Security of Bamboo Remote Agent in Production VMs for Deployments

Sajith Dilshan Jamal

5/8/24, 11:51 PM

Got sent from Stackoverflow to here

I have been reading the Bamboo documentation about its remote agent security specifially, and to its credit it seems very secure, but I have yet to find a specific document that answers this.

In a production environment, is it standard/best/security practise to install a Bamboo remote agent on the production VM, so that deployment plans can be executed easily?, or are remote agents installed in an intermediate VM and through some shenanigans (eg: powershell remote logins, or ssh ), run their deployment plan(eg: write a script that SSH's to the production VM then execute a docker pull/run script to deploy the docker container on the docker host vm)?

My gut leans towards it being ok to deploy the remote agent on the production VM iself, but I would like a better reference for this. It seems that the intermediate VM would create an additional layer of complexity to me. as tasks like the 'Docker' task cannot be directly executed in the production docker host VM.

0 + 0

bamboo

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Security of Bamboo Remote Agent in Production VMs for Deployments

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.