Aside from naming and versioning, managing sensitive assets, like credentials, is one of the more challenging aspects in technology. So, why is it so difficult? Well, to start off. What may be considered a sensitive asset to one individual or organization may not be the same as another. Also, given that there are so many different ways that sensitive assets can be managed, there is no universally accepted method available.
The challenges that encompass how sensitive assets are handled also apply to image mode, a new method that enables building and deploying Operating Systems using similar tools and approaches as any other traditional container. In this article, we will discuss the types of sensitive assets that apply to image mode for RHEL specifically and how to design appropriate workflows to incorporate secure practices within all phases, from build and deployment to runtime.