Conference:  KubeCon + CloudNativeCon Europe 2023

Authors: Priyanka Saggu, Mario Jason Braganza

2023-04-19

The presentation discusses the anatomy and examples of Brow Jobs in the Kubernetes project, emphasizing the importance of testing and maintaining infrastructure.

• Brow Jobs are periodic, presubmit, and postsubmit jobs that help automate testing and deployment in the Kubernetes project
• The anatomy of a Brow Job includes fields such as name, interval, cluster, and job type
• Examples of Brow Jobs in the Kubernetes project include syncing enhancement proposals and tracking bugs
• Testing and maintaining infrastructure is crucial for the success of Brow Jobs and requires collaboration and communication among team members

Conference:  KubeCon + CloudNativeCon North America 2021

Authors: Xudong Sun, Lalith Suresh

2021-10-13

The presentation discusses the challenges of testing Kubernetes controllers in the presence of distributed systems faults and introduces an automated testing tool called Sieve to address these challenges.

• Kubernetes controllers are critical for extending Kubernetes with new capabilities
• Controllers are just one component in a complex distributed system and are susceptible to various kinds of faults
• It is difficult to make controller code robust to these faults
• Sieve is an automated testing tool that systematically tests Kubernetes controllers to harden them against faults
• Sieve has already discovered and led to fixes for safety-critical bugs in popular Kubernetes controllers

Conference:  OWASP 20th Anniversary Event

Authors: Marcin Szydłowski

2021-09-24

Abstract:​Traditionally Change Management is a very well-defined process. You can find hundreds of articles on the Internet explaining how each change should be properly requested, developed, tested and approved before being moved to the production environment.Obviously, each of these steps requires documentation and formal approval (sign-off) from the appropriate person. This process was giving security engineers several chances to ensure that changes do not introduce any new vulnerabilities and infrastructure to which the application is deployed is hardened and patched.Security around the Change Management process gets a little bit more complicated for agile software development and DevOps methodologies where tens of small changes are introduced every day. Each of these small changes is being automatically tested from various perspectives and if everything goes as expected it gets deployed to the environment of your choice without human intervention.Without any manual review in place, change management and security controls rely heavily on the fact that:- humans cannot access sensitive environments in an uncontrolled manner- application’s and infrastructure’s code is independently reviewed to avoid unauthorized changes and detect flaws- pre-approved and verified artifacts are used while building applications to decrease the risk of insecure dependencies or malicious artifacts- automated tests are performed by pipeline to detect defects or security issuesIt goes without saying, that ability to circumvent any of the above mentioned controls may introduce unauthorized changes and security issues to the application.This presentation will describe often ignored area of application security which is related to security of development environment. Presenter will share some common misconfigurations of build/deployment environment which can have a significant negative impact on source code integrity and as an ultimate result on security of application itself.​​​