Kubernetes at the edge has become extremely popular with retail companies like Chik-Fil-A and Starbucks, leading the way as famous examples to the more exotic US Air Force deploying Kubernetes on F-16s. At Codefresh we’ve seen and helped implement every kind of edge deployment from clusters in retail stores, mobile clusters in vehicles, air-gapped clusters for telecoms, and lots more.

In our big guide for Kubernetes deployments, we explained the benefits of using dynamic environments for testing. The general idea is that each developer gets a preview environment instead of having a fixed number of testing/QA environments. The environment gets created on the fly when you open a pull request. Typically, it gets destroyed when you merge the pull request (or after a specific amount of time).

Have you ever found yourself wrestling with the complexities of managing ArgoCD applications across multiple environments? Are you constantly juggling naming conventions and struggling to correlate applications representing the same microservice or product? If you’ve been deep in the trenches of GitOps, you’ve likely encountered these challenges firsthand.

In the previous article of the series we explained how to model GitOps environments and promote an application between them. That article was laser-focused on a single application and its Kubernetes resources. In this article we will zoom out to look at several related subjects: It is worth mentioning that as always, our advice is a general recommendation that follows best practices.

Deploying software to your internal systems or sending releases to external customers is a process that ideally follows strong security requirements in an end-to-end manner. In a perfect world, every software release should come with at least the following guarantees In the world of CI/CD we are mostly interested in binary artifacts and how they were created all the way from the initial release up until they reach production.

In September 2023, security researchers from KTrust reported three issues through the official Argo CD security disclosure channels in accordance with Argo CD security policy. In coordination with other Argo maintainers, we have issued security updates for both Argo CD and Codefresh GitOps (enterprise Argo). Below you can read more about these CVEs, their impact, and mitigation.

The security and storage of secrets is one of the most controversial subjects when it comes to GitOps deployments. Some teams want to go “by the book” and use Git as the storage medium (in an encrypted form of course) while others accept the fact that secrets must be handled in a different way (outside of GitOps). There is no right or wrong answer here and depending on the organization requirements, either solution might be a great fit.

Today marks an important milestone as Codefresh joins forces with Octopus Deploy, a leading player in the Continuous Delivery space. For those less familiar with Octopus, they have been at the forefront of delivering cutting-edge Continuous Delivery for VMs, Windows, and recently stepped into Kubernetes as well.

The customer in question is one of the world’s leading providers of technology and telecommunication services. In this guide, we will share how one of their teams migrated from a traditional CI solution to a powerful Internal Developer Portal using Codefresh and Port.

This article is part of our series “Codefresh in the Wild” which shows how we picked public open-source projects and deployed them to Kubernetes with our own pipelines. We will use several tools such as GitHub, Docker, Codefresh, Argo CD, Kubernetes. This guide chronicles how we integrated all those tools together in order to build an end-to-end Kubernetes deployment workflow.