aws-codebuild-docker-images
Vault
Our great sponsors
aws-codebuild-docker-images | Vault | |
---|---|---|
9 | 160 | |
1,091 | 29,644 | |
1.5% | 0.9% | |
6.1 | 10.0 | |
3 days ago | 3 days ago | |
Dockerfile | Go | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
aws-codebuild-docker-images
-
DevSecOps with AWS- IaC at scale - Building your own platform - Part 1
Based on public repository for Codebuild Image, the image base will be the Ubuntu standard 7.0.
-
Firecracker internals: deep dive inside the technology powering AWS Lambda(2021)
This is basically what CodeBuild does.
The default Docker containers that CodeBuild uses (you can create your own) and the shell script it uses to parse the yaml configuration file (mostly a list of shell scripts) are all open source and the entire process can be run locally.
https://github.com/aws/aws-codebuild-docker-images
https://docs.aws.amazon.com/codebuild/latest/userguide/use-c...
Disclaimer: I work for AWS. But nowhere near the team that developed Firecracker
-
CircleCI says hackers stole encryption keys and customers’ source code
Disclaimer: I work for AWS in Professional Services. All opinions are my own.
The beauty about CodeBuild is that there is no “lock-in”. All it is fundamentally is a Linux or Windows Docker container with popular language runtimes and a shell script that processes a yaml file or you can supply your own Docker container.
You just put a bunch of bash commands or PowerShell commands in the yaml file and it runs anything.
The Docker container and the shell scripts are all open source and you can quite easily run them locally.
I could see outside of AWS keeping your Docker containers for your specific build environments in a local repository and doing all of your builds inside them using Jenkins.
https://github.com/aws/aws-codebuild-docker-images
https://docs.aws.amazon.com/codebuild/latest/userguide/use-c...
For a “batteries included” approach though, I really like Azure DevOps Pipelines.
I’ve even done a couple of integrations between Azure DevOps and AWS when we had clients that are Microsoft shops.
https://aws.amazon.com/vsts/
For AWS, if you use CodeCommit (AWS git service), all access is via IAM and granular permissions. If you integrate with Azure DevOps, the AWS credentials do have to be stored in a separate MS hosted credential storage.
CodeBuild also supports at least Github natively.
I’m not shilling for AWS. I have an MS development background (.Net) and only have “DevOps” experience using AWS and Microsoft tooling.
-
Continuous Integration and Deployment on AWS - and a wishlist for CI/CD Tools on AWS
Docker Images provided by the CodeBuild team should be updated regularly and should support all "modern" toolkits. The open source project has some activity, but an issue for supporting newer Android versions is now open for some time...
-
Building a Flutter application for Web, iOS and Android using a CI/CD pipeline on CodeBuild – #cdk4j
The runtimes available and exposed by CodePipeline support Android runtime 29 – and the Docker images are provisioned using Java 8. Unfortunately, as of July 2021, the Android gradle tools (used by Flutter) require Java 11. I have created an issue in the corresponding Github (see here) but needed to find a workaround to move on – I think I’ve found one, but I hope that anyone reading this might have a better way or idea?
- Is there a way to request a new runtime for codebuild?
-
Run local Graviton2 builds with AWS CodeBuild agent
$ git clone https://github.com/aws/aws-codebuild-docker-images.git $ cd aws-codebuild-docker-images/al2/aarch64/standard/2.0 $ docker build -t codebuild/amazonlinux2-aarch64-standard:2.0 .
-
Build and share Docker images using AWS CodeBuild and Graviton2
This also is the place where we specify this is an AArch64 build. The managed image indicates to use a standard image provided by AWS. The source of the Graviton2 image can be found on GitHub.
-
DevOps tools you should have on your belt
🏗 AWS CodeBuild Local Builds - Simulate a CodeBuild environment locally to quickly troubleshoot the commands and settings located in the BuildSpec file.
Vault
- Terraform & HashiCorp Vault Integration: Seamless Secrets Management
-
Top Secrets Management Tools for 2024
HashiCorp Vault
-
Keep it cool and secure: do's and don'ts for managing Web App secrets
For a more comprehensive and robust secret management solution, get your hands on tools like GCP Secret Manager, or HashiCorp Vault. They're like the security guards of your secrets, providing a safe house, access control, and keeping logs of who’s been snooping around.
-
Kubernetes Secret Management
HashiCorp Vault is a popular tool for managing secrets in Kubernetes clusters. It offers advanced features such as secure storage, encryption, dynamic secrets generation, and integration with Kubernetes through its Kubernetes authentication method.
-
Champion Building - How to successfully adopt a developer tool
So you've just bought a new platform tool? Maybe it's Hashicorp Vault? Snyk? Backstage? You’re excited about all of the developer experience, security and other benefits you're about to unleash on your company—right? But wait…
-
AWS Secrets Manager for on-premise and other cloud accounts scaled architecture
You seem to be looking for a cross-platform solution, and https://www.vaultproject.io/ provides just that. If everything was in AWS, AWS Secret Manager might be great, but imo Vault provides much better platform-agnostic capabilities.
-
Show HN: Anchor – developer-friendly private CAs for internal TLS
https://github.com/openwrt/luci/blob/master/applications/luc...
https://developer.hashicorp.com/vault/tutorials/secrets-mana... https://github.com/hashicorp/vault :
> Refer to Build Certificate Authority (CA) in Vault with an offline Root for an example of using a root CA external to Vault.
-
The Complete Microservices Guide
Secret Management: Securely stores sensitive configuration data and secrets using tools like AWS Secrets Manager or HashiCorp Vault. Avoid hardcoding secrets in code or configuration files.
-
Horcrux: Split your file into encrypted fragments
The author of this tool basically took the Shamir code from Hashicorp Vault, which is pretty mainstream. If you're looking for a solid implementation, I would start there[0]. I wouldn't use the Shamir code from this repo, as it's an old version of the vault code using field arithmetic that doesn't run in constant time.
[0]: https://github.com/hashicorp/vault/blob/main/shamir/shamir.g...
-
OpenTF Announces Fork of Terraform
Out of curiosity, what do you mean by this? cross-cluster? they already have HA: https://github.com/hashicorp/vault/blob/v1.14.1/website/cont...
while digging up that link, I also saw one named replication: https://github.com/hashicorp/vault/blob/v1.14.1/website/cont...
What are some alternatives?
cfn-python-lint - CloudFormation Linter
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
hello-arm
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
saml2aws - CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP
sops - Simple and flexible tool for managing secrets
copilot-cli - The AWS Copilot CLI is a tool for developers to build, release and operate production ready containerized applications on AWS App Runner or Amazon ECS on AWS Fargate.
etcd - Distributed reliable key-value store for the most critical data of a distributed system
aws-extend-switch-roles - Extend your AWS IAM switching roles by Chrome extension, Firefox add-on, or Edge add-on
OPA (Open Policy Agent) - Open Policy Agent (OPA) is an open source, general-purpose policy engine.
awsume - A utility for easily assuming AWS IAM roles from the command line.
bitwarden_rs - Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs [Moved to: https://github.com/dani-garcia/vaultwarden]