▪ cryptographically signed and verified commits Level 3 ▪ branch protection and required trust levels ▪ no unaudited bypassing of security functionality Level 1 ▪ clear guidelines on what is acceptable and what isn’t ▪ locally available tooling to verify code meets rulesets Secure Development
of materials ▪ all builds are hermetic, all dependencies packaged Level 1 ▪ no builds using unsigned or unverified commits ▪ build server configuration is codified and tested Level 2 ▪ actively create and store tamper-proof build logs ▪ build server configuration uses strong addressing Protect the Build
monitor for outliers in artifact attributes Level 2 ▪ isolate artifact servers by application environment ▪ limit admin access and regularly audit access Level 3 ▪ all dependencies must be explicitly allowed for use ▪ artifacts must pass regular scans while "live" Safeguard Artifacts
▪ build patterns to fail securely instead of safely Secure Orchestrators Level 1 ▪ consider the shared responsibility model ▪ lock down ingress and egress of service interface Level 2 ▪ only allow codified workloads to be executed ▪ define clear secrets management strategy
pipeline on: push: jobs: # all the stuff it needs to do happy_path: steps: - uses: "hashicorp/setup-terraform" - run: terraform fmt -check -recursive !# terraform validate with: version: "1.7.5"
jobs: # all the stuff it needs to do happy_path: steps: - uses: "hashicorp/[email protected]" - run: terraform fmt -check -recursive !# terraform validate with: version: "1.7.5" My Pipeline Definition
jobs: # all the stuff it needs to do happy_path: steps: - uses: "hashicorp/setup-terraform@633b725c73b2cacd13a8fdd1" - run: terraform fmt -check -recursive !# terraform validate with: version: "1.7.5" Their Pipeline Definition