Part 1: Set up prerequisites
This tutorial walks you through how to set up prerequisites and learn more about IBM Cloud® DevSecOps by using a complete reference implementation that is available as a service and powered by IBM Cloud® Continuous Delivery.
This tutorial uses an example of Node.js app, but you can also deploy other language-based apps.
Before you begin
- DevSecOps reference implementation
- DevSecOps with Continuous Delivery
- Understanding DevSecOps pipelines
For more information, see DevSecOps architecture and its implementation in Continuous Delivery.
Set up an IBM Cloud account
To get started, you must set up an IBM Cloud® account. Depending on your IBM Cloud account plan, access to certain resources by DevSecOps toolchains might be limited. For more information, see Setting up your IBM Cloud account, and Upgrading your account.
Store secrets values
Storing secrets values is essential to the DevSecOps process. As a user, storing an instance is required to manage and protect systems access that are inside or outside of IBM Cloud. Choosing one of the secret management options helps you to protect your sensitive data and centralize your secrets. Managing IBM Cloud secrets can help you choose from various secrets management and data protection offerings. If you don't already have an instance of the secrets management vault provider of your choice, create one. For more information, see Getting started with Secrets Manager.
Create a Kubernetes cluster
Create a Kubernetes cluster. The cluster takes time to provision. For more information about provisioning clusters, see Preparing your account to create clusters.
Create a Container Registry namespace
Create an IBM Cloud® Container Registry namespace. The IBM Cloud Container Registry provides a multi-tenant private artifact registry that you can use to store and share your container artifacts with users in your IBM Cloud account. For more information about IBM Cloud Container Registry, see Getting started with Container Registry.
Apply the steps
If applicable to your use case, you can complete any or all the following steps.
- Create an artifact key with the right encoding to sign in to your applications.
- Create and save an IBM Cloud API key. Alternatively, you can create the API key during the template-guided setup process.
- Validate that the IAM permissions are assigned to the corresponding integrations.
- Install the IBM Cloud CLI.
- Create an IBM Cloud® Object Storage instance and bucket. For more information, see What is IBM Cloud Object Storage?
- Create an IBM Cloud Satellite cluster group to deploy your application into IBM Cloud Satellite cluster group. For more information, see Understanding Satellite config.
You can automatically set up the DevSecOps infrastructure for your toolchains by using an IBM Cloud® Schematics workspace and a Terraform template by skipping the steps and going directly to DevSecOps infrastructure and Continuous Integration (CI) toolchain for deploying a secure app set up. After the prerequisites and CI toolchain are successfully configured, continue to the Continuous Deployment (CD) toolchain introduction.
Next steps
After you complete the prerequisite steps and are ready to get started with toolchain integration, continue to the next tutorial in the series: Setting up a Continuous Integration toolchain.
For additional information about related topics, review the following documentation: