Governance¶
The chief mechanism of governance we employ is our Chef/Inspec infrastructure.
 
Inspec managed from within Jenkins¶
We have a range of generic profiles which assure the operating system and various services - essentially verifying the Chef recipes that deploy the system(s).
Then we have specific profiles for the DCinaBox host. This assures the physical hardware (NIC’s, disk etc) and that the required VM’s (with the generic profiles) are up and running.
These inspec jobs are then set up in a fine-grained fashion and run from within our Jenkins. Here they can both be scheduled and manually triggered, with all of the logs captured to highlight issues and any intra-run disparities over time.
All of our Cloud-based images are independently scanned by the provider; and should we be made aware of any CVE; we address it. The outcome of which is then also consumed across our fleet of DCinaBox’s.