You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-[x] Usage of infrastructure-as-code tool (OpenTofu) to provision local KIND cluster
-[x] Security scanners implementation using Trivy during the build process
## Assumptions
After building the application from the CI pipeline, deploy it manually using helm on any k8s distribution
## Project Highlights/Features
1. Modular Golang code with Separate HTTP handlers and telemetry into different files for better organization and error handling.
Expand All
@@ -98,4 +99,4 @@ tofu destroy
- Use an ingress gateway like Istio to route the traffic inside the cluster securely with more granularity and access control for the backend services with claims and policies.
- Use ArgoCD/Flux to deploy and manage applications more efficiently
- Extend OpenTofu configuration to automate installation of pre-requisites tools.
- Use [sigstore policy controller](https://github.com/sigstore/policy-controller) to enforce a strict image policy such that only signed and verified images will be allowed to deploy in a namespace and other images will be rejected by the admission webhook controller.
- Use [sigstore policy controller](https://github.com/sigstore/policy-controller) to enforce a strict image policy such that only signed and verified images will be allowed to deploy in a namespace and other images will be rejected by the admission webhook controller.
