Skip to main content

You are currently viewing the Trifork Blog, to view our full website please go to Trifork.com

How I got rid of privileged mode Docker-in-Docker in GitLab CI/CD jobs with Podman

Docker-in-Docker requires privileged mode to function, which is a significant security concern. Docker deamons have root privileges, which makes them a preferred target for attackers. In its earliest releases, Kubernetes offered compatibility with one container runtime: Docker. In the context of GitLab CI/CD jobs that build and publish Docker images to a container registry, docker commands in scripts might seem like an obvious choice.

Getting out of a codependent relationship, or: how I moved to a healthy component-based Spring Security configuration

Holding Hands Together

In a recent blog post, the Spring Security team announced that they’ll be deprecating the configuration setup where you subclass the WebSecurityConfigurerAdapter. Instead, you simply define beans that allow you to set up the SecurityFilterChain by calling methods on the HttpSecurity object, and configure the WebSecurity object using a configurer. These options have been available […]

Don’t let regulatory compliance hold you back!

Don’t let regulatory compliance hold you back!

Trifork works with several customers who are operating in businesses with strict regulations, like finance or online betting. Assuring that your software and processes are in compliance with these regulations is challenging, and can easily lead to a situation where compliance officers and thus organizations become risk-averse. Changes take weeks or even months to be […]

Customers Drive Modern Applications

As companies are moving more and more of their business online, it becomes ever so clear that this isn’t just a matter of offering an additional sales channel. Acquiring new customers, providing them with a service that lets them come back for more and adapting to their ever-changing demands requires a true digital transformation. As […]