Tagged articles

15 articles

Page 1 of 1

Jan 14, 2026 · Information Security

Can a Unified Software Factory Meet Strict Secret‑Management Requirements?

The article analyzes how military‑grade software factories can reconcile unified development platforms with strict secret‑management requirements by focusing on process‑based governance, data classification, personnel behavior, and built‑in compliance mechanisms that make secret handling an intrinsic, auditable part of the development workflow.

DevOpsSecret ManagementSoftware Factory

0 likes · 8 min read

Can a Unified Software Factory Meet Strict Secret‑Management Requirements?

Ops Development & AI Practice

Oct 31, 2025 · Cloud Native

External Secrets Operator vs. Secrets Store CSI Driver: Which Kubernetes Secret Solution Wins?

This article compares Kubernetes secret management tools—External Secrets Operator, Secrets Store CSI Driver, HashiCorp Vault, and Sealed Secrets—examining their mechanisms, security, compatibility, and ease of use to help you choose the best fit for your cluster.

CSI DriverExternal Secrets OperatorHashiCorp Vault

0 likes · 8 min read

External Secrets Operator vs. Secrets Store CSI Driver: Which Kubernetes Secret Solution Wins?

DevOps Coach

Oct 9, 2025 · Information Security

How to Harden GitHub Actions: Proven Security Practices for Safer CI/CD

This guide explains why GitHub Actions need protection, reviews core concepts, and provides step‑by‑step hardening measures—including read‑only token defaults, trusted action sources, branch‑protection rules, secret management, explicit permissions, SHA pinning, and runner security—to keep CI/CD pipelines safe from real‑world attacks.

CI/CD securityDevOpsGitHub Actions

0 likes · 10 min read

How to Harden GitHub Actions: Proven Security Practices for Safer CI/CD

Architecture and Beyond

Jul 5, 2025 · Information Security

Why Leaked OpenAI API Keys Are a Massive Risk and How to Protect Yours

Leaked API keys on GitHub expose millions of dollars and sensitive data, as illustrated by real-world breaches, and the article explains why developers embed secrets, the dangers involved, and practical steps—environment variables, secret managers, git hooks, and regular scanning—to prevent costly security incidents.

API SecurityEnvironment VariablesGitHub scanning

0 likes · 8 min read

Why Leaked OpenAI API Keys Are a Massive Risk and How to Protect Yours

Raymond Ops

Apr 23, 2025 · Cloud Native

Secure Kubernetes Secrets with kubeseal: Installation & Usage Guide

This article explains how to install kubeseal and its controller, create and encrypt Kubernetes Secret manifests, apply sealed secrets, and provides useful tips on API routes, custom certificates, and RBAC to securely manage secrets in a cloud‑native environment.

KubeSealKubernetesSealed Secrets

0 likes · 5 min read

Secure Kubernetes Secrets with kubeseal: Installation & Usage Guide

DevOps Cloud Academy

Mar 24, 2025 · Information Security

Protecting Sensitive Configuration Files: .gitignore, Environment Variables, Secret Management, and AES Encryption with Python

This article explains how to safeguard sensitive configuration data such as database credentials and API keys by using .gitignore, environment variables, secret management tools, and AES encryption with a Python script, and describes how to integrate these practices into CI/CD pipelines.

AES encryptionConfiguration ManagementDevOps

0 likes · 7 min read

Protecting Sensitive Configuration Files: .gitignore, Environment Variables, Secret Management, and AES Encryption with Python

MaGe Linux Operations

Jul 14, 2024 · Cloud Native

Secure Kubernetes Secrets with Sealed Secrets: A Step‑by‑Step Guide

This tutorial explains how to install kubeseal and its controller, encrypt Kubernetes secrets into SealedSecret resources, apply them to a cluster, and let the controller automatically decrypt them back into regular secrets, ensuring safer secret management in cloud‑native environments.

DevOpsKubeSealKubernetes

0 likes · 5 min read

Secure Kubernetes Secrets with Sealed Secrets: A Step‑by‑Step Guide

Alibaba Cloud Native

Apr 5, 2024 · Cloud Native

How ACK One Enables Multi‑Cluster GitOps for Hybrid Cloud Deployments

This article explains the core concepts of GitOps, outlines the advantages of using ACK One GitOps for multi‑cluster, hybrid‑cloud continuous delivery, and provides step‑by‑step guidance, code examples, and security configurations for Argo CD, ApplicationSets, RBAC, and secret management.

ACK OneArgoCDGitOps

0 likes · 12 min read

How ACK One Enables Multi‑Cluster GitOps for Hybrid Cloud Deployments

Spring Full-Stack Practical Cases

Mar 14, 2024 · Backend Development

Secure Spring Boot Configs with HashiCorp Vault: A Step‑by‑Step Guide

This tutorial shows how to install HashiCorp Vault, configure its secret engines, encrypt and decrypt data, store KV secrets programmatically, and integrate Vault with Spring Boot to protect sensitive configuration such as database credentials.

Backend DevelopmentHashiCorp VaultJava

0 likes · 7 min read

Secure Spring Boot Configs with HashiCorp Vault: A Step‑by‑Step Guide

Code Ape Tech Column

Jul 28, 2023 · Information Security

Secure Configuration Management with Nacos Encryption Plugin and Jasypt in Spring Boot

This article compares Nacos 2.0's encryption plugin with the Jasypt library for securely storing passwords and secret keys in configuration files, providing step‑by‑step Maven dependencies, configuration examples, encryption/decryption code, and practical advice for Spring Boot applications.

Configuration ManagementJasyptNacos

0 likes · 7 min read

Secure Configuration Management with Nacos Encryption Plugin and Jasypt in Spring Boot

MaGe Linux Operations

Sep 23, 2022 · Cloud Native

Secure Kubernetes Secrets with KubeSeal: Install and Use Guide

This guide explains how to install KubeSeal and its controller, encrypt Kubernetes Secret resources, store them safely in Git, and let the controller automatically decrypt them back into the cluster, reducing the risk of secret leakage.

Cloud NativeKubeSealKubernetes

0 likes · 6 min read

Secure Kubernetes Secrets with KubeSeal: Install and Use Guide

Ops Development Stories

Mar 8, 2022 · Cloud Native

How Tekton Orchestrates Cloud‑Native CI/CD Pipelines: A Deep Dive

This article explains Tekton’s core CRDs—Task, TaskRun, Pipeline, PipelineRun, PipelineResource, and Condition—how they are implemented on Kubernetes, how pipelines are built and executed, and how to manage secrets and service accounts for secure CI/CD workflows.

Cloud NativeKubernetesPipeline

0 likes · 20 min read

How Tekton Orchestrates Cloud‑Native CI/CD Pipelines: A Deep Dive

Ops Development Stories

Jan 27, 2021 · Information Security

Secure Secrets: Install & Integrate HashiCorp Vault with Kubernetes

This guide walks through installing HashiCorp Vault on Linux and Kubernetes, configuring it for secret management, enabling Kubernetes authentication, creating policies and roles, and accessing secrets via initContainers or the Vault SDK, providing a complete end‑to‑end secure integration.

DevOpsHashiCorpInfrastructure

0 likes · 13 min read

Secure Secrets: Install & Integrate HashiCorp Vault with Kubernetes

Cloud Native Technology Community

Jul 21, 2020 · Cloud Native

What Real‑World Kubernetes Lessons Reveal About Cloud‑Native Ops

A senior infrastructure engineer shares hard‑won lessons from migrating a large team to pure Kubernetes, covering deployment speed, error reduction, observability, networking, monitoring, GitOps, custom operators, secret handling, CI, and logging challenges in modern cloud‑native environments.

Cloud NativeGitOpsKubernetes

0 likes · 11 min read

What Real‑World Kubernetes Lessons Reveal About Cloud‑Native Ops

DevOps

Sep 12, 2018 · Cloud Computing

Using Azure Key Vault to Secure Secrets in TFS/VSTS Build and Release Pipelines

This guide explains how to store sensitive information such as passwords, tokens, and connection strings in Azure Key Vault and integrate it with TFS/VSTS build and release pipelines to improve security, simplify management, and avoid secret leakage across multiple projects.

AzureKey VaultSecret Management

0 likes · 8 min read

Using Azure Key Vault to Secure Secrets in TFS/VSTS Build and Release Pipelines