Creating Docker Containers as Build Agents for Jenkins using SSH

Creating Docker Containers as Build Agents for Jenkins using SSH

The aim of this doc is to guide over the process to set up Docker Containers as Build Agents for Jenkins. It's very common to consider Jenkins nodes and agents as synonyms, but strictly speaking are not the same. A Jenkins node, also known as a Jenkins server, is any machine (physical or virtual) connected to the Jenkins network or the Jenkins environment. Nodes provide computational resources and environments to execute Jenkins build jobs. Both controllers and agents are considered to be nodes. In summary, we can say that Jenkins Nodes are the machines on which Agents run. By using docker containers as agents, you can reduce and simplify the process to create agents: every build spins up a new container, builds the project, and is destroyed. A common practice is to create docker containers to execute the app build process. In this doc, we will see how to create those containers.

Daniel García (cr0hn)
Daniel García (cr0hn)
devops devsecops cicd
Understanding Lua Scripts in Redis The Ping Pong Example

Understanding Lua Scripts in Redis The Ping Pong Example

Redis has de the feature of executing Lua scripts. This post explains how Redis handles potentially dangerous Lua scripts, using a "ping-pong" example. At the first glance, the Lua script seems to be an infinite loop. However, Redis has built-in protections that recognize the recursion pattern in the script. The secure Lua environment in Redis is designed to catch and prevent such infinite loops from running. This stops the script from consuming resources endlessly, ensuring the stability and security of the system. Redis enforces a read-only table restriction in this context, which prevents modifications that could lead to uncontrolled recursion.

Daniel García (cr0hn)
Daniel García (cr0hn)
cybersecurity hacking redis
Auto-generating regular expressions from a wordlist with Python

Auto-generating regular expressions from a wordlist with Python

Making regular expressions (REGEX) is sometimes an arduous task. If we need to create a REGEX that matches a set of words, we need to analyse them and include all the necessary conditions to match them. It’s very common in Web Apps, filters, or something else that has to match if a word matches with a set of allowed words.

Daniel García (cr0hn)
Daniel García (cr0hn)
python
DevSecOps series No. 1 — Breaking the CI/CD by using evil Git repositories

DevSecOps series No. 1 — Breaking the CI/CD by using evil Git repositories

This is the first post of a serie about DevSecOps. We’ll discuss about (in)security in DevSecOps process. Today we’ll check security in building process when you need external GIT.

Daniel García (cr0hn)
Daniel García (cr0hn)
devops git devsecops cybersecurity