SlideShare ist ein Scribd-Unternehmen logo

Wellington MuleSoft Meetup 2021-02-18

Als PPTX, PDF herunterladen
M
Mary Joy Sabal

Security Best Practices in Azure DevOps Pipeline

Technologie
1 von 34
Attendee Introductions ● Name ● Company & role ● What do you want to get out of this session? ● Topics you want to discuss at upcoming events. 1 Please introduce yourself in the chat 
[18th of February 2021] [Wellington] MuleSoft Meetup Group Security Best Practices for Azure DevOps Pipeline
Reminders. . . ● Session will be recorded. Please use the online chat to ask questions. ● Trivia game after the presentation. Winners will get class voucher or certification exam voucher of their choice! ● Fill out the post-event survey to share your feedback with us, and for a chance to win $50 Amazon.com gift card. ● Group picture at the end of the session  3
4 Organizers
5 Speaker Shaun Allen Integration Developer Trustpower
Security Best Practices for Azure DevOps Pipeline Shaun Allen, Integration Developer - Trustpower
Introduction • Based in Tauranga, New Zealand • Over 3 years of IT experience • MuleSoft Certified Developer – Mule 4 • Areas of Expertise: - Pipelines (CI/CD) - Automation - Scripting - Full Stack Fun fact: Muay Thai enthusiast 7
Agenda • Technical Challenges / Business Objectives • DevSecOps • Continuous Integration (CI) • Continuous Delivery (CD) • Pipeline Security • Demo • Pipeline improvements • Key takeaways 8
Business Objectives Technical Challenges in Securing the Pipeline • Externalise property or YAML files – on a separate repository. • Developers create a pull request for every change. • Dynamic mule key injection per environment. • Gives flexibility to update mule key per application. • Secret Management using Azure Key Vault. • Secrets to be updated when the mule key changes • Potential for different mule key per application • DevOps permissions for Service Connections. 9
DevSecOps • A management approach that combines application development, security, operations and infrastructure as a code (IaaS) in an automated, continuous delivery cycle. • Applying security at every stage of the software development process enables continuous integration, reducing the cost of compliance and delivering software more rapidly. Benefits of DevSecOps • Improved quality and security of software. • Faster software delivery. • Enhanced communication and collaboration between teams. • Earlier identification and correction of vulnerabilities in code. • More opportunities for automated builds and quality assurance testing. Resource: https://searchitoperations.techtarget.com/definition/DevSecOps 10
Setup a new application This pipeline will handle the scaffolding of setting up a new project. • Create a new folder under applications • Create key vaults (generic Trustpower ARM template) • Setup access policy for key vaults (ARM template parameters file) • Tokenise key vault names into files • Create application build and deploy pipeline • Setup permissions for the new pipeline How is this pipeline triggered? 11 Pipeline on-boarding
Service Hooks with Logic Apps We use Azure DevOps service hooks for triggering Azure logic apps to do some work. • We have one centralized logic app that all service hooks are sent to • We then use a simple switch case statement for extracting the type of event i.e git push, PR completed etc • Using the above event types, send request to next logic app • Inspect project level info i.e does the project name begin with mulesoft- • Exclude any projects such as the mulesoft-pipelines project • Trigger pipeline to setup a new application • Will only add the file if the modified branch starts with feature 12 Automation on-boarding
Continuous Integration (CI) Build application using centralised property file based on environment variables • File must be placed in the same path as existing properties file (file="properties/${mule.env}- properties.yaml") • Find errors before a deploy (save on time and roll back)(Only works with Munit) • Using a powershell task for build, maven task was outputting the mule key to the console 13
POM Configuration Validation Why do we validate config? • Make sure all apps are following our standards What we validate • Group Id (must be equal to com.trustpower) • Artifact Id (must match repo name) • Packaging (must be equal to mule-application) • Description (simple not null check) • Does the app have Munit plugin? • Required application coverage (must be equal to 75%) • Fail build (must be equal to true) • Run coverage (must be equal to true) • Munit format (must be equal to console) 14 Continuous Integration (CI)
MUnit Used for validating flow output. Pros: • Can find errors with an application before a deploy i.e if a property doesn’t exist the app will still build successfully but only fail when trying to run. • Make sure updates to the application still produce the required result. • Integrate testing into the CI/CD pipeline. Cons: • Takes extra time for the pipeline to run. • Extra overhead to setup (although easier with recorder). 15 Continuous Integration (CI)
Deploy application based on branch name Pipeline triggers allow for a full CI/CD pipeline, we just need a way of knowing what environment we want to deploy into • Trigger build for all target branches • Note: Not all branches listed in the triggers section can deploy without specific permissions i.e group membership or using the auto deploy variable. 16 Continuous Deployment (CD)
Deploy application based on branch name Needed a way to deploy to environments in a CI/CD fashion Pipeline conditions • feature/* deploys to development • develop deploys to qa • release* deploys to preprod • master deploys to production 17 Continuous Delivery (CD)
Deploy application using Anypoint CLI How do we deploy to cloudhub? • Using the Anypoint CLI Commands used by anypoint CLI: • runtime-mgr cloudhub-application list • runtime-mgr cloudhub-application start • runtime-mgr cloudhub-application deploy/modify • api-mgr api edit List of commands: https://docs.mulesoft.com/runtime-manager/anypoint-platform-cli 18 Continuous Delivery (CD)
Auto deploy and group membership Pipeline has two ways of deploying into environments. 1. Application settings file has an auto deploy flag • For dev and qa 2. User who triggered the pipeline is a member of the mulesoft-pipelines “Release Administrators” group • Restrict who can deploy to cloudhub (must be manually triggered) • If triggered from a PR into master, the user comes through as a Microsoft service account • Users in this group should be aware that anytime they trigger a pipeline run it will deploy 19 Continuous Delivery (CD) / Pipeline Security
Pipeline Security Property Files Management We wanted a way to externalise properties for cloudhub environments from the project repository. • Easier for code reviewers to keep an eye on production configurations (no secrets in plain text etc) • Centralised management (all application property files stored in one place) We wanted a way to specify environment defaults for cloudhub deploys • Use an application settings file (JSON format) to control deploy properties 20
Property Files Management - One Policy to rule them all One single repository means we can have one policy setup on the master branch to control all pull requests (code reviews) • Use one Azure DevOps group who can approve the PR’s. • Use One file exclude pattern so developers can make quick changes to dev and qa for application specific properties. • Still need to create a new branch for updates, but the PR can be completed with no approvals needed 21 Pipeline Security
Secure Credentials and settings.xml files Credentials file is what we use to authenticate to the anypoint platform before using the anypoint CLI commands. • We use one single profile (default) • This is so we don’t need to continuously set the env for each powershell task We use a connected application for authentication (we were using a native account) • Easy to restrict or revoke access • Control access to data using scopes 22 Pipeline Security
Secure Credentials and settings.xml files Our settings.xml file is how we authorize our pipeline to download dependencies for our applications. • Azure DevOps artifact feed (common dependency for all apps) • Trustpower exchange assets • Anypoint exchange v2 • Enterprise artifacts (nexus) Settings file cannot use connected app directly, we must generate an access token using the connected app details. Dependencies using the access token are: • Trustpower exchange assets • Anypoint exchange v2 Azure DevOps is using a PAT token. Enterprise artifacts (nexus) is using a native login (username and password). We don’t have access to change this setup. 23 Pipeline Security
Secret Management with Azure Key Vault Automation will setup the scaffolding of a new project. • Creating the key vault • Setup the access policy for the service principal (service connection identity) on the key vault • Key vault name is automatically added to the application settings file with tokenisation Secrets must be manually setup • Updates are also manual i.e. if a password or security token changes we would need to manually update the key vault secret Applications use secure properties, so if any changes are made to key vault secrets this means we would have to do a re-deploy to see the update. • Could use Azure service principals and have the applications pull secrets directly from key vault • Each app would need it’s own identity for each environment (or at least sandbox & production) • Key vault cost associated with each secret transaction 24 Pipeline Security
Secret Management with Azure Key Vault Using a pre-defined Azure DevOps pipeline kay vault task (where possible) to pull through secrets. • Easy to use • Specify the service connection to use and what secrets we want to be pulled through • Secrets can then be accessed like pipeline variables $(MuleKey) • Also use the Az.KeyVault powershell module to access secrets if we need to do logical statements • i.e if we need to overwrite the global mule key for our environment with an application specific one 25 Pipeline Security
DevOps permissions for Service Connections Service connection identity in Azure must be granted permissions on the key vault we are wanting to access. The newly created pipeline needs permissions to be able to use the service connections • The ‘setup new application’ pipeline will allow the new app pipeline to access the service connections as a user • For the above to work, the service connections must exist before the pipeline runs • No CI/CD otherwise, pipeline will hang waiting on permissions • Just created a new api we can integrate with this pipeline to ensure service connections exist (Work In Progress) 26 Pipeline Security
Secure config encryption tool When the pipeline pulls secrets from our application key vault, we need a way to encrypt them. This is where the mulesoft secure config encryption tool comes in • https://docs.mulesoft.com/mule-runtime/4.3/secure-configuration-properties#secure_props_tool • We need to supply the following arguments • File or string • Algorithm • Mode • Mule key • Secret to be encrypted Once we have encrypted pipeline secrets setup, we can tokenise the {env}-properties.yaml file and add this to the src/main/resources/properties folder 27 Pipeline Security
Secure Configuration properties Extract mule key from environment or application key vault • Mule key length has to abide by the algorithm settings i.e AES algorithm has an exact key length of 16 • This is where you may need different mule keys for applications if migrating to a different algorithm • Environment mule key vs application mule key Extract algorithm and mode from the application global-configs.xml file • Or use the default set in the application.settings file • If using default of values, there is no properties being setup in the global-configs.xml, hence the need for defaults in app settings file 28 Pipeline Security
SLA Tiers We use an automated policy to enforce the need for SLA tiers across all environments. As part of our application pipeline, when the deploy stage happens, we deploy Trustpower default SLA tiers that are setup in the default.settings file. We can modify or add to these SLA tiers using the application.settings file for each application in each environment. When a user is requesting access to an application this is where they will be able to select their required SLA tier. • Auto approved for dev and qa • Manual approval needed for production 29 Pipeline Security
30
Pipeline improvements • Use a step template for generating the mule key • Remove inline scripting • Some PowerShell tasks need to be smaller and more understandable/readable • Look through devops improvements (can we use stage dependencies for stage conditions yet?) • Integration Postman agent (newman) • Automate setting up API Manager • Only trigger one build at any time • Use of approval gates (Environment) 31
Key takeaways What have we learnt (hopefully): • How to externally manage property files • Use policy to exclude files/folders from PR review for faster development • How to use key vault for secrets and use within pipelines (service connection for access) • How to use secure config tool with above for setting up encrypted secrets • How to tokenise a property file to inject secrets from above • Build an application using the external properties file • Munit is good for integrating testing into the CI/CD pipeline, but is also handy for exposing errors before a deploy if the properties file doesn’t match what the application is expecting • Deploy application using pipeline conditions and flags • Deploy SLA tiers 32
Call for Speakers! ● Incentive for speakers:  Complimentary training class voucher or certification exam voucher of their choice. ● Please contact organizers for more information! 33
Thank you!

Empfohlen

How Secure is Your API?
How Secure is Your API?How Secure is Your API?
How Secure is Your API?Mary Joy Sabal
 
CI CD Daridabad MuleSoft meetup
CI CD Daridabad MuleSoft meetupCI CD Daridabad MuleSoft meetup
CI CD Daridabad MuleSoft meetupAmit Singh
 
Custom MuleSoft connector using Java SDK
Custom MuleSoft connector using Java SDKCustom MuleSoft connector using Java SDK
Custom MuleSoft connector using Java SDKAmit Singh
 
Mule meetup 25thjan
Mule meetup 25thjanMule meetup 25thjan
Mule meetup 25thjanpruthviraj krishnam
 
Mulesoft with ELK (Elastic Search, Log stash, Kibana)
Mulesoft with ELK (Elastic Search, Log stash, Kibana)Mulesoft with ELK (Elastic Search, Log stash, Kibana)
Mulesoft with ELK (Elastic Search, Log stash, Kibana)Gaurav Sethi
 
Mule soft Meetup #3
Mule soft Meetup #3 Mule soft Meetup #3
Mule soft Meetup #3Gaurav Sethi
 
Ahmadabad mule soft_meetup_6march2021_azure_CICD
Ahmadabad mule soft_meetup_6march2021_azure_CICDAhmadabad mule soft_meetup_6march2021_azure_CICD
Ahmadabad mule soft_meetup_6march2021_azure_CICDShekh Muenuddeen
 
Nagpur Mulesoft Meetup on CICD using Jenkins
Nagpur Mulesoft Meetup on CICD using JenkinsNagpur Mulesoft Meetup on CICD using Jenkins
Nagpur Mulesoft Meetup on CICD using Jenkinspqrs1234
 

Empfohlen

How Secure is Your API?
How Secure is Your API?How Secure is Your API?
How Secure is Your API?Mary Joy Sabal
 
CI CD Daridabad MuleSoft meetup
CI CD Daridabad MuleSoft meetupCI CD Daridabad MuleSoft meetup
CI CD Daridabad MuleSoft meetupAmit Singh
 
Custom MuleSoft connector using Java SDK
Custom MuleSoft connector using Java SDKCustom MuleSoft connector using Java SDK
Custom MuleSoft connector using Java SDKAmit Singh
 
Mule meetup 25thjan
Mule meetup 25thjanMule meetup 25thjan
Mule meetup 25thjanpruthviraj krishnam
 
Mulesoft with ELK (Elastic Search, Log stash, Kibana)
Mulesoft with ELK (Elastic Search, Log stash, Kibana)Mulesoft with ELK (Elastic Search, Log stash, Kibana)
Mulesoft with ELK (Elastic Search, Log stash, Kibana)Gaurav Sethi
 
Mule soft Meetup #3
Mule soft Meetup #3 Mule soft Meetup #3
Mule soft Meetup #3Gaurav Sethi
 
Ahmadabad mule soft_meetup_6march2021_azure_CICD
Ahmadabad mule soft_meetup_6march2021_azure_CICDAhmadabad mule soft_meetup_6march2021_azure_CICD
Ahmadabad mule soft_meetup_6march2021_azure_CICDShekh Muenuddeen
 
Nagpur Mulesoft Meetup on CICD using Jenkins
Nagpur Mulesoft Meetup on CICD using JenkinsNagpur Mulesoft Meetup on CICD using Jenkins
Nagpur Mulesoft Meetup on CICD using Jenkinspqrs1234
 
Mulesoft Meetup Bangalore - 6th March 2021
Mulesoft Meetup Bangalore - 6th March 2021Mulesoft Meetup Bangalore - 6th March 2021
Mulesoft Meetup Bangalore - 6th March 2021Gaurav Sethi
 
Meetup milano #3 all you need to know before creating your vpc
Meetup milano #3 all you need to know before creating your vpcMeetup milano #3 all you need to know before creating your vpc
Meetup milano #3 all you need to know before creating your vpcGonzalo Marcos Ansoain
 
#3 calicut meetup - understanding slb, dlb and web sockets
#3 calicut meetup - understanding slb, dlb and web sockets#3 calicut meetup - understanding slb, dlb and web sockets
#3 calicut meetup - understanding slb, dlb and web socketsJohnMathewPhilip
 
Baltimore july2021 final
Baltimore july2021 finalBaltimore july2021 final
Baltimore july2021 finalManjuKumara GH
 
Meetup - Automate your project lifecycle using MuleSoft and Azure DevOps
Meetup - Automate your project lifecycle using MuleSoft and Azure DevOpsMeetup - Automate your project lifecycle using MuleSoft and Azure DevOps
Meetup - Automate your project lifecycle using MuleSoft and Azure DevOpsRenato de Oliveira
 
MuleSoft_Meetup_#6_Chandigarh_April_2021
MuleSoft_Meetup_#6_Chandigarh_April_2021MuleSoft_Meetup_#6_Chandigarh_April_2021
MuleSoft_Meetup_#6_Chandigarh_April_2021Suresh Rathore
 
Ahmedabad MuleSoft Meetup #4
Ahmedabad MuleSoft Meetup #4Ahmedabad MuleSoft Meetup #4
Ahmedabad MuleSoft Meetup #4Tejas Purohit
 
Nagpur MuleSoft Meetup Group - Working with API Groups in Mulesoft
Nagpur MuleSoft Meetup Group - Working with API Groups in Mulesoft Nagpur MuleSoft Meetup Group - Working with API Groups in Mulesoft
Nagpur MuleSoft Meetup Group - Working with API Groups in Mulesoft NaimishKakkad2
 
Mulesoft KL Meetup 2
Mulesoft KL Meetup 2Mulesoft KL Meetup 2
Mulesoft KL Meetup 2NitushreeJena
 
Warsaw MuleSoft Meetup #6 - CI/CD
Warsaw MuleSoft Meetup #6 - CI/CDWarsaw MuleSoft Meetup #6 - CI/CD
Warsaw MuleSoft Meetup #6 - CI/CDPatryk Bandurski
 
Build your own dev tools with salesforce cli plugin generator
Build your own dev tools with salesforce cli plugin generatorBuild your own dev tools with salesforce cli plugin generator
Build your own dev tools with salesforce cli plugin generatorMohith Shrivastava
 
MuleSoft Meetup Virtual_ 2_Charlotte
MuleSoft Meetup Virtual_ 2_CharlotteMuleSoft Meetup Virtual_ 2_Charlotte
MuleSoft Meetup Virtual_ 2_CharlotteSubhash Patel
 
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLB
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLBMuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLB
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLBJitendra Bafna
 
CSV and JSON Transformation in WSO2 Micro Integrator 4.0 - WSO2 APIM Communit...
CSV and JSON Transformation in WSO2 Micro Integrator 4.0 - WSO2 APIM Communit...CSV and JSON Transformation in WSO2 Micro Integrator 4.0 - WSO2 APIM Communit...
CSV and JSON Transformation in WSO2 Micro Integrator 4.0 - WSO2 APIM Communit...WSO2
 
Ahmadabad mule soft_meetup_20_february_2021_muleconnectordevelopment
Ahmadabad mule soft_meetup_20_february_2021_muleconnectordevelopmentAhmadabad mule soft_meetup_20_february_2021_muleconnectordevelopment
Ahmadabad mule soft_meetup_20_february_2021_muleconnectordevelopmentShekh Muenuddeen
 
Riyadh Meetup4- Sonarqube for Mule 4 Code review
Riyadh Meetup4- Sonarqube for Mule 4 Code reviewRiyadh Meetup4- Sonarqube for Mule 4 Code review
Riyadh Meetup4- Sonarqube for Mule 4 Code reviewsatyasekhar123
 
ASP.NET Core 1.0: Understanding ASP.NET Core 1.0 (ASP.NET 5)
ASP.NET Core 1.0: Understanding ASP.NET Core 1.0 (ASP.NET 5) ASP.NET Core 1.0: Understanding ASP.NET Core 1.0 (ASP.NET 5)
ASP.NET Core 1.0: Understanding ASP.NET Core 1.0 (ASP.NET 5) WinWire Technologies Inc
 
Resilient and Adaptable Systems with Cloud Native APIs
Resilient and Adaptable Systems with Cloud Native APIsResilient and Adaptable Systems with Cloud Native APIs
Resilient and Adaptable Systems with Cloud Native APIsVMware Tanzu
 
Surat MuleSoft Meetup#2 - Anypoint Runtime Fabric
Surat MuleSoft Meetup#2 - Anypoint Runtime FabricSurat MuleSoft Meetup#2 - Anypoint Runtime Fabric
Surat MuleSoft Meetup#2 - Anypoint Runtime FabricJitendra Bafna
 
Play 2 Java Framework with TDD
Play 2 Java Framework with TDDPlay 2 Java Framework with TDD
Play 2 Java Framework with TDDBasav Nagur
 
Getting to Walk with DevOps
Getting to Walk with DevOpsGetting to Walk with DevOps
Getting to Walk with DevOpsEklove Mohan
 
Securing Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsSecuring Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsAmazon Web Services
 

Weitere ähnliche Inhalte

Was ist angesagt?

Mulesoft Meetup Bangalore - 6th March 2021
Mulesoft Meetup Bangalore - 6th March 2021Mulesoft Meetup Bangalore - 6th March 2021
Mulesoft Meetup Bangalore - 6th March 2021Gaurav Sethi
 
Meetup milano #3 all you need to know before creating your vpc
Meetup milano #3 all you need to know before creating your vpcMeetup milano #3 all you need to know before creating your vpc
Meetup milano #3 all you need to know before creating your vpcGonzalo Marcos Ansoain
 
#3 calicut meetup - understanding slb, dlb and web sockets
#3 calicut meetup - understanding slb, dlb and web sockets#3 calicut meetup - understanding slb, dlb and web sockets
#3 calicut meetup - understanding slb, dlb and web socketsJohnMathewPhilip
 
Baltimore july2021 final
Baltimore july2021 finalBaltimore july2021 final
Baltimore july2021 finalManjuKumara GH
 
Meetup - Automate your project lifecycle using MuleSoft and Azure DevOps
Meetup - Automate your project lifecycle using MuleSoft and Azure DevOpsMeetup - Automate your project lifecycle using MuleSoft and Azure DevOps
Meetup - Automate your project lifecycle using MuleSoft and Azure DevOpsRenato de Oliveira
 
MuleSoft_Meetup_#6_Chandigarh_April_2021
MuleSoft_Meetup_#6_Chandigarh_April_2021MuleSoft_Meetup_#6_Chandigarh_April_2021
MuleSoft_Meetup_#6_Chandigarh_April_2021Suresh Rathore
 
Ahmedabad MuleSoft Meetup #4
Ahmedabad MuleSoft Meetup #4Ahmedabad MuleSoft Meetup #4
Ahmedabad MuleSoft Meetup #4Tejas Purohit
 
Nagpur MuleSoft Meetup Group - Working with API Groups in Mulesoft
Nagpur MuleSoft Meetup Group - Working with API Groups in Mulesoft Nagpur MuleSoft Meetup Group - Working with API Groups in Mulesoft
Nagpur MuleSoft Meetup Group - Working with API Groups in Mulesoft NaimishKakkad2
 
Mulesoft KL Meetup 2
Mulesoft KL Meetup 2Mulesoft KL Meetup 2
Mulesoft KL Meetup 2NitushreeJena
 
Warsaw MuleSoft Meetup #6 - CI/CD
Warsaw MuleSoft Meetup #6 - CI/CDWarsaw MuleSoft Meetup #6 - CI/CD
Warsaw MuleSoft Meetup #6 - CI/CDPatryk Bandurski
 
Build your own dev tools with salesforce cli plugin generator
Build your own dev tools with salesforce cli plugin generatorBuild your own dev tools with salesforce cli plugin generator
Build your own dev tools with salesforce cli plugin generatorMohith Shrivastava
 
MuleSoft Meetup Virtual_ 2_Charlotte
MuleSoft Meetup Virtual_ 2_CharlotteMuleSoft Meetup Virtual_ 2_Charlotte
MuleSoft Meetup Virtual_ 2_CharlotteSubhash Patel
 
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLB
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLBMuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLB
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLBJitendra Bafna
 
CSV and JSON Transformation in WSO2 Micro Integrator 4.0 - WSO2 APIM Communit...
CSV and JSON Transformation in WSO2 Micro Integrator 4.0 - WSO2 APIM Communit...CSV and JSON Transformation in WSO2 Micro Integrator 4.0 - WSO2 APIM Communit...
CSV and JSON Transformation in WSO2 Micro Integrator 4.0 - WSO2 APIM Communit...WSO2
 
Ahmadabad mule soft_meetup_20_february_2021_muleconnectordevelopment
Ahmadabad mule soft_meetup_20_february_2021_muleconnectordevelopmentAhmadabad mule soft_meetup_20_february_2021_muleconnectordevelopment
Ahmadabad mule soft_meetup_20_february_2021_muleconnectordevelopmentShekh Muenuddeen
 
Riyadh Meetup4- Sonarqube for Mule 4 Code review
Riyadh Meetup4- Sonarqube for Mule 4 Code reviewRiyadh Meetup4- Sonarqube for Mule 4 Code review
Riyadh Meetup4- Sonarqube for Mule 4 Code reviewsatyasekhar123
 
ASP.NET Core 1.0: Understanding ASP.NET Core 1.0 (ASP.NET 5)
ASP.NET Core 1.0: Understanding ASP.NET Core 1.0 (ASP.NET 5) ASP.NET Core 1.0: Understanding ASP.NET Core 1.0 (ASP.NET 5)
ASP.NET Core 1.0: Understanding ASP.NET Core 1.0 (ASP.NET 5) WinWire Technologies Inc
 
Resilient and Adaptable Systems with Cloud Native APIs
Resilient and Adaptable Systems with Cloud Native APIsResilient and Adaptable Systems with Cloud Native APIs
Resilient and Adaptable Systems with Cloud Native APIsVMware Tanzu
 
Surat MuleSoft Meetup#2 - Anypoint Runtime Fabric
Surat MuleSoft Meetup#2 - Anypoint Runtime FabricSurat MuleSoft Meetup#2 - Anypoint Runtime Fabric
Surat MuleSoft Meetup#2 - Anypoint Runtime FabricJitendra Bafna
 
Play 2 Java Framework with TDD
Play 2 Java Framework with TDDPlay 2 Java Framework with TDD
Play 2 Java Framework with TDDBasav Nagur
 

Was ist angesagt? (20)

Mulesoft Meetup Bangalore - 6th March 2021
Mulesoft Meetup Bangalore - 6th March 2021Mulesoft Meetup Bangalore - 6th March 2021
Mulesoft Meetup Bangalore - 6th March 2021
 
Meetup milano #3 all you need to know before creating your vpc
Meetup milano #3 all you need to know before creating your vpcMeetup milano #3 all you need to know before creating your vpc
Meetup milano #3 all you need to know before creating your vpc
 
#3 calicut meetup - understanding slb, dlb and web sockets
#3 calicut meetup - understanding slb, dlb and web sockets#3 calicut meetup - understanding slb, dlb and web sockets
#3 calicut meetup - understanding slb, dlb and web sockets
 
Baltimore july2021 final
Baltimore july2021 finalBaltimore july2021 final
Baltimore july2021 final
 
Meetup - Automate your project lifecycle using MuleSoft and Azure DevOps
Meetup - Automate your project lifecycle using MuleSoft and Azure DevOpsMeetup - Automate your project lifecycle using MuleSoft and Azure DevOps
Meetup - Automate your project lifecycle using MuleSoft and Azure DevOps
 
MuleSoft_Meetup_#6_Chandigarh_April_2021
MuleSoft_Meetup_#6_Chandigarh_April_2021MuleSoft_Meetup_#6_Chandigarh_April_2021
MuleSoft_Meetup_#6_Chandigarh_April_2021
 
Ahmedabad MuleSoft Meetup #4
Ahmedabad MuleSoft Meetup #4Ahmedabad MuleSoft Meetup #4
Ahmedabad MuleSoft Meetup #4
 
Nagpur MuleSoft Meetup Group - Working with API Groups in Mulesoft
Nagpur MuleSoft Meetup Group - Working with API Groups in Mulesoft Nagpur MuleSoft Meetup Group - Working with API Groups in Mulesoft
Nagpur MuleSoft Meetup Group - Working with API Groups in Mulesoft
 
Mulesoft KL Meetup 2
Mulesoft KL Meetup 2Mulesoft KL Meetup 2
Mulesoft KL Meetup 2
 
Warsaw MuleSoft Meetup #6 - CI/CD
Warsaw MuleSoft Meetup #6 - CI/CDWarsaw MuleSoft Meetup #6 - CI/CD
Warsaw MuleSoft Meetup #6 - CI/CD
 
Build your own dev tools with salesforce cli plugin generator
Build your own dev tools with salesforce cli plugin generatorBuild your own dev tools with salesforce cli plugin generator
Build your own dev tools with salesforce cli plugin generator
 
MuleSoft Meetup Virtual_ 2_Charlotte
MuleSoft Meetup Virtual_ 2_CharlotteMuleSoft Meetup Virtual_ 2_Charlotte
MuleSoft Meetup Virtual_ 2_Charlotte
 
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLB
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLBMuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLB
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLB
 
CSV and JSON Transformation in WSO2 Micro Integrator 4.0 - WSO2 APIM Communit...
CSV and JSON Transformation in WSO2 Micro Integrator 4.0 - WSO2 APIM Communit...CSV and JSON Transformation in WSO2 Micro Integrator 4.0 - WSO2 APIM Communit...
CSV and JSON Transformation in WSO2 Micro Integrator 4.0 - WSO2 APIM Communit...
 
Ahmadabad mule soft_meetup_20_february_2021_muleconnectordevelopment
Ahmadabad mule soft_meetup_20_february_2021_muleconnectordevelopmentAhmadabad mule soft_meetup_20_february_2021_muleconnectordevelopment
Ahmadabad mule soft_meetup_20_february_2021_muleconnectordevelopment
 
Riyadh Meetup4- Sonarqube for Mule 4 Code review
Riyadh Meetup4- Sonarqube for Mule 4 Code reviewRiyadh Meetup4- Sonarqube for Mule 4 Code review
Riyadh Meetup4- Sonarqube for Mule 4 Code review
 
ASP.NET Core 1.0: Understanding ASP.NET Core 1.0 (ASP.NET 5)
ASP.NET Core 1.0: Understanding ASP.NET Core 1.0 (ASP.NET 5) ASP.NET Core 1.0: Understanding ASP.NET Core 1.0 (ASP.NET 5)
ASP.NET Core 1.0: Understanding ASP.NET Core 1.0 (ASP.NET 5)
 
Resilient and Adaptable Systems with Cloud Native APIs
Resilient and Adaptable Systems with Cloud Native APIsResilient and Adaptable Systems with Cloud Native APIs
Resilient and Adaptable Systems with Cloud Native APIs
 
Surat MuleSoft Meetup#2 - Anypoint Runtime Fabric
Surat MuleSoft Meetup#2 - Anypoint Runtime FabricSurat MuleSoft Meetup#2 - Anypoint Runtime Fabric
Surat MuleSoft Meetup#2 - Anypoint Runtime Fabric
 
Play 2 Java Framework with TDD
Play 2 Java Framework with TDDPlay 2 Java Framework with TDD
Play 2 Java Framework with TDD
 

Ähnlich wie Wellington MuleSoft Meetup 2021-02-18

Getting to Walk with DevOps
Getting to Walk with DevOpsGetting to Walk with DevOps
Getting to Walk with DevOpsEklove Mohan
 
Securing Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsSecuring Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsAmazon Web Services
 
Zure Azure PaaS Zero to Hero - DevOps training day
Zure Azure PaaS Zero to Hero - DevOps training dayZure Azure PaaS Zero to Hero - DevOps training day
Zure Azure PaaS Zero to Hero - DevOps training dayOkko Oulasvirta
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScaleAmazon Web Services
 
Continuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWSContinuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWSAmazon Web Services
 
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Amazon Web Services
 
Azure DevOps Pipeline setup for Mule APIs #36
Azure DevOps Pipeline setup for Mule APIs #36Azure DevOps Pipeline setup for Mule APIs #36
Azure DevOps Pipeline setup for Mule APIs #36MysoreMuleSoftMeetup
 
API Tips & Tricks - Policy Management and Elastic Deployment
API Tips & Tricks - Policy Management and Elastic DeploymentAPI Tips & Tricks - Policy Management and Elastic Deployment
API Tips & Tricks - Policy Management and Elastic DeploymentAxway
 
Transforming Software Development
Transforming Software DevelopmentTransforming Software Development
Transforming Software DevelopmentAmazon Web Services
 
Continuous Integration
Continuous IntegrationContinuous Integration
Continuous IntegrationXPDays
 
15-factor-apps.pdf
15-factor-apps.pdf15-factor-apps.pdf
15-factor-apps.pdfNilesh Gule
 
Continuous Integration with Amazon ECS and Docker
Continuous Integration with Amazon ECS and DockerContinuous Integration with Amazon ECS and Docker
Continuous Integration with Amazon ECS and DockerAmazon Web Services
 
Azure DevOps Tasks.pptx
Azure DevOps Tasks.pptx Azure DevOps Tasks.pptx
Azure DevOps Tasks.pptxPrasanthOneness
 
Configuration Management in the Cloud | AWS Public Sector Summit 2017
Configuration Management in the Cloud | AWS Public Sector Summit 2017Configuration Management in the Cloud | AWS Public Sector Summit 2017
Configuration Management in the Cloud | AWS Public Sector Summit 2017Amazon Web Services
 
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAutomating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAmazon Web Services
 
AWS CodeDeploy: Manage Deployment Complexity
AWS CodeDeploy: Manage Deployment ComplexityAWS CodeDeploy: Manage Deployment Complexity
AWS CodeDeploy: Manage Deployment ComplexityAmazon Web Services
 
Continuous Delivery series: How to automate your infrastructure toolchain
Continuous Delivery series: How to automate your infrastructure toolchainContinuous Delivery series: How to automate your infrastructure toolchain
Continuous Delivery series: How to automate your infrastructure toolchainSerena Software
 

Ähnlich wie Wellington MuleSoft Meetup 2021-02-18 (20)

Getting to Walk with DevOps
Getting to Walk with DevOpsGetting to Walk with DevOps
Getting to Walk with DevOps
 
Securing Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsSecuring Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOps
 
Zure Azure PaaS Zero to Hero - DevOps training day
Zure Azure PaaS Zero to Hero - DevOps training dayZure Azure PaaS Zero to Hero - DevOps training day
Zure Azure PaaS Zero to Hero - DevOps training day
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud Scale
 
Continuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWSContinuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWS
 
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
 
Azure DevOps Pipeline setup for Mule APIs #36
Azure DevOps Pipeline setup for Mule APIs #36Azure DevOps Pipeline setup for Mule APIs #36
Azure DevOps Pipeline setup for Mule APIs #36
 
Devops
DevopsDevops
Devops
 
API Tips & Tricks - Policy Management and Elastic Deployment
API Tips & Tricks - Policy Management and Elastic DeploymentAPI Tips & Tricks - Policy Management and Elastic Deployment
API Tips & Tricks - Policy Management and Elastic Deployment
 
Transforming Software Development
Transforming Software DevelopmentTransforming Software Development
Transforming Software Development
 
Past, Present and Future of DevOps Infrastructure
Past, Present and Future of DevOps InfrastructurePast, Present and Future of DevOps Infrastructure
Past, Present and Future of DevOps Infrastructure
 
Continuous Integration
Continuous IntegrationContinuous Integration
Continuous Integration
 
15-factor-apps.pdf
15-factor-apps.pdf15-factor-apps.pdf
15-factor-apps.pdf
 
Power of Azure Devops
Power of Azure DevopsPower of Azure Devops
Power of Azure Devops
 
Continuous Integration with Amazon ECS and Docker
Continuous Integration with Amazon ECS and DockerContinuous Integration with Amazon ECS and Docker
Continuous Integration with Amazon ECS and Docker
 
Azure DevOps Tasks.pptx
Azure DevOps Tasks.pptx Azure DevOps Tasks.pptx
Azure DevOps Tasks.pptx
 
Configuration Management in the Cloud | AWS Public Sector Summit 2017
Configuration Management in the Cloud | AWS Public Sector Summit 2017Configuration Management in the Cloud | AWS Public Sector Summit 2017
Configuration Management in the Cloud | AWS Public Sector Summit 2017
 
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAutomating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps
 
AWS CodeDeploy: Manage Deployment Complexity
AWS CodeDeploy: Manage Deployment ComplexityAWS CodeDeploy: Manage Deployment Complexity
AWS CodeDeploy: Manage Deployment Complexity
 
Continuous Delivery series: How to automate your infrastructure toolchain
Continuous Delivery series: How to automate your infrastructure toolchainContinuous Delivery series: How to automate your infrastructure toolchain
Continuous Delivery series: How to automate your infrastructure toolchain
 

Kürzlich hochgeladen

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 

Kürzlich hochgeladen (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

Wellington MuleSoft Meetup 2021-02-18

  • 1. Attendee Introductions ● Name ● Company & role ● What do you want to get out of this session? ● Topics you want to discuss at upcoming events. 1 Please introduce yourself in the chat 
  • 2. [18th of February 2021] [Wellington] MuleSoft Meetup Group Security Best Practices for Azure DevOps Pipeline
  • 3. Reminders. . . ● Session will be recorded. Please use the online chat to ask questions. ● Trivia game after the presentation. Winners will get class voucher or certification exam voucher of their choice! ● Fill out the post-event survey to share your feedback with us, and for a chance to win $50 Amazon.com gift card. ● Group picture at the end of the session  3
  • 6. Security Best Practices for Azure DevOps Pipeline Shaun Allen, Integration Developer - Trustpower
  • 7. Introduction • Based in Tauranga, New Zealand • Over 3 years of IT experience • MuleSoft Certified Developer – Mule 4 • Areas of Expertise: - Pipelines (CI/CD) - Automation - Scripting - Full Stack Fun fact: Muay Thai enthusiast 7
  • 8. Agenda • Technical Challenges / Business Objectives • DevSecOps • Continuous Integration (CI) • Continuous Delivery (CD) • Pipeline Security • Demo • Pipeline improvements • Key takeaways 8
  • 9. Business Objectives Technical Challenges in Securing the Pipeline • Externalise property or YAML files – on a separate repository. • Developers create a pull request for every change. • Dynamic mule key injection per environment. • Gives flexibility to update mule key per application. • Secret Management using Azure Key Vault. • Secrets to be updated when the mule key changes • Potential for different mule key per application • DevOps permissions for Service Connections. 9
  • 10. DevSecOps • A management approach that combines application development, security, operations and infrastructure as a code (IaaS) in an automated, continuous delivery cycle. • Applying security at every stage of the software development process enables continuous integration, reducing the cost of compliance and delivering software more rapidly. Benefits of DevSecOps • Improved quality and security of software. • Faster software delivery. • Enhanced communication and collaboration between teams. • Earlier identification and correction of vulnerabilities in code. • More opportunities for automated builds and quality assurance testing. Resource: https://searchitoperations.techtarget.com/definition/DevSecOps 10
  • 11. Setup a new application This pipeline will handle the scaffolding of setting up a new project. • Create a new folder under applications • Create key vaults (generic Trustpower ARM template) • Setup access policy for key vaults (ARM template parameters file) • Tokenise key vault names into files • Create application build and deploy pipeline • Setup permissions for the new pipeline How is this pipeline triggered? 11 Pipeline on-boarding
  • 12. Service Hooks with Logic Apps We use Azure DevOps service hooks for triggering Azure logic apps to do some work. • We have one centralized logic app that all service hooks are sent to • We then use a simple switch case statement for extracting the type of event i.e git push, PR completed etc • Using the above event types, send request to next logic app • Inspect project level info i.e does the project name begin with mulesoft- • Exclude any projects such as the mulesoft-pipelines project • Trigger pipeline to setup a new application • Will only add the file if the modified branch starts with feature 12 Automation on-boarding
  • 13. Continuous Integration (CI) Build application using centralised property file based on environment variables • File must be placed in the same path as existing properties file (file="properties/${mule.env}- properties.yaml") • Find errors before a deploy (save on time and roll back)(Only works with Munit) • Using a powershell task for build, maven task was outputting the mule key to the console 13
  • 14. POM Configuration Validation Why do we validate config? • Make sure all apps are following our standards What we validate • Group Id (must be equal to com.trustpower) • Artifact Id (must match repo name) • Packaging (must be equal to mule-application) • Description (simple not null check) • Does the app have Munit plugin? • Required application coverage (must be equal to 75%) • Fail build (must be equal to true) • Run coverage (must be equal to true) • Munit format (must be equal to console) 14 Continuous Integration (CI)
  • 15. MUnit Used for validating flow output. Pros: • Can find errors with an application before a deploy i.e if a property doesn’t exist the app will still build successfully but only fail when trying to run. • Make sure updates to the application still produce the required result. • Integrate testing into the CI/CD pipeline. Cons: • Takes extra time for the pipeline to run. • Extra overhead to setup (although easier with recorder). 15 Continuous Integration (CI)
  • 16. Deploy application based on branch name Pipeline triggers allow for a full CI/CD pipeline, we just need a way of knowing what environment we want to deploy into • Trigger build for all target branches • Note: Not all branches listed in the triggers section can deploy without specific permissions i.e group membership or using the auto deploy variable. 16 Continuous Deployment (CD)
  • 17. Deploy application based on branch name Needed a way to deploy to environments in a CI/CD fashion Pipeline conditions • feature/* deploys to development • develop deploys to qa • release* deploys to preprod • master deploys to production 17 Continuous Delivery (CD)
  • 18. Deploy application using Anypoint CLI How do we deploy to cloudhub? • Using the Anypoint CLI Commands used by anypoint CLI: • runtime-mgr cloudhub-application list • runtime-mgr cloudhub-application start • runtime-mgr cloudhub-application deploy/modify • api-mgr api edit List of commands: https://docs.mulesoft.com/runtime-manager/anypoint-platform-cli 18 Continuous Delivery (CD)
  • 19. Auto deploy and group membership Pipeline has two ways of deploying into environments. 1. Application settings file has an auto deploy flag • For dev and qa 2. User who triggered the pipeline is a member of the mulesoft-pipelines “Release Administrators” group • Restrict who can deploy to cloudhub (must be manually triggered) • If triggered from a PR into master, the user comes through as a Microsoft service account • Users in this group should be aware that anytime they trigger a pipeline run it will deploy 19 Continuous Delivery (CD) / Pipeline Security
  • 20. Pipeline Security Property Files Management We wanted a way to externalise properties for cloudhub environments from the project repository. • Easier for code reviewers to keep an eye on production configurations (no secrets in plain text etc) • Centralised management (all application property files stored in one place) We wanted a way to specify environment defaults for cloudhub deploys • Use an application settings file (JSON format) to control deploy properties 20
  • 21. Property Files Management - One Policy to rule them all One single repository means we can have one policy setup on the master branch to control all pull requests (code reviews) • Use one Azure DevOps group who can approve the PR’s. • Use One file exclude pattern so developers can make quick changes to dev and qa for application specific properties. • Still need to create a new branch for updates, but the PR can be completed with no approvals needed 21 Pipeline Security
  • 22. Secure Credentials and settings.xml files Credentials file is what we use to authenticate to the anypoint platform before using the anypoint CLI commands. • We use one single profile (default) • This is so we don’t need to continuously set the env for each powershell task We use a connected application for authentication (we were using a native account) • Easy to restrict or revoke access • Control access to data using scopes 22 Pipeline Security
  • 23. Secure Credentials and settings.xml files Our settings.xml file is how we authorize our pipeline to download dependencies for our applications. • Azure DevOps artifact feed (common dependency for all apps) • Trustpower exchange assets • Anypoint exchange v2 • Enterprise artifacts (nexus) Settings file cannot use connected app directly, we must generate an access token using the connected app details. Dependencies using the access token are: • Trustpower exchange assets • Anypoint exchange v2 Azure DevOps is using a PAT token. Enterprise artifacts (nexus) is using a native login (username and password). We don’t have access to change this setup. 23 Pipeline Security
  • 24. Secret Management with Azure Key Vault Automation will setup the scaffolding of a new project. • Creating the key vault • Setup the access policy for the service principal (service connection identity) on the key vault • Key vault name is automatically added to the application settings file with tokenisation Secrets must be manually setup • Updates are also manual i.e. if a password or security token changes we would need to manually update the key vault secret Applications use secure properties, so if any changes are made to key vault secrets this means we would have to do a re-deploy to see the update. • Could use Azure service principals and have the applications pull secrets directly from key vault • Each app would need it’s own identity for each environment (or at least sandbox & production) • Key vault cost associated with each secret transaction 24 Pipeline Security
  • 25. Secret Management with Azure Key Vault Using a pre-defined Azure DevOps pipeline kay vault task (where possible) to pull through secrets. • Easy to use • Specify the service connection to use and what secrets we want to be pulled through • Secrets can then be accessed like pipeline variables $(MuleKey) • Also use the Az.KeyVault powershell module to access secrets if we need to do logical statements • i.e if we need to overwrite the global mule key for our environment with an application specific one 25 Pipeline Security
  • 26. DevOps permissions for Service Connections Service connection identity in Azure must be granted permissions on the key vault we are wanting to access. The newly created pipeline needs permissions to be able to use the service connections • The ‘setup new application’ pipeline will allow the new app pipeline to access the service connections as a user • For the above to work, the service connections must exist before the pipeline runs • No CI/CD otherwise, pipeline will hang waiting on permissions • Just created a new api we can integrate with this pipeline to ensure service connections exist (Work In Progress) 26 Pipeline Security
  • 27. Secure config encryption tool When the pipeline pulls secrets from our application key vault, we need a way to encrypt them. This is where the mulesoft secure config encryption tool comes in • https://docs.mulesoft.com/mule-runtime/4.3/secure-configuration-properties#secure_props_tool • We need to supply the following arguments • File or string • Algorithm • Mode • Mule key • Secret to be encrypted Once we have encrypted pipeline secrets setup, we can tokenise the {env}-properties.yaml file and add this to the src/main/resources/properties folder 27 Pipeline Security
  • 28. Secure Configuration properties Extract mule key from environment or application key vault • Mule key length has to abide by the algorithm settings i.e AES algorithm has an exact key length of 16 • This is where you may need different mule keys for applications if migrating to a different algorithm • Environment mule key vs application mule key Extract algorithm and mode from the application global-configs.xml file • Or use the default set in the application.settings file • If using default of values, there is no properties being setup in the global-configs.xml, hence the need for defaults in app settings file 28 Pipeline Security
  • 29. SLA Tiers We use an automated policy to enforce the need for SLA tiers across all environments. As part of our application pipeline, when the deploy stage happens, we deploy Trustpower default SLA tiers that are setup in the default.settings file. We can modify or add to these SLA tiers using the application.settings file for each application in each environment. When a user is requesting access to an application this is where they will be able to select their required SLA tier. • Auto approved for dev and qa • Manual approval needed for production 29 Pipeline Security
  • 30. 30
  • 31. Pipeline improvements • Use a step template for generating the mule key • Remove inline scripting • Some PowerShell tasks need to be smaller and more understandable/readable • Look through devops improvements (can we use stage dependencies for stage conditions yet?) • Integration Postman agent (newman) • Automate setting up API Manager • Only trigger one build at any time • Use of approval gates (Environment) 31
  • 32. Key takeaways What have we learnt (hopefully): • How to externally manage property files • Use policy to exclude files/folders from PR review for faster development • How to use key vault for secrets and use within pipelines (service connection for access) • How to use secure config tool with above for setting up encrypted secrets • How to tokenise a property file to inject secrets from above • Build an application using the external properties file • Munit is good for integrating testing into the CI/CD pipeline, but is also handy for exposing errors before a deploy if the properties file doesn’t match what the application is expecting • Deploy application using pipeline conditions and flags • Deploy SLA tiers 32
  • 33. Call for Speakers! ● Incentive for speakers:  Complimentary training class voucher or certification exam voucher of their choice. ● Please contact organizers for more information! 33