devops-db.com Jenkins – Resolving Jenkins Kubernetes Agent TLS Failures After HTTPS Migration
Overview During a migration of our internal Jenkins controller from HTTP to HTTPS/TLS, several Jenkins pipelines running on Kubernetes agents began failing. These pipelines use dynamically provisioned agents created by…
Security – Configuring TLS Certificates with Step-CA for Nexus, Jenkins, GitLab and Vault
In a modern DevOps infrastructure, operating an internal Public Key Infrastructure (PKI) is essential to secure communications between services. Instead of relying on self-signed certificates or external certificate authorities, organizations…
Security – Distributing Trust for an Internal Certificate Authority in a DevOps Infrastructure
Deploying an internal certificate authority is only the first step in building a secure infrastructure.Once certificates start being issued, every system that communicates with services signed by the CA must…
Security – Building an Internal CA with Step-CA (Part 3 — Issuing TLS Certificates for Virtual Machines)
In the previous sections we demonstrated how Kubernetes services can obtain certificates automatically using cert-manager and ACME, or manually using the Step CLI. However, many infrastructure services still run outside…
Security – Building an Internal CA with Step-CA (Part 2 — Issuing TLS Certificates for Kubernetes Services)
In the previous article we deployed an internal certificate authority using Step-CA running inside Kubernetes. That CA is now capable of issuing certificates for internal infrastructure. The next step is…
Security – Building an Internal CA with Step-CA (Part 1 — Installation and Initial Configuration)
Modern infrastructure relies heavily on TLS certificates to secure communication between services. Kubernetes clusters, CI/CD pipelines, internal APIs, and development platforms all require trusted certificates to ensure encrypted and authenticated…
Jenkins – Making Jenkins Builds Easier to Identify with buildName / displayName
As CI/CD pipelines grow, Jenkins jobs tend to produce a large number of builds. When multiple branches, environments, and versions are involved, the default Jenkins build numbering quickly becomes difficult…
Jenkins – Dynamic Jenkins Parameters with Active Choices (Groovy + API)
In many CI/CD workflows, pipelines need to adapt based on dynamic infrastructure data. For example: Hardcoding these options inside Jenkins parameters quickly becomes unmaintainable. A much better approach is using…
Security – Implementing TOTP Two-Factor Authentication in Go
Two-Factor Authentication (2FA) using TOTP (Time-based One-Time Password) is one of the most widely adopted security mechanisms for protecting user accounts. Authenticator applications such as: generate temporary verification codes that…
Linux – A TUI for PostgreSQL Connections with AWS IAM Support
Managing PostgreSQL connections across multiple environments can quickly become messy. Different hosts, users, ports, databases — and when AWS RDS enters the picture with IAM authentication, the login process becomes…