realaravinth
/
notes
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
notes/devops/README.md

2.0 KiB
Raw Blame History

Infrastructure

libvirt

  1. Terraform libvirt

OpenStack

  1. Upload Debian image to Glance
  2. OpenStack zed venison Nova end-user docs

Testing

  • serverspec.org: Ruby based simple, infrastructure testing. Please see here for a simple example.

  • testinfra: python-based infrastructure testing

DevSecOps

  1. (DevSec Hardening Framework](https://dev-sec.io/): Automatic Server hardening

  2. Chef Inspec(Apacha 2.0 and proprietary): Infrastructure-as-Code to auto-configure VMs and apps running in it to meet compliance.

    The binary installation(the one you get when you follow installation instructions) requires accepting EULA, so essentially proprietary? Please see here for the issue discussing the EULA and here for building Apache 2.0 compliant binary.

    Also, there's the CINC is not CHef (CINC) project that distributes fully FOSS(Apache2.0 and free of EULAs) Chef software.

  3. MITRE Security Automation Framework (SAF): framework of tools, techniques, libraries developed by MITRE and security community

  4. MITRE 2020 DevSecOps Best Practices Guide

Linux

Security

  1. Hardening Guide

K8s

  1. NSA K8s Hardening Guide)))

Programming

  1. CWE 2022: Top 25 Most Dangerous Software Weakness

Notes

Chef