Talk With an Expert

Cloud Flight Simulator Part 1: GitLab CI, Workflows, and Secrets

  • Thu, Jan 4, 2024
  • 10:00AM - 11:00AM UTC
  • English
  • Eric Johnson
  • Technical Presentation
Webcast Hero

Before you can help DevOps teams solve security problems and improve their security programs, you need to understand how they think, how they work, and the tools that they use. Join SEC540: Cloud Native Security and DevSecOps Automation authors and instructors Ben Allen, Eric Johnson, and Jon Zeolla to start the new year for a 4 Part Cloud Security Flight Simulator series.

In Part 1, join SEC540 lead author and instructor Eric Johnson for a discussion on Continuous Integration (CI). The 2023 SANS DevOps Survey estimates that nearly 60% of DevOps teams are using version control systems with integrated continuous integration (CI) capabilities such as GitHub and GitLab. In this webcast, you will learn how to create a GitLab CI workflow that deploys a container to a Kubernetes cluster. Along the way, we will explore how GitLab CI uses OpenID Connect (OIDC) identity tokens to authenticate with other cloud services, such as HashiCorp Vault and Kubernetes, to deploy the container.

Explore the rest of the Cloud Flight Simulator Series:

Meet the speaker

Eric Johnson
Eric Johnson

Eric Johnson

Principal Security Engineer

Eric is a co-founder and principal security engineer at Puma Security focusing on modern static analysis product development and DevSecOps automation. He is co-author and instructor for three SANS Cloud Security courses.

Read more about Eric Johnson
Cloud Flight Simulator Part 1: GitLab CI, Workflows, and Secrets | SANS Institute