Security of the Pipeline

Securing the Build Pipeline

Access Gates

Access gates, also known as gates or checkpoints, serve as "stages" within a software development pipeline. They ensure that code progresses through the pipeline only after meeting predefined quality and security criteria. Access gates are crucial in enhancing the development process's control, quality assurance, and security. It's beneficial for everyone.

  1. Enhanced Control: Access gates provide checkpoints in the pipeline, allowing controlled progression to different stages.

  2. Quality Control: Gates ensures that code meets predefined quality standards before advancing.

  3. Security Checks: Gates enables security assessments, such as vulnerability scans, before deployment.

Implementation Steps:

  1. Manual Approvals: Require manual approval before moving to the next stage, ensuring thorough reviews.

  2. Automated Tests: Set up automated testing gates for code quality, unit tests, integration tests, etc.

  3. Security Scans: Integrate security scanning tools to detect vulnerabilities in the codebase.

  4. Release Gates: Use gates to verify proper documentation, versioning, and compliance.

  5. Environment Validation: Validate the target environment's readiness before deployment.

  6. Rollback Plan: Include a gate for a well-defined rollback plan in case of issues post-deployment.

  7. Monitoring: Implement monitoring gates to assess post-deployment performance.

  8. Parallel Gates: Run gates in parallel to expedite the pipeline without compromising quality.

  9. Auditing: Regularly review gate configurations and results to ensure effectiveness.

The Two-Person Concept

Even if we have access gates, we need to ensure that no single user can pass these access gates. If you are the developer who initiated the build, you should be prevented from passing the next access gate. This should always be someone else. By enforcing this with a technical control, it can be assured that in the event that a developer is compromised, a build cannot be pushed through. This is referred to as the two-person rule.

Some build servers may not allow you to ensure a control on the access gate to ensure that it is a different person. A good workaround in these cases is to simply increase the count of approvals needed from 1 to 2. This way, the developer provides one approval, but a secondary person has to provide the other.

Protecting the Pipeline

Protecting your GitLab CI/CD pipeline is essential to ensure the security of your code and infrastructure. Here are steps you can take to protect your pipeline with access gates and prevent unauthorized code execution like the example above:

Limit Branch Access

Restrict who can push to the main branch. Only trusted developers should have the ability to push code to this branch. You can do this by configuring branch protection rules in your GitLab repository settings. Navigate to Settings > Repository > Default branch. Configure the rules to require reviews before allowing changes.

Review Merge Requests

Enforce merge requests (or pull requests) to make main branch changes. Merge requests provide a way to review and approve code changes before merging. You can configure a merge request approvals to ensure multiple team members review and approve changes.

Use CI/CD Variables

Avoid storing sensitive information directly in your .gitlab-ci.yml file. Instead, use GitLab CI/CD variables to store secrets like API keys, passwords, and tokens. These variables can be protected and restricted to specific branches and tags.

Limit Runner Access

Only allow trusted runners to execute CI/CD jobs. By specifying tags, you can register runners with specific tags and then restrict which runners can be used for jobs in your .gitlab-ci.yml file. Only runners with the appropriate tags can run jobs on the main branch.

Access Control and Permissions

Review and configure project-level and group-level access controls and permissions. It's always good to review and ensure you have the least privilege by checking the project's settings and modifying the CI/CD configuration if necessary.

Regular Audits

Conduct regular security audits of your GitLab configuration and CI/CD pipeline. Review who has access and permissions and ensures that best practices are followed.

Monitor and Alert

Set up monitoring and alerting for your pipeline. Implement security monitoring solutions to detect unusual or unauthorized activities in your GitLab environment and CI/CD pipeline.

PreviousSecuring the Build ServerNextSecuring the Build Environment

Last updated