DevSecOps Lab With OpenShift and GitLab

105 Launches
Solution Overview

DevOps is a set of practices that pushes all roles involved in the software delivery cycle to take ownership of the product and work at a faster more efficient speed. DevSecOps is an extension on this thought and passes ownership of security from, traditionally, a single team in the process to being everyone's responsibility. Rather than security being an after-thought that is being enforced at the end of a software project, DevSecOps puts the thought of security at the beginning so security compliance is being built-in to the project rather than bolted on at the end. In this lab, we give you some examples of how you can enable your teams to begin taking ownership of security as a whole by automating security compliance through a CI/CD pipeline.

devsecops gartner image

Goals & Objectives

In this lab you will run through manually deploying a basic web application and then implement a CI/CD pipeline that makes the ease of software delivery seamless. The objectives we complete are:

  • Introduce OpenShift administration basics
  • Build a CI/CD pipeline using GitLab CI
  • Deploy a basic web application
  • Enhance the applications security profile using automated security compliance

Hardware & Software

GitLab Enterprise:

  • CI
  • Container Scanning
  • Dependency Scanning
  • Web IDE
  • Container Registry

OpenShift 4.4

  • S2I
  • Image Streams
  • Templates