Summary
In this chapter, we learned all about Docker secrets, the counterpart to Kubernetes secrets. We saw how this feature can be used to securely share sensitive data between containers in a swarm if you need to work with this technology instead of Kubernetes. We also learned this can be useful for segmenting sets of credentials based upon the environment you are working in. Finally, we walked through how we can create, inspect, and delete them.
Following this, we looked at tags once again and discussed how these can be used to ensure the right image is being pulled from the right environment. A combination of environment-based secrets and tags were shown to help you secure your development processes further.
Finally, we discussed how containers can be annotated with metadata labels. This also included using the security.txt
file.
In the next chapter, we will explore how third-party tools can be used to help secure our containers and enforce some of the practices we have...