox for self-sufficient teams
Moritz Johner
58:44How to GitOps your cluster with Flux
Davide Imola
50:02Get ready for operations by pull requests
Liviu Costea
33:20DevSecOps: Security in DevOps
Aarno Aukia
47:42GitOps: The past, present and future
Roberth Strand
Related Articles
View all articles
From learning to earning
Jobs that call for the skills explored in this talk.
smartclip Europe GmbH
Hamburg, Germany
Intermediate
Senior
GIT
Linux
Python
Kubernetes
iits-consulting GmbH
München, Germany
Intermediate
Go
Docker
DevOps
Kubernetes
SYSKRON GmbH
Regensburg, Germany
Intermediate
Senior
.NET
Python
Kubernetes
Mittwald CM Service GmbH & Co. KG
Espelkamp, Germany
Intermediate
Senior
Linux
Docker
DevOps
Kubernetes
AUTO1 Group SE
Berlin, Germany
Intermediate
Senior
ELK
Terraform
Elasticsearch
Sector Nord AG
Oldenburg, Germany
Intermediate
Senior
Docker
InfluxDB
Atruvia AG
Berlin, Germany
Intermediate
Senior
GIT
Jenkins