How secure is your CICD pipeline?

Looking at a CICD pipeline with security in mind, reveals some interesting concerns. Consider the credentials and access typically assigned to each step, and what’s actually required for each step - Read Write access, and Read Only access. The CI system can be a target, because it’s got credentials for the source code, the image repo and the cluster, and it crosses two logical security boundaries. Learn how you can mitigate this with a GitOps approach.