Problem
When attempting to run Vault CLI commands with HCP Vault, you receive a {"errors":["permission denied"]} Error.
Cause
The Vault Namespace is not exported as an environment variable.
[Read more…]HCP Vault as a secret storage for GitLab
In our previous article, we explored how to integrate GitLab with a self-hosted HashiCorp Vault to manage secrets securely. Building on that foundation, today’s focus shifts to utilizing HashiCorp Cloud Platform (HCP) Vault as a secret storage solution for GitLab. HCP Vault offers the same robust security features as the self-hosted version but with the added benefits of being fully managed and maintained by HashiCorp. This means you can enjoy streamlined setup, reduced operational overhead, and seamless scaling. In this article, we’ll guide you through the process of integrating HCP Vault with GitLab, ensuring your secrets are stored securely in the cloud while maintaining the efficiency of your CI/CD pipelines.
[Read more…]GitLab + HashiCorp Vault as a secret storage
GitLab, a popular DevOps platform known for its robust features and seamless integration, has long lacked a native secret store for securely managing sensitive information such as API keys, passwords, and tokens. Despite numerous requests from its user community, this feature has remained on the platform’s wishlist without implementation. As a workaround, GitLab recommends integrating with HashiCorp Vault, a well-regarded tool for secrets management, to fill this gap. This integration allows users to leverage the strengths of both GitLab and HashiCorp Vault, ensuring secure and efficient handling of secrets within their DevOps workflows.
GitLab CI Pipeline with Kaniko, Twistcli, and Crane
This blog post will explain how to efficiently set up a GitLab CI pipeline using Kaniko, Twistcli, and Crane to build docker images, scan them on Prisma Cloud via twistcli, and then push them to the registry. This setup is particularly useful for environments where Docker-in-Docker (DinD) is not feasible, such as self-hosted GitLab runners on AKS pods.
[Read more…]Building Kaniko Image with Embedded Twistcli
In this blog post, we’ll explore how to create a custom Kaniko image that includes Twistcli for security scanning. This setup is especially useful in environments where Docker-in-Docker (DinD) is not feasible, such as standard Kubernetes clusters.
How To Reset or Renew Final Cut Pro Trial
How to adjust the keyboard backlight on the new M2 M3 MacBook
The latest Macbooks lack keys to adjust keyboard brightness and F5 and F6 don’t work as it was previously. To fix that create a new plist file in ~/Library/LaunchAgents
named com.local.KeyRemapping.plist and added the code below.
How to change the security type from SSL to TLS in Jenkins
I am trying to set up the SMTP email notification. I want to configure it for my office 365.
Smtp server = smtp.office365.com
Problem:
When I configured credentials, I received an error: [Read more…]
Jenkins + Xcode –resource-rules has been deprecated in Mac OS X >= 10.10!
Recently I tried to sign my iOS app with Apple Developer certificate through Jenkins with Xcode plugin and macmini as a slave.
Oh. I received a lot of different issues. I don't remember all of them, but the last one was:
Encrypted Postgres Backups
Today I decided to encrypt all my Postgresql Database Dumps. The OpenSSL command provides a nice tool for helping us encrypt and decrypt database backups in this way. The following steps will walk us through this process.
The first step needed to encrypt your database is to generate the RSA public/private keys. This can be done with the following command:
- 1
- 2
- 3
- …
- 8
- Next Page»