Online Courses
Security of the Pipeline
Online Courses
Security of the Pipeline
  • Security of the Pipeline
  • Intro to Pipeline Automation
    • Introduction
    • DevOps Pipelines Explained
    • Source Code and Version Control
    • Dependency Management
    • Automated Testing
    • Continuous Integration and Delivery
    • Environments
  • Source Code Security
    • Introduction
    • Git and Linus
    • Version Control Concepts
    • Cloud Based Version Control
    • Insufficient Credential Hygiene
  • CI/CD and Build Security
    • Introduction
    • What is CI/CD and Build Security?
    • Securing the Build Source
    • Securing the Build Process
    • Securing the Build Server
    • Securing the Build Pipeline
    • Securing the Build Environment
    • Protecting the Build Secrets
    • Conclusion
Powered by GitBook
On this page
  • Environment Segregation
  • Protecting the Build Environment
  • Isolate Environments
  • Restricted Access for CI/CD Jobs
  • Monitoring and Alerting
  1. CI/CD and Build Security

Securing the Build Environment

Environment Segregation

A key security principle in our pipeline is to ensure that our different environments are segregated. Environments are not created equal, especially in these modern times when Agile principles are used. Developers are often provided with quite a lot of access and abilities in environments other than production (PROD) and pre-production (PREPROD). With these additional permissions, we need to make sure that there is adequate segregation between the various environments.

At first glance, you may think that this is a simple endeavor. All we need to do is to ensure that developers do not have access to these sensitive environments. However, with the introduction of pipelines, this becomes a tad bit more complex. Even if we restrict direct access to these environments, there may be side channels in the pipeline that can be exploited. In this task, we will take a look at one common misconfiguration when the build agents themselves are not segregated.

Protecting the Build Environment

Protecting your build environment is crucial to prevent compromising your production pipeline through a single runner shared between DEV and PROD. Here are some steps you can take to enhance security:

Isolate Environments

Separate your DEV and PROD pipelines as much as possible. Use separate runners or runner tags for DEV and PROD builds. Ensuring that any compromise in the DEV environment does not directly impact PROD. This way, you can't compromise PROD in the way shown in this task.

Restricted Access for CI/CD Jobs

Limit access to the runner host. Only authorized personnel should have access to the machine(s) running the GitLab Runner. Implement strong access controls and monitor for unauthorized access. GitLab provides a "Protected CI/CD environments" feature that allows you to define access controls for environments, restricting who can deploy to them. Permission features limit and assigns who can modify CI/CD configuration, including the .gitlab-ci.yml file.

Monitoring and Alerting

Implement monitoring and alerting for your CI/CD pipeline and runner. Set up alerts for suspicious activity or failed builds, which could indicate a compromise. Review and audit access permissions periodically, especially for environments and CI/CD configurations. Revoke access for users or roles that no longer require it.

PreviousSecuring the Build PipelineNextProtecting the Build Secrets

Last updated 8 months ago