GitOps

Jan 1, 0001

Definition

GitOps is an operational framework that uses Git as a single source of truth for managing infrastructure and application deployments. It leverages Git repositories to store declarative configurations and utilizes automated processes to ensure that the desired state defined in the repository matches the actual state in the production environment. This approach enhances collaboration, auditability, and version control, while enabling continuous delivery and deployment.

Secure Settings Example

apiVersion: apps/v1
kind: Deployment
metadata:
  name: secure-app
spec:
  replicas: 3
  selector:
    matchLabels:
      app: secure-app
  template:
    metadata:
      labels:
        app: secure-app
    spec:
      containers:
      - name: secure-app-container
        image: secure-app:latest
        securityContext:
          runAsNonRoot: true
          readOnlyRootFilesystem: true
          capabilities:
            drop:
            - ALL

Insecure Settings Example

apiVersion: apps/v1
kind: Deployment
metadata:
  name: insecure-app
spec:
  replicas: 3
  selector:
    matchLabels:
      app: insecure-app
  template:
    metadata:
      labels:
        app: insecure-app
    spec:
      containers:
      - name: insecure-app-container
        image: insecure-app:latest
        securityContext:
          runAsNonRoot: false
          readOnlyRootFilesystem: false
          capabilities:
            add:
            - NET_ADMIN

GitOps

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter