Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update cloud-init.yml #139

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Update cloud-init.yml #139

wants to merge 4 commits into from

Conversation

aria1991
Copy link
Contributor

@aria1991 aria1991 commented Jan 22, 2023
edited
Loading

The changes :

— Verify authenticity of the keyring before in installation

— Non-root user and group specifically for running Docker is created, and the Docker daemon is configured to use these

— Environment variables are used to configure the git repository URL and sensitive information is stored in a secret management tool

— Install and run security auditing tools like Lynis and Docker Bench for Security

— Install and configure ClamAV for scanning for malware in the cloned repository and uses fail2ban for SSH intrusion prevention

@aria1991
Update cloud-init.yml
aefa067 
The changes  :

— Verify authenticity of the keyring before in installation

— Non-root user and group specifically for running Docker is created, and the Docker daemon is configured to use these

—  Environment variables are used to configure the git repository URL and sensitive information is stored in a secret management tool

—  Firewall rules are set up to limit the network access of the Docker containers and host machine

—  Install and run security auditing tools like Lynis and Docker Bench for Security

— Install and configure ClamAV for scanning for malware in the cloned repository and uses fail2ban for SSH intrusion prevention
@facebook-github-bot facebook-github-bot added the CLA Signed This label is managed by the Facebook bot. Authors need to sign the CLA before a PR can be reviewed. label Jan 22, 2023
@aria1991
Copy link
Contributor Author

Hi @slawlor. I'm a bit confused why the Docker Image CI is failing, Is it because of ECR authentication or Docker Hub?

@slawlor
Copy link
Contributor

slawlor commented Jan 23, 2023

Hmm yes that's odd, the CI should be using the repository's credentials when running the CI pipeline. It seems that it didn't retrieve the secret key for some reason, I'll look into it.

matinzd
matinzd approved these changes Jan 31, 2023
View reviewed changes
Copy link
Contributor

@matinzd matinzd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was thinking of updating it! Thanks :)

matinzd
matinzd reviewed Jan 31, 2023
View reviewed changes
cloud/cloud-init.yml Outdated Show resolved Hide resolved
@aria1991 aria1991 requested a review from matinzd February 5, 2023 21:11
@Ramiakadado
Copy link

هاي

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Anagirotti Anagirotti Anagirotti approved these changes

@huynhdev24 huynhdev24 huynhdev24 approved these changes

@Cachora Cachora Cachora approved these changes

@Weirdo5000 Weirdo5000 Weirdo5000 approved these changes

@Mitsuecom Mitsuecom Mitsuecom approved these changes

@wazwaz80 wazwaz80 wazwaz80 approved these changes

@Nellyjay22 Nellyjay22 Nellyjay22 approved these changes

@nareshrajkumar866 nareshrajkumar866 nareshrajkumar866 approved these changes

@matinzd matinzd Awaiting requested review from matinzd

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
CLA Signed This label is managed by the Facebook bot. Authors need to sign the CLA before a PR can be reviewed.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.