gabrielt
Product and Topic Expert
Product and Topic Expert
Member since ‎09-05-2015

User Statistics

  • 5 Posts
  • 0 Solutions
  • 1 Kudos given
  • 35 Kudos received

User Activity

Kubernetes Cross-Cluster Communication: Ditching Long-Lived Credentials

09-22-2023
This blog post provides a comprehensive guide on how to utilize Kubernetes service accounts and their OIDC tokens to establish secure communication between two Kubernetes clusters, referred to as “upstream” and “downstream” clusters. Imagine you want...

The Case for Automating Dependency Updates!

09-11-2023
We began the process of automating our software dependency updates and, as of today, we extensively utilize automation to keep our dependencies current. In this blog, I share an in-depth exploration of our journey, detailing not only the ‘what’ and ‘...

Using Jenkins OpenID Connect Provider Plugin in Kubernetes

04-18-2023
Continuous Integration (CI) systems like Jenkins often use long-lived credentials to authenticate to Kubernetes clusters. While some CI systems have native support for issuing short-lived OpenID Connect (OIDC) tokens, Jenkins doesn’t have this native...

Using GitHub Actions OpenID Connect in Kubernetes

09-23-2022
Update (12.04.2023): Another approach leveraging Kubernetes’ native credential plugin is now available at the end of this post. Insufficient credential hygiene is one of the top security threats to automatic CI/CD pipelines and connected environmen...

Use Kubernetes Service Accounts in Combination with OIDC Identity Federation for imagePullSecrets

09-01-2022
In this blog, I will share how you can use Kubernetes service accounts and their OIDC tokens to securely pull container images from private registries without having to copy secrets around. In this blog, I will focus on how to set it up using a Kuber...
Kudos given to