Armory Integrations

Integrate Grafeas with Armory Spinnaker

 

 

Questions about Integrations?


Spinnaker Integration with Grafeas

 

Make automated pipeline promotion decisions from Spinnaker pipelines based on the Grafeas metadata. Grafeas and Kritis provide a uniform and consistent way to produce and consume artifact metadata from software components with Spinnaker. The metadata is used to help developers audit their software components. Grafeas along with Spinnaker helps you automate DevSecOps decisions with your deployments.

How the Integration Works:

Use the Spinnaker Kritis stage after your application is built to determine what to do. The Kritis stage allows you to either continue the pipeline or stop it based on certain criteria. If a new vulnerability is found, the pipeline will stop with a message about needing to go back and fix your application.

Some decision examples include:

  • This container has trusted origin and registry
  • This container does not run as root
  • This container passes CI tests
  • This container was scanned by security
  • This container is deployed with the appropriate security context

Integration Benefits:

Automated Security Governance

Building security controls into the software delivery, based on comprehensive component metadata and security attestations protects production deployments. Make automated pipeline promotion decisions from Spinnaker pipelines based on the Grafeas metadata.

Accelerate Development Velocity

Know before your application is deployed to production that there is a critical vulnerability. This will help reduce the feedback loop, allowing you to ship better software faster.