Okuqukethwe[Fihla][Bonisa]
Cishe usuvele uyazi ukuthi iyini i-DevOps uma usebenza embonini yesoftware.
Akumangazi ukuthi amafemu amaningi amakhulu ahlanganisa izindlela zawo zokusebenza ekusebenzeni kwawo njengoba aya ngokuya ethandwa kakhulu ngabathuthukisi.
Ezinyangeni ezimbalwa noma ngisho neminyaka edlule, izinkampani ezinkulu zesofthiwe zazivame ukukhulula izinhlelo ezintsha.
Kwakukhona isikhathi esanele sokuba ikhodi yokudlulisa ukuphepha kanye nekhwalithi amasheke okuqinisekisa; lezi zinqubo zenziwa amaqembu ochwepheshe abazimele.
Ngokusetshenziswa okwengeziwe kwamafu omphakathi, ukugeleza okuningi kwenziwe ngokuzenzakalelayo kusetshenziswa amathuluzi amasha nobuchwepheshe, okuvumela amabhizinisi ukuthi athuthuke ngokushesha futhi ahlale isinyathelo esisodwa ngaphambi komncintiswano.
Izinhlelo ze-Monolithic ziqale ukuhlukana zaba izingxenye ezincane, ezizimele ngemva kokwethulwa kweziqukathi kanye nomqondo we-microservice.
Lokhu kwandisa ukuguquguquka kokuthi isofthiwe yadalwa futhi yasetshenziswa kanjani.
Kodwa-ke, iningi lezinhlelo zokuqapha nokuqapha ukuthotshelwa kwezokuphepha azizange ziyibonise le ntuthuko.
Iningi labo alikwazanga ukuhlola amakhodi abo ngokushesha njengendawo evamile ye-DevOps efunwa ngenxa yalokho.
Ukuqaliswa kwe-SecDevOps kwakuhloselwe ukubhekana nale nkinga futhi kuhlanganiswe ngokuphelele ukuhlolwa kokuvikela ekuhlanganisweni okuqhubekayo (CI) kanye namapayipi okulethwa okuqhubekayo (CD) kuyilapho kuthuthukiswa ulwazi nolwazi lwethimba lokuthuthukisa ukuze kube lula ukuhlola nokuchibiyela kwangaphakathi.
Uzothola okwengeziwe mayelana ne-SecDevOps kulesi siqeshana, okuhlanganisa ukubaluleka kwayo, ukusebenza, imikhuba ehamba phambili, nokunye okuningi.
Ngakho-ke, yini i-SecDevOps?
I-DevOps iyashesha, iqinile, futhi iyazenzakalela, futhi inethoni yezinzuzo ngokwayo.
Kodwa-ke, ukuhlanganiswa kokuvikeleka kuyabambezeleka njengoba ukuthunyelwa okusheshayo kusho amawindi esikhathi ambalwa okuhlonza nokulungisa amaphutha ezokuphepha.
Uma ukuvikeleka kungafakwanga enqubweni yokwakha nokukhipha kuyilapho kwakhiwa izinhlelo zokusebenza ngenhloso yokuphakwa ngokushesha (indlela ye-DevOps), ungase uzishiye zivuleleke kumaphutha abalulekile okuvikela.
Yilapho i-SecDevOps (ephinde yaziwe ngokuthi i-DevSecOps noma i-DevOpsSec) iqala ukusebenza. Le ndlela ihilela ukuhlanganisa ukuphepha ezinqubweni zokuthuthukiswa nokusetshenziswa, njengoba igama lingase lisho.
I-SecDevOps iqoqo lezinqubo ezihamba phambili ezidizayinelwe ukuhlanganisa ukubhala ngekhodi okuvikelekile ngokujulile ekuthuthukisweni kwe-DevOps nezinqubo zokuphakelwa.
Kuvame ukubizwa ngokuthi ama-DevOps aqinile.
Njengoba bedala izinhlelo zabo zokusebenza, kukhuthaza onjiniyela ukuthi bacabangele izindinganiso zokuphepha nemiqondo ngokucophelela. Ukuze uhlale unolwazi mayelana nendlela yokukhishwa esheshayo ye-DevOps, izinqubo zokuphepha nokuhlola kufakwa ngaphambi kwesikhathi kakhulu emjikelezweni wokuphila.
I-SecDevOps ihlukaniswe izingxenye ezimbili eziyinhloko:
Ukuphepha njengekhodi (SaC)
Kuleli qophelo, amathuluzi nezinqubo zepayipi le-DevOps kufanele zihlanganise ukuphepha.
Kulandela ukuthi amathuluzi for ukuhlolwa kokuphepha kohlelo lokusebenza okumile (SAST) nokuhlolwa kokuphepha kohlelo lokusebenza okunamandla (DAST) scan ngokuzenzakalelayo izinhlelo zokusebenza ezakhiwe.
Ngenxa yalokhu, izinqubo ezizenzakalelayo zibekwa phambili kunezo ezenziwa ngesandla (yize izinqubo ezenziwa ngesandla zidingeka ezindaweni ezibalulekile zokuvikela zohlelo lokusebenza).
Izinqubo ze-DevOps namaketango amathuluzi kufanele afake ukuphepha njengekhodi. Lawa mathuluzi kanye ne-automation yawo kufanele ihambisane nesakhiwo Sokulethwa Okuqhubekayo.
Ingqalasizinda njengeKhodi (IaC)
Iqoqo lamathuluzi e-DevOps asetshenziselwa ukulungisa nokuthuthukisa izingxenye zengqalasizinda ukuze kuhlinzekwe ngendawo yokuthunyelwa evikelekile nephethwe kubhekiselwa kuyo lapha.
Amathuluzi afana noChef, Ansible, kanye nePuppet avame ukusetshenziswa kule nqubo.
I-IaC ihlanganisa ukusebenzisa imihlahlandlela yokuthuthukiswa kwekhodi efanayo ukuze ulawule ingqalasizinda yokusebenza esikhundleni sokwenza izibuyekezo zokuhlela okwenziwa ngesandla noma izinguquko kusetshenziswa imibhalo ephuma kanye.
Njengomphumela, esikhundleni sokuzama ukupeshisha nokubuyekeza amaseva asetshenzisiwe, inkinga yesistimu idinga ukuthunyelwa kweseva elawulwa ngokucushwa.
Ngaphambi kokwethulwa kohlelo lokusebenza, i-SecDevOps isebenzisa ukuhlolwa kokuphepha okuqhubekayo nokuzenzakalelayo. Ukuqinisekisa ukutholwa kusenesikhathi kwanoma yimaphi amaphutha, kusetshenziswa ukulandelela inkinga.
Ukwengeza, kusebenzisa ukuzenzekelayo nokuhlola ukuze kuhlinzekwe ngokuhlolwa kokuphepha okusebenza kahle kuwo wonke umjikelezo wokuphila wokuthuthukiswa kwesofthiwe.
Kungani ibhizinisi lidinga i-SecDevOps?
Kule nkathi yedijithali, ukuphepha kufanele kube phambili futhi yonke inhlangano ize kuqala.
Ngokubeka imodeli ye-SecDevOps, inkampani ikhombisa ukuthi iyasebenza kunokuba isebenze uma kuziwa kwezokuphepha.
Ukuthuthukiswa kwezinhlelo eziqinile nezicelo ezinokwethenjelwa, eziqinile zikhuthazwa ukuba nengqondo yebhizinisi "Yokuphepha Kuqala".
Emakethe yanamuhla ye-IT eqhudelana kakhulu, izinhlangano azikwazi ukuba namaphutha okuphepha ezinhlelweni zazo zokukhiqiza.
Ukuhlasela okusebenzisa ukuxhashazwa kuyabiza futhi ngokuvamile kwenza isistimu noma inhlangano ingasebenziseki. I-SecDevOps ngaphakathi kwenhlangano inika amandla ukugcizelela kokuphepha okuqhubekayo kuwo wonke amaphayiphi amaleveli.
Ukwazi ukuthi udala izinhlelo ezithile namasistimu anezici nokusebenza okudingwa abathengi kukunikeza ukuthula kwengqondo.
Ukuze kwenziwe isiqiniseko sokuthi ibhizinisi lithobela izinqubo ezingcono kakhulu zokuvikela, izindinganiso, nomthetho, kuyalulekwa ukuthi Ithimba Lezokuphepha lihileleke kusenesikhathi futhi kaningi kuzo zonke izinhlelo zobunjiniyela nezingezona ezobunjiniyela.
Isebenza kanjani i-SecDevOps?
I-SecDevOps iphathelene nokuhambisa ukuphepha kwesokunxele. Lokhu kusho ukuthi wonke umuntu kufanele azibophezele ekuvikelekeni kusukela ekuqaleni, ngisho nangesikhathi sezigaba zokuhlela, kunokusebenzisa uhlelo lokuphendula isigameko.
Ngokuphambene nokujwayelekile impophoma isondela, okubeka ukuphepha ekupheleni komjikelezo wokuphila, lolu ushintsho olubalulekile. Ukuphepha kufanele kubhekwe kukho konke ukukhetha kanye nakuwo wonke umjikelezo wokuphila wokuthuthukiswa.
Ngokungeziwe ekusebenziseni amamodeli asongelayo, asekela indawo yokuthuthukiswa eqhutshwa ukuhlolwa ngamacala okuhlola ukuphepha.
Kufanele wenze isiqiniseko sokuthi ukuhlolwa kokuvikeleka okuzenzakalelayo nokuhlanganiswa okuqhubekayo kuhlanganiswe nenqubo.
Ukuthola ubuthakathaka bohlelo lokusebenza, i-SecDevOps idinga ukuqonda okugcwele kokuthi isebenza kanjani.
Ungayivikela kangcono ezingozini zokuphepha njengoba ukwazi lokhu. Amamodeli asongelayo avame ukusetshenziselwa ukwenza lokhu phakathi nomjikelezo wokuphila wokuthuthukiswa.
Ukuze uqonde futhi ukuthi isebenza kanjani, ake sibheke inqubo ejwayelekile ye-SecDevOps.
Uhlelo lokuphathwa kokulawulwa kwenguqulo lusetshenziswa onjiniyela. Ngenxa yalokho, ukuxhumana kumaphrojekthi anjalo kulula futhi bayakwazi ukulandela noma yiziphi izinguquko ezinhlelweni zokuthuthukiswa kwesofthiwe.
Lapho besebenza kuphrojekthi yokufaka amakhodi ngokubambisana, abathuthukisi bangahlukanisa kalula imisebenzi yabo besebenzisa amagatsha.
- Unjiniyela uzoqale abhale ikhodi yesistimu.
- Isistimu izobe seyamukela ukulungiswa.
- Ikhodi izobe isithathwa ohlelweni futhi ihlolwe omunye unjiniyela. Ukuze uthole amaphutha okuvikela noma ubungozi, hlaziya ikhodi emile kulesi sigaba.
Inqubo evamile ye-SecDevOps izoqhubeka ngale ndlela elandelayo ngemva kwalesi sigaba:
- Ukwenza indawo yokuphakela yohlelo nokusebenzisa izilungiselelo zokuphepha ohlelweni kusetshenziswa ubuchwepheshe be-IaC obufana nePuppet, Chef, kanye ne-Ansible
- ukwenza i-backend, ukuhlanganiswa, i-API, ukuphepha, nokuhlolwa kwe-UI njengengxenye yokuhlola okuzenzakalelayo kwesuite ngokumelene nohlelo lokusebenza olusanda kufakwa.
- ukuthumela uhlelo lokusebenza nokusebenzisa ukuhlola okuzenzakalelayo okuguquguqukayo kulo endaweni yokuhlola.
- Uma lezi zivivinyo seziphumelele, thumela isicelo endaweni yokukhiqiza.
- Ukuhlala uqaphe noma yikuphi ukukhathazeka okusebenzayo kwezokuphepha endaweni yokukhiqiza.
Izinzuzo ze-SecDevOps
Ku-SecDevOps, ithimba lezokuphepha lisungula izinqubomgomo ezibalulekile kusenesikhathi.
Le mithetho ingafaka izinto ezifana namazinga ekhodi, izincomo zokuhlola, isiqondiso sokuhlaziya okumile nokuguquguqukayo, ukuvinjelwa ekusebenziseni ukubethela okubuthakathaka nama-API angaphephile, njll.
Ukwengeza, baveza izici ezingadinga isenzo sethimba lezokuphepha (isb, izinguquko ekuqinisekiseni ubuqiniso noma kumodeli yokugunyaza, noma ezinye izindawo ezibalulekile zokuphepha).
Ithimba labathuthukisi lizuza ubungcweti kwezokuphepha njengomphumela wokulifaka ohlelweni.
Ngokwenza lokhu, kuqinisekiswa ukuthi isiphetho sepayipi sinokushiyeka okuncane kakhulu okungaba khona kwezokuphepha. Uma ubungozi buqhubeka, kuzoba lula ukwenza uphenyo, ubuyekeze inqubo, futhi wenze ukuthuthukiswa.
Ukwenza izinguquko ezidingekayo emithethweni yezokuphepha kanye nezindinganiso kwenziwa kube lula ngosizo lokuhlaziya imbangela eyinhloko.
Ukukubeka ngenye indlela, ngomjikelezo ngamunye, umphumela uzoba ngcono. Ukuqinisekisa ukukhuphuka komjikelezo wakamuva okuphazamisa kancane kungenye inhloso yokuthuthukiswa okuphindaphindayo.
Okulandelayo ezinye zezinzuzo ezivelele ze-SecDevOps:
- Amandla okusabela ngokushesha ezinguqukweni nasezidingweni
- Ukutholwa kusenesikhathi kobungozi bokubhala ikhodi
- Ukusebenza okuthuthukisiwe nokushesha kwamayunithi okuphepha
- Ukubambisana okwengeziwe kweqembu nokuxhumana
- Ukukhulula izinsiza zamalungu eqembu ukuze zisebenze emisebenzini enenani eliphezulu ngokuzenzakalelayo
- Amathuba engeziwe okuhlolwa kwekhwalithi nokuphepha, kanye nokwakhiwa okuzenzakalelayo
Amasu Asebenzayo we-SecDevOps
I-SecDevOps ihlanganisa ukuphepha, ukuthuthukiswa, kanye nokusebenza ukuze izisize zonke zisebenzele injongo eyodwa ngokuthuthukisa ukusebenzisana kweqembu, izinqubo, kanye namathuluzi.
Ngenxa yokungabaza kwamasiko, ukuxhumana kweqembu okungalungile, noma imikhawulo yesikhathi, okuhlanganisa ukuphepha ekuhambeni komsebenzi wakho we-DevOps kungase kwesabise kancane.
Yize ingekho indlela eyodwa, eyimpumelelo engasetshenziswa yinkampani ngayinye ukuthuthukisa uhlelo lwe-SecDevOps, kunezinkomba namasu athile angaba wusizo.
Qala ngokuqalisa ukuthuthukiswa nokuqeqeshwa okuphephile.
Lokhu akusho ukuthi kufanele uphoqe onjiniyela bakho ukuthi babe ngochwepheshe bezokuphepha noma babe nekhono kumathuluzi okuphepha asezingeni eliphezulu.
Kodwa ufuna ukucabanga ngokubafundisa izinqubo zokuphepha ezizosiza ukuvikela uhlelo lwakho. T
o qinisekisa ukuthi onjiniyela bakho bangakwazi ukuqonda ngokushesha futhi basebenzise izinqubo zokuphepha ezinengqondo, kufanele unikeze ukuqeqeshwa kokuphepha okuklanyelwe bona ngokukhethekile.
Sebenzisa isilawuli senguqulo kuzo zonke izimo.
Kumongo we-DevOps, yonke isofthiwe yohlelo lokusebenza, iphethini, umdwebo, nesikripthi kufanele kusetshenziswe amathuluzi okuhumusha asebenzayo namasu.
Izinzuzo eziningi zokuphepha ziza nokulawula inguqulo, futhi zenza imiyalelo ukuthi:
- Nquma ukuthi yisiphi isakhiwo noma isici esiye sasetshenziswa lapho kwenzeka inkinga yezokuphepha.
- Landelela imisebenzi yokuthuthukisa ukuze uthobele izindinganiso zomthetho.
- Bheka futhi uthole noma yiziphi izingxenye eziyingozi noma ezisengozini ezengezwe kunqubo yokuthuthukisa.
Yamukela Umqondo Wokuphepha Okumaphakathi Kwabantu
Ukuqaliswa kokuvikeleka akufanele kube ngaphansi kwethimba elilodwa.
Ukuqinisekisa ukuthi wonke umuntu uyawamukela umthwalo wemfanelo wokuthobela izindinganiso zokuphepha, inkampani yakho kufanele yamukele isiko lokuphepha eligxile kubantu.
Khuthaza onjiniyela, abahloli, nabanye abasebenzi ukuthi bazibophezele ekuvikelekeni ngaphezu kokuqeqeshwa kwezokuvikela.
Sukuqapha ukuphepha kubalulekile, kodwa futhi kufanele kusuke kumuntu ngamunye, futhi ilungu ngalinye leqembu kufanele lizibophezele ngakho.
Yenza Umsebenzi Ojwayelekile
Amasistimu e-DevSecOps asungulwe kakhulu asebenzisa okuzenzakalelayo njalo futhi kusenesikhathi.
Isibonelo, ukuhlola okuzenzakalelayo kokuvikela kwenza kube lula ukubona noma yimaphi amaphutha kukhodi yakho, okusheshisa ukuthuthukiswa futhi kwandise ukukhiqiza konjiniyela.
Lokhu kuyiqiniso ikakhulukazi kumafemu amakhulu lapho onjiniyela bevame ukusebenzisa izinguqulo ezimbalwa zamakhodi usuku lonke.
Imikhawulo ye-SecDevOps
Ngaphandle kweqiniso lokuthi i-SecDevOps iyindlela yakamuva kakhulu yokuthuthukiswa kohlelo lokusebenza futhi inikeza izinzuzo ezimbalwa kumasu ajwayelekile.
Nokho, iphinde ibe nokulinganiselwa okumbalwa, okubalwe ngezansi.
- Angeke kusetshenziswe ngokushesha ngoba kuyinqubo ende.
- Kuyadingeka ukuqeqesha onjiniyela kumasu okubhala amakhodi aphephile kanye nokuba sengozini okuvamile, okudinga isikhathi nezinsiza ezengeziwe.
- Ukungqubuzana kwezintshisekelo kungase kuthuthuke uma isicelo singekho ngaphansi kokuhlolwa kokuphepha okuzimele.
- Isigaba sokuhlela sokuthuthukiswa kwesicelo ekuqaleni singathatha isikhathi eside ngenxa yencazelo ebanzi yezinqubomgomo nezinqubo.
Isiphetho
Njengoba amaqembu ezokuphepha eqhubeka ethola izindlela ezintsha zokusebenza, i-SecDevOps ivusa umdlandla futhi ikhuthaza ubuhlakani.
Njengoba iminyango ibambisana esikhundleni sokusungula izibopho zokuncintisana, ikhuthaza ukukhula kwenhlangano.
Ukuqaliswa kwe-SecDevOps kunikeza izinzuzo ezinkulu zobuchwepheshe nezezimali emabhizinisini.
Ukuthuthukiswa kohlelo lokusebenza nezinqubo ezihlotshaniswayo kuphephe kakhudlwana futhi kukhiqiza kakhulu uma ukuphepha kuyisisekelo, ngokuya ngombono we-SecDevOps.
shiya impendulo