ci | The Blog Pros

January 26, 2022

Best Practices: 5 Risks To Assess for Secure CI Pipeline

Introduction

As the computing world continues to develop new processes for creating software, criminals continue to evolve their own techniques that exploit the flaws in those processes. DevOps is the latest trend in software development, and it is characterized by high levels of automation. More and more parts of the software development process can occur without human intervention which speeds up development. However, this is not without its drawbacks.

Less human involvement means less oversight from start to finish, and it also means more technologies to potentially exploit or abuse. Most of the risk involved is related to using sensitive information within automation, allowing for several ways to steal secrets. There are also things like code tampering to worry about. To keep your code and secrets safe, you should add the following security practices to your CI pipeline.

December 4, 2021

Understanding Eclipse’s Plugin Build

This article provides a concise definition of the term Eclipse Plugin for the purpose at hand:

What Is This Plugin Thing You Are Talking About?

When we say 'Plugin' in this article, we mean an OSGi bundle that is running on an Eclipse runtime that has the Equinox Extension Point Registry installed.

August 29, 2021

Instrumenting Our Frontend Test Suite (…And Fixing What We Found)

Adding Instrumentation to Jest

Here at Sentry, we like to dogfood our product as much as possible. Sometimes, it results in unusual applications of our product and sometimes these unusual applications pay off in a meaningful way. In this blog post, we’ll examine one such case where we use the Sentry JavaScript SDK to instrument Jest (which runs our frontend test suite) and how we addressed the issues that we found.

We have high-level metrics for how well (or not) our CI is performing. This is useful to get a general sense of the health of the system, however, it does not help when doing a deeper dive into why a system is slow. We decided to instrument our CI jobs at the test runner level in order to get insights into the performance of the individual tests. We needed to be able to see if our test suite was slowing down because we were adding more tests or if it was because we had poor-performing tests.

June 3, 2021

Introduction to Feature Flags in Continuous Integration

The following is the first in a series of posts related to feature flags across CI/CD.

Continuous integration (CI) and feature flags look like a match made in heaven. Integrating code regularly, combined with the ability to isolate new features and turn them on and off at will, means you can move fast and still manage risk.

But with great power comes great responsibility. Feature flags require careful planning and continuous management, just like your builds do.

May 6, 2021

Faster Container Deployment With CI/CD: Truth or Bluff?

With the introduction of Continuous Integration (CI) and Continuous Delivery (CD), the archaic development process is now completely changed. Let’s deep dive into how CI/CD has completely revolutionized the application development process and how we can make this even better.

The archaic or the traditional way of the application development process was mostly linear. The biggest disadvantage was that it was based on a sequence philosophy which indirectly implied that the bugs in the ongoing build can not be solved till the next build is addressed. With the inclusion of DevOps in the CI/CD-based processes it is now extremely easy to bring every team member on board on one platform easily viz. developers, operations managers, QA engineers. But mankind has never stopped being better. So, the real question is that can we even improve this further? Let us find out this answer in this article.

April 30, 2021

How to Run Parallel Cypress Tests on BitBucket Pipeline

Do you use BitBucket Pipeline as your CI server? Are you struggling with slow E2E tests in Cypress? Did you know BitBucket Pipeline can run parallel steps? You can use it to distribute your browser tests across several parallel steps to execute end-to-end Cypress tests in a short amount of time.

How to Run Tests in Parallel

Distributing tests across parallel steps to spread the workload and run tests faster might be more challenging than you think. The question is how to divide Cypress test files across the parallel jobs in order to ensure the work is distributed evenly? But… is distributing work evenly what you actually want?

April 11, 2021

A Programmer Learning List (for Beginners)

My friend has a son who's graduating high school soon. He's been learning some programming and is considering it for his career. He asked me a question I hear often: what should I learn next?

When I was first learning to code, I always assumed the answer to "what should I learn next" would be a new programming technique, a new language, a new library, or something along those lines. As I've progressed through my career, and especially as I've been on the other side of the interview desk, I've changed my tune significantly. My standard response to new programmers is that, in addition to honing their coding skills and learning new languages, they should cross-train in related fields (which I'll explain below).

April 10, 2021

How MIT’s Rockets Are Built: CI From the Trenches #7 [Video]

Ever wanted to know how real rockets are being built? What's involved in bringing hard- and software to space? How to write unit tests for them?

Find out in this episode of 'CI from the Trenches'.

March 26, 2021

BDD Tests on Github Actions With Cucumber Run in Parallel Jobs

Cucumber employs Behavior-Driven Development (BDD) for testing your application. This type of test is often time-consuming when running in the browser. You will learn how to run Cucumber tests on Github Actions using parallel jobs to execute the test suite much faster.

Github Actions Matrix Strategy

March 26, 2021

How Antea Platform is Built: CI From the Trenches #6 [Video]

How is management software for oil and gas plants and platforms built? How many people are working on it? What programming languages do they use?

How does white label software work for a variety of different customers, with different needs and whims?

March 12, 2021

How Gradle is Built: CI From the Trenches #5 [Video]

How is a popular build system like Gradle built? How many people are working on it? What programming languages do they use?

How do they handle pull-request-based development? How do they make sure Gradle runs on a variety of operating systems and JDK versions? What is the difference between Gradle and Gradle Enterprise?

February 12, 2021

How EVE Online Is Built: CI From the Trenches #4 [Video]

How is a massive MMO like EVE Online built? EVE is a single-shard universe holding multiple and recent Guinness World Records.

How many people are working on such a game? What programming languages and version control systems do they use?

January 29, 2021

How World of Tanks Is Built: CI From the Trenches #3 [Video]

How are modern console games like World Of Tanks built and published? How many people are working on such a game? What programming languages do they use?

How and where do they store all the game assets, like graphics and sounds? How long does it take to build World of Tanks from scratch?

April 10, 2020

CI Test Automation Strategy

What happens when you put two top thinkers together to talk about DevOps, continuous integration, and CI test automation strategy?

That’s what happened in November 2019, when Dr. Nicole Forsgren, Google Cloud researcher and strategic thinker, and co-author of Accelerate: The Science of Lean Software and DevOps, joined a webinar with Angie Jones, test automation consultant and automation architect at Applitools.

March 13, 2020

Why Should Testers Start Learning Build Management Tools?

A few months back, I was going through some posts related to Test Automation in Quora. Suddenly a question posted by an anonymous user caught my attention – “What is Maven in Selenium?”

This was not the first time I came across this question or similar questions during my journey as an SDET. This is quite common since there is a lot of confusion regarding the differences between the build automation tools (“Maven” is one of them), and the test automation libraries, mostly among the testers who have just started learning/working on test automation and came across build tools for the first time.

November 1, 2019November 6, 2019

Applying CI/CD to Java Apps Using Spring Boot

I am very excited to share my experiences building Continuous Integration/Continuous Delivery (CI/CD) into Spring-Boot-based Java applications. First, let's establish everything we will learn in this tutorial:

Step 1) Create a Spring Boot Java App using Spring Initializr

October 24, 2019

What is DevOps? The Beginner’s Guide

Originally published August 17, 2016

Turn to page one.

What is DevOps?

Communication, collaboration and integration are the three main principles of the ever-growing, modern approach to software delivery known as “DevOps.” Coined in 2009 by Patrick Debois, the term (development and operations) is an extension of Agile development environments that aims to enhance the process of software delivery as a whole.

October 2, 2019

Setting Up a CI/CD Pipeline With Spring MVC, Jenkins, and Kubernetes on AWS

Can you see the light at the end of the pipeline?

The purpose of this post is to show you how to set up a CI/CD pipeline using Jenkins and deploy it to a Kubernetes cluster.