Welcome to OpenShift DevSecOps Roadshow (10 minutes)

1. Introduction and Overview

Welcome to the OpenShift DevSecOps Roadshow! In this Roadshow, you will learn the techniques and technologies for adopting DevOps and DevSecOps practices to run applications in The Open Hybrid Cloud.

2. Key Takeaways

  • Learn how to leverage Red Hat OpenShift as an Application Platform Trusted - Comprehensive - Consistent capabilities.

  • Dive into CI/CD pipelines using OpenShift Pipelines.

  • Adopt DevSecOps best practices securely with OpenShift GitOps and Trusted Software Supply Chain.

3. Environment Overview

Our cluster is provisioned just for you and this roadshow. During this day, you will be accessing the same cluster with pre-defined credentials shared in each module.

Below is a list of the technologies installed and configured in the OpenShift cluster.

3.1 Technology Flow Diagram

devops env architecture

Fig 1. The diagram shows the technology stack and its interactions.

3.2 Technology Stack

  • Red Hat OpenShift is a unified platform to build, modernize, and deploy applications at scale. Work smarter and faster with a complete set of services for bringing apps to market on your choice of infrastructure.

  • Red Hat OpenShift Pipelines is a cloud-native, continuous integration and continuous delivery (CI/CD) solution based on Kubernetes resources. It uses Tekton building blocks to automate deployments across multiple platforms by abstracting away the underlying implementation details.

  • Red Hat OpenShift GitOps is an Operator that uses Argo CD as the declarative GitOps engine. It enables GitOps workflows across multicluster OpenShift and Kubernetes infrastructure. Using Red Hat OpenShift GitOps, administrators can consistently configure and deploy Kubernetes-based infrastructure and applications across clusters and development lifecycles.

  • Red Hat Build of Keycloak is a cloud-native Identity Access Management solution based on the popular open source Keycloak project.

  • Red Hat Quay is a security-focused and scalable private registry platform for managing content across globally distributed datacenter and cloud environments.

  • Red Hat Advanced Cluster Security for Kubernetes is a Kubernetes-native security platform that equips you to build, deploy, and run cloud-native applications with more security. The solution helps protect containerized Kubernetes workloads in all major clouds and hybrid platforms, including Red Hat OpenShift, Amazon Elastic Kubernetes Service (EKS), Microsoft Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE).

  • Red Hat OpenShift Data Foundation previously Red Hat OpenShift Container Storage—is software-defined storage for containers. Red Hat OpenShift Data Foundation helps teams develop and deploy applications quickly and efficiently across clouds.

  • Gitea is the SCM used to store and push application source code.

  • SonarQube is a tool for continuously inspecting the Code Quality and Security of an application source code.

  • Nexus as a central artifactory repository.