DevSecOps Continuous Integration Toolchain for Infrastructure as Code (IaC)

1 min read

The DevSecOps Continuous Integration Toolchain is now able to validate Infrastructure as Code sources (such as Terraform definitions).

Infrastructure as Code (IaC) is used heavily to define infrastructure and tailor environments from development, testing and quality assurance to production environments.

This specialized code should be subject to the same cautious management as application source code to prevent the risk of incorporating vulnerabilities into the target infrastructure.

DevSecOps Continuous Integration for IaC can help

The DevSecOps Continuous Delivery service provides a new DevSecOps toolchain that is specialized to account for Infrastructure as Code, such as Terraform definitions source.

It includes all the expected DevSecOps best practices, including evidence collection, quality gates, artifact signing, automated tests, static code scans, vulnerability checks and more.

A new template is available in the toolchain catalog to create a Continuous Integration toolchain to develop your infrastructure code:

A new template is available in the toolchain catalog to create a Continuous Integration toolchain to develop your infrastructure code:

This template provides a default sample that illustrates the simple use-case of creating an IBM Key Protect for IBM Cloud service instance and implementing a unit-test using Terratest and an acceptance test using Jest. The DevSecOps Continuous Integration for Infrastructure as Code (IaC) pipeline comes with predefined stages implemented using default scripts. For example:

See the docs for more details:

Note: Selected stages can be customized to fit your need.

Note: Selected stages can be customized to fit your need.

Get started

You can create your first DevSecOps Continuous Integration for Infrastructure as Code toolchain directly from the toolchain catalog or by following this link and this tutorial

You can create your first DevSecOps Continuous Integration for Infrastructure as Code toolchain directly from the toolchain catalog or by following along with this tutorial: 

IBM Cloud has already made available a complete set of DevSecOps toolchain templates for your cloud-native application development. Learn more about it here.

Report a problem or look for help

Get help directly from the IBM Cloud development teams by joining us on Slack.

Be the first to hear about news, product updates, and innovation from IBM Cloud