Containers and Kubernetes have revolutionized the way applications are deployed at scale. This new approach, along with the use of CI/CD for deployment automation, brings new challenges, in particular when it comes to security, as containers are static artifacts that require rebuilding and redeployment in order to perform updates.

This talk will demonstrate how to set up an automated CI/CD pipeline to deploy applications on Kubernetes using OpenShift and GitLab, so that updates of public base images trigger rebuilds and deployments of derivative containers. It will also show how static image analysis can be plugged into the pipeline to increase application security.