This “blog post"/"cheat sheet” is about “Open the door for root users in OpenShift (example StatefulSet)”. The topic is in context of two blog posts I wrote called Run a PostgreSQL container as a non-root user in OpenShift and Open the door for root users in Red Hat OpenShift¶.
If you want to get an overview of the existing Default OpenShift security context constraints visit the IBM Cloud documentation.
Continue reading
This “blog post"/"cheat sheet” is about “Open the door for root users in OpenShift“. The topic is in context of an older blog post I wrote called Run a PostgreSQL container as a non-root user in OpenShift. Let’s look for the opposite perspective in this blog post.
If you want to get an overview of the existing Default OpenShift security context constraints visit the IBM Cloud documentation.
Continue reading
This cheat sheet is an extension to a blog post I made which is called: Configure a project in an IBM Cloud Red Hat OpenShift cluster to access the IBM Cloud Container Registry . In that related blog post we used the IBM Cloud Container registry to get the container images to run our example application. Now in this cheat sheet we will use the Red Hat OpenShift internal container registry and the Docker build strategy to deploy the same example application to OpenShift.
This cheat sheet is about, how to configure a project in an IBM Cloud Red Hat OpenShift to access the IBM Cloud Container Registry. We use an image pull secret to access container images from IBM Cloud Container Registries. The cheat sheet combines different steps, which are available in the IBM Cloud documentation you find here.
We configure a created project in OpenShift to access two different IBM Cloud Container Registries.
IBM Cloud Account where we instantiated the IBM Cloud Red Hat OpenShift cluster. Let us call this IBM Cloud Account ONE.IBM Cloud Account called IBM Cloud Account TWO. This configuration works like to the configuration for external private registries.The IBM Cloud Red Hat OpenShift cluster is a part of IBM Cloud Account ONE.
The image below shows a simplified architecture overview:
Continue readingNote: The cheat sheet references to source code, which is available in that example GitHub project. In case you want to follow the steps, you can clone the GitHub project to your local computer.
It’s awesome we just created 10 hours of live recordings, which are built on experience, about application security. That learning journey was made by the IBM Developer Hybrid Cloud Build Team from IBM and I am a part of that team. We put together great content for you. By the way, I was responsible for the content ;-). I also have been the moderator for most of the sessions and I also gave sessions by myself. The learning journey is called #ApplicationSecurityLearningJourney.
So just take something to drink and grep some snacks and then enjoy all of the knowledge or just select your point of interest.
Here are the links to the various topics and related recordings on Crowdcast.io.
This blog post addresses the topic, how to use environment variables to make a containerized Vue.js frontend application more flexible. We will touch following technologies Vue.js, NGINX, JavaScript, Dockerfile and Code Engine.
When you run a containerized application on a container orchestration platform like Kubernetes, Open Shift or on a serverless frameworks like Knative or Code Engine or other platforms, it’s helpful to pass endpoints to other applications to the containerized application by using environment variables. When the container will be restarted, these variables can be provided to the container and no adjustment in the source code is necessary. You can use configmaps or in Code Engine simply the environment variable itself.
The example source code you find in this workshop.
In addition, it’s useful when you take a look into this awesome blog post: Externalise and Configure Frontend Environment Variables on Kubernetes which was used for the starting point for the configuration.
Continue reading
This blog post addresses the topic, how to use environment variables to make a containized Quarkus application more flexible. We will touch following technologies Quarkus, OpenJ9 Java runtime, MicroProfile, Dockerfile definition and Code Engine.
When you run a containerized application on a container orchestration platform like Kubernetes, Open Shift or with a serverless framework like Knative or Code Engine or on other platforms, it is helpful to pass endpoints to other applications to the containerized application by using environment variables. When the container will be restarted, these variables can be provided to the container and no adjustment in the source code is necessary. You can use configmaps or in Code Engine simple the environment variable itself.
We will follow along an application example for the implementation and the example source code you find in the Get started to deploy a Java Microservices application to Code Engine workshop. (or the direct link to the used file in the GitHub repository is provided in the blog post itself)
Continue reading
This short blog post is about my perspective related to, how to get technical started with white box security testing, when you use SonarQube.
Continue reading
This blog post is about the last 14 min video for my YouTube playlist related to the hands-on tutorial “Develop a Kubernetes app by using Tekton delivery pipelines“. In this video we do the final setup of the toolchain and then we execute a Tekton pipeline. For more background please visit my first blog post “Getting started with continuous integration and delivery (CI/CD) using Tekton and an Open Toolchain on IBM Cloud (Part 1/3)“.
Note: The video was live recorded and it would take 30 min for the entire session, but I did reduce the time of the video to only 14 min ;-).
But now the video could be sometimes a little bit (too) fast.
This blog post is about my newly created 9 min YouTube video about the setup of the prerequisites for the hands-on tutorial “Develop a Kubernetes app by using Tekton delivery pipelines“. That video is a part of the video series for the tutorial. For more details please visit my last blog post “Getting started with continuous integration and delivery (CI/CD) using Tekton and an Open Toolchain on IBM Cloud (Part 1/3)“
Thomas Suedbroecker's Blog 