Scanning your code on every single push
One of the most common questions I’m asked about GitHub, specifically around Actions and the application security features, is “how do I scan my team’s code on every single push?” While it can tec...
One of the most common questions I’m asked about GitHub, specifically around Actions and the application security features, is “how do I scan my team’s code on every single push?” While it can tec...
💖 This post contains unresolved professional trauma and is fueled by a desire to spare others that deep pain. You have been warned. 💖 Please stop automatically putting code security alerts into ...
I can’t believe I’ve been doing this whole blogging thing for six months now! In those six months, my initial setup is still working well. I found a big pain point with how I’d set this up versus...
Now that we have actions-runner-controller up and running, we need to think through the runner image some. This piece is all about how to build your own image(s) and whether it’s a good idea to do...
✨ I built a thing! ✨ 💖 Then open-sourced it for the whole world to use! 💖 I wrote a set of Python scripts that creates and manages a team of folks that can access all of the security alerts thro...
I recently replaced my Ubiquiti USG-3 security gateway (info) with a Raspberry Pi 4 B (info) and OpenWRT. My USG-3 acted as a firewall, router, and provided some VLANs to isolate some of our “smar...
As we work on testing and building and deploying custom Actions runners, it’ll save a ton of time if each set can deploy itself automatically. This walk-through will set up GitHub’s hosted Actions...
One of the first questions to answer when building out GitHub Actions compute on premises is “how do I know what my users are doing?” In an old-school persistent-machine setup, this isn’t a proble...
Now that we have a working Kubernetes cluster with the new actions-runner-controller scaling set of runners using the default image (Dockerfile and image), let’s create a couple of GitHub Actions t...
Kubernoodles is a reference architecture for a lot of “how to devops” things, mostly for actions-runner-controller within a larger business. With all the new work GitHub has put into the project, ...