GitHub Actions, RHEL 7.7, Kubernetes Security…[August 9, 2019]


Welcome to your daily dose of open source, emerging tech, and cloud-native news. The only news source you ever need. Subscribe to our newsletter now.

1/ GitHub Enters The CI/CD World: GitHub Actions, the company’s workflow automation platform, has added full continuous integration and delivery (CI/CD) capabilities making it a direct, and a more powerful, competitor to many CI/CD players. With GitHub Actions developers can now build, test and deploy their code on any platform and run their workflows in containers or virtual machines. GitHub CEO, Nat Friedman said in a blog post, “GitHub Actions now makes it easier to automate how you build, test, and deploy your projects on any platform, including Linux, macOS, and Windows. Run your workflows in a container or in a virtual machine. Actions also supports more languages and frameworks than ever, including Node.js, Python, Java, PHP, Ruby, C/C++, .NET, Android, and iOS. Testing multi-container apps? You can now test your web service and its database together by simply adding some docker-compose to your workflow file.”(Source: GitHub, TechCrunch)

2/ Red Hat Enterprise Linux 7.7 Released: Red Hat has announced the final update to RHEL 7 platform. With version 7.7, RHEL 7 moves to Maintenance Phase I within the RHEL 10-year lifecycle. RHEL 7.7’s most important updates are supported for the latest generation of enterprise hardware and remediation for the recently disclosed ZombieLoad vulnerabilities. The latest RHEL 7 also includes network stack performance enhancements. RHEL 7.7 users can also use Red Hat’s new predictive problem shooter: Red Hat Insights. This uses a software-as-a-service (SaaS)-based predictive analytics approach to spot, assess, and mitigate potential problems to their systems before they can cause trouble. RHEL 8 is already out and there is a very clear upgrade path for enterprise customers.
(Source: ZDNet, Red Hat)

3/ 34 Vulnerabilities Found In Kubernetes: The Cloud Native Computing Foundation (CNCF) recently started auditing the code-base of CNCF hosted projects. This week the foundation released the results of the latest audit of Kubernetes. The audit revealed 34 vulnerabilities in Kubernete, out of which four were ranked as high-severity. The auditors focussed on eight core Kubernetes components: Kube-apiserver, etcd, Kube-scheduler, Kube-controller-manager, cloud-controller-manager, Kubelet, Kube-proxy and container runtime.
(Source: ZDNet, Container Journal, SilconAngel, CNCF)

4/ Gitlab’s Acquisition Strategy Explained: GitLab has a unique approach to acquisitions. Unlike the secrecy that most modern companies adopt (who knew IBM was going to acquire Red Hat?), GitLab’s entire acquisition strategy is available publicly. In this panel discussion, three GitLab team members discuss the company’s approach to acquisition.

5/ What’s New In Docker 3.0: Justin Graham is the new VP of Product Management at Docker Inc. In this episode of “Let’s Talk”, he dived deep into new announcements from Docker, especially around Docker 3.0 and their partnership with Tigera.