CI/CD Secrets are... well... secret (or at least they should be)! Think of all the credentials and tokens currently in use in your CI/CD pipeline. These secrets provide critical authentication for essential infrastructure like source control, environments, and build and deployment tools, but they can also easily expose you to risk. Having a secure secret management process is more important than ever for protecting your company and ensuring only authorized personnel can access them.

Codefresh is a next-generation enterprise CI/CD platform for cloud-native applications. We help you automate your microservice builds and deployments with Kubernetes native workflows. When you are ready for GitOps, we have you covered with advanced deployments such as Canary and Blue/Green. Thousands of DevOps teams depend on Codefresh to build and deploy their software in a safe and scalable manner.

Adopting GitOps is an adventure worth exploring, but it requires careful consideration of your existing development practices, CI/CD automation, infrastructure, and engineering culture. Like any CI/CD modernization, the benefits are significant, but finding the right balance between the amount of change, the timeline, and the potential for improvement can be tricky. In addition, you also must ensure that your teams receive training on the core principles of GitOps and the new process. So with that in mind - is it all worth it? Is GitOps just another FAD that you should ignore?

Before cloud-native controlling components delivered was in some ways "easier" in that ops teams could limit which components were available on nodes. With containerization, the ops problem became harder while the dev side became easier. Now SBOMS (software bill of materials) are becoming critical to software supply chain risk management. In this episode, GitOps the Planet Alum, Christian Hernandez will join to walk us through SBOMS, how we should be using them, and how they help improve software security.

Dan's last tutorial "Learn how to make the LAST Docker image you'll ever need" was a very successful April Fools joke. Perhaps too successful. In this video Dan does the tutorial in reverse and explains exactly why "one Docker image to rule them all" is probably a terrible idea.

Modernizing your CI/CD can turn into a Sherlock-Holmes-style mystery if your organization or team is not fully prepared. And when migrating from monoliths to microservices, people tend to only focus on the really technical nitty gritty details, and don’t focus enough time on questions like: With experience as a consultant, architect, engineer, DevOps engineer, and developer evangelism, JJ Asghar, Developer Advocate at IBM has seen every side of the modernization process. And has so many stories to share.

Since vcluster launched, it's exploded into the cloud-native world with tons of benefits that are creating new patterns for architecting and deploying Kubernetes applications and workflows. Rich Burroughs (@richburroughs) and Lian Li (@lianmakesthings) of loft.sh will join to talk about how vcluster launched, is growing, working with GitOps, and changing the landscape.

How has supply-chain security changed and what practices are evolving to improve CI/CD, GitOps, and operational security. Join Anais Urlichs (@urlichsanais), Developer Advocate at Aqua Security and CNCF Ambassador as we explore this exciting topic.

Crossplane is a next-generation infrastructure management tool that brings cloud-native primitives to managing all kinds of infrastructure, not just Kubernetes but really any infra. The value is huge, especially when doing GitOps, but how is Crossplane tackling scale to handle so many types of resources? We’ll find out in this episode with Viktor Farcic.

ibuildcloud, aka Darren Shepherd, is the CTO and co-founder at Acorn Labs - a simple application development framework for Kubernetes. Before Acorn Labs, Darren was the CTO and co-founder of Rancher Labs (acquired by Suse) where he created k3s and a lot more. In this episode we'll talk about the changing developer experience landscape the effect of GitOps, k3s, and these new frameworks.