Secure Continuous Delivery on Google Cloud : Implement an Automated and Secure Software Delivery Pipeline on Google Cloud Using Native Services

Secure Continuous Delivery on Google Cloud Implement an Automated and Secure Software Delivery Pipeline on Google Cloud Using Native Services

Build an end-to-end continuous delivery pipeline on Google Cloud and secure your software supply chain using GCP tools and services including Cloud Code, Cloud Workstations, Cloud Build, Artifact Registry, and Cloud Deploy Key Features Gain hands-on experience building an end-to-end software deliver...

Descripción completa

Detalles Bibliográficos
Otros Autores: Galloro, Giovanni, author (author), Avery, Nathaniel, author, Dorbin, David, author
Formato: Libro electrónico
Idioma:Inglés
Publicado: Birmingham, England : Packt Publishing Ltd [2024]
Edición:First edition
Materias:
Google (Firm)
Cloud computing.
Business enterprises > Computer networks > Management.
Information technology > Management.
Application software > Development.
Computer networks > Management.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009815726006719
Tabla de Contenidos:
  • Cover
  • Copyright
  • Foreword
  • Contributors
  • Table of Contents
  • Preface
  • Part 1: Introduction and Code Your Application
  • Chapter 1: Introducing Continuous Delivery and Software Supply Chain Security
  • Introduction to CD
  • CD practices
  • The impact of CD on software delivery performance
  • Understanding continuous integration
  • How to implement CI
  • Understanding continuous testing
  • Test types
  • Implementing continuous testing
  • Understanding deployment automation
  • Implementing deployment automation
  • Securing your software delivery pipeline
  • Source code management threats and remediations
  • Build threats and remediations
  • Dependency threats and remediations
  • Summary
  • Chapter 2: Using Skaffold for Development, Build, and Deploy
  • Technical requirements
  • Understanding Skaffold's capabilities and architecture
  • Skaffold for building
  • Skaffold for deploying
  • Skaffold's architecture
  • Installing Skaffold
  • Using Skaffold with your application
  • Initializing your repository using skaffold init
  • Testing your application while you code using skaffold dev
  • Building your application using skaffold build
  • Testing your application using skaffold test
  • Deploying your application using skaffold deploy
  • Deploying and rendering separately using skaffold render and skaffold apply
  • Running the end-to-end pipeline using skaffold run
  • Managing deployment in different environments
  • Cleaning up
  • Summary
  • Chapter 3: Developing and Testing with Cloud Code
  • Technical requirements
  • About Cloud Code
  • Continuously deploying and testing locally while you code
  • Checking application logs from your editor
  • Creating a GKE cluster from your editor
  • Continuously deploying and testing a Kubernetes app remotely while you code
  • Debugging
  • Code with AI assistance
  • Getting help to understand code.
  • Generating code
  • Cleaning up
  • Summary
  • Chapter 4: Securing Your Code with Cloud Workstations
  • Technical requirements
  • Introduction to Cloud Workstations
  • Cloud Workstations architecture
  • Configuring workstations for developers
  • Creating a workstation cluster
  • Creating a workstation configuration for the base editor
  • Creating a workstation configuration for the IntelliJ IDEA Ultimate IDE
  • Creating workstations and assigning them to developers
  • Customizing Cloud Workstations
  • Creating a custom image and workstation configuration
  • Updating Cloud workstations
  • Coding on Cloud Workstations
  • Accessing a Cloud workstation configured with the base editor
  • Accessing a Cloud workstation configured with a JetBrains IDE
  • Cleaning up
  • Summary
  • Part 2: Build and Package Your Application
  • Chapter 5: Automating Continuous Integration with Cloud Build
  • Technical requirements
  • Cloud Build architecture and capabilities
  • Building your application manually
  • Running a simple build from the command line
  • Adding automated tests to your build
  • Building your application using Skaffold
  • Using substitutions
  • Customizing your build workers
  • Custom machine types
  • Private worker pools
  • Generating security information for your build
  • Producing digitally signed provenance
  • Viewing vulnerability reports and provenance
  • Automating builds
  • Creating your source code repository
  • Connecting your source code repository to Cloud Build
  • Creating a trigger for your build
  • Running an automated build after a code commit
  • Summary
  • Chapter 6: Securely Store Your Software on Artifact Registry
  • Technical requirements
  • Managing container images with Artifact Registry
  • Creating an Artifact Registry repository to store your image
  • Viewing role-based access control on a repository.
  • Listing the Artifact Registry repositories available in a project
  • Uploading a Docker container to Artifact Registry
  • Listing container images in the repository
  • Pulling a container image/package
  • Managing language package distribution with Artifact Registry
  • Creating a repository for a Python package from the demo app
  • Uploading a Python package to the repository
  • Viewing packages in the standard Python repository
  • Creating a repo for Go packages from the demo app
  • Using virtual and remote repositories
  • Creating a remote repository for Python
  • Listing the packages in the remote Python repo
  • Creating a virtual repository from two different Python repositories
  • Using vulnerability scanning to detect threats
  • Running an on-demand scan of your container image
  • Seeing the results of the on-demand scan
  • Viewing scan results in the Google Cloud Console
  • Summary
  • References
  • Part 3: Deploy and Run Your Application
  • Chapter 7: Exploring Runtimes - GKE, GKE Enterprise, and Cloud Run
  • Understanding containers
  • Understanding Google Kubernetes Engine
  • What's the big deal about GKE?
  • GKE limitations
  • GKE cluster modes
  • GKE components
  • Autoscaling
  • Understanding GKE Enterprise
  • Identity management
  • GKE Enterprise on on-premises clusters
  • Limitations of GKE Enterprise on bare metal
  • GKE Enterprise clusters on AWS and Azure
  • Understanding Cloud Run
  • Cloud Run services
  • Cloud Run jobs
  • Cloud Run integrations
  • Cloud Run limitations
  • Cloud Run pricing
  • Choosing between GKE and Cloud Run
  • Summary
  • References
  • Chapter 8: Automating Software Delivery Using Cloud Deploy
  • Technical requirements
  • Exploring the Cloud Deploy architecture
  • Cloud Deploy among software delivery tools
  • The Cloud Deploy resource model
  • The Cloud Deploy execution environment.
  • What happens when a delivery pipeline executes?
  • Understanding Cloud Deploy target types
  • Using the Kubernetes manifest and Kustomization
  • Using a Skaffold configuration
  • Preparing your project
  • Enabling the API
  • Creating the GKE clusters
  • Granting the necessary permissions
  • Creating a delivery pipeline
  • Understanding the progression
  • Understanding targets
  • Registering the delivery pipeline and targets
  • Creating a release
  • Examining a release
  • Verifying your deployment
  • Using a deployment strategy
  • Configuring the deliver pipeline for a canary deployment
  • Running the canary deployment
  • Summary
  • Chapter 9: Securing Your Runtimes with Binary Authorization
  • Technical requirements
  • Understanding Binary Authorization concepts
  • Setting up Binary Authorization
  • Creating a CMEK
  • Setting up Binary Authorization on GKE
  • Setting up Binary Authorization on Cloud Run
  • Using Binary Authorization on GKE on other public clouds
  • Setting up attestations
  • Creating an attestation
  • Configuring Binary Authorization policies
  • Creating the policy
  • Applying an attestation to the image
  • Summary
  • Part 4: Hands-On Secure Pipeline Delivery and Looking Forward
  • Chapter 10: Demonstrating an End-to-End Software Delivery Pipeline
  • Technical requirements
  • Software delivery pipeline overview
  • Building your software delivery pipeline
  • Creating your source code repository
  • Configuring the required IAM roles
  • Creating two GKE clusters
  • Creating GKE gateway resources
  • Creating your Cloud Deploy delivery pipeline
  • Configuring security policies for your pipeline
  • Connecting your source code repository to Cloud Build
  • Creating two Cloud Build triggers for your repository
  • Creating your initial release
  • Running your pipeline
  • Updating your code as a developer.
  • Running an automatic build and scan of your artifact
  • Merging your code and deploying your application to production
  • Summary
  • Chapter 11: Integrating with Your Organization's Workflows
  • Technical requirements
  • Connecting a Cloud Build trigger to a third-party repository
  • Creating a host connection to GitLab
  • Creating a link to the GitLab repository
  • Creating a trigger
  • Integrating Cloud Deploy with automated testing
  • Integrating Cloud Deploy approval with third-party workflow management tools
  • Using a third-party workflow management system with Cloud Deploy approvals
  • Summary
  • Chapter 12: Diving into Best Practices and Trends in Continuous Delivery
  • Best practices for deploying secure delivery pipelines
  • Using a host project for CI/CD infrastructure
  • Consider using VPC-SC
  • Using private pools with Cloud Build and Cloud Deploy
  • Using Cloud Logging and Cloud Monitoring
  • Enabling recommended alerts
  • Using GitOps
  • Anticipating the future
  • AI infusion
  • Summary
  • References
  • Index
  • Other Books You May Enjoy.

Ejemplares similares