Tips, Expertise, Articles and Advice from the Pro's for Your Website or Blog to Succeed
This week, we have news of a vulnerability in Argo CD that allowed leaking application secrets, a survey of the state of API security across three regions, a quick read on how to use Postman and OWASP Zap for API security testing, and finally, views on how to distribute authorization services in a microservice architecture.
This week’s major news has been the vulnerability discovered in Argo CD, a popular continuous delivery platform.
This is an article from DZone's 2022 DevOps Trend Report.
For more:
Read the Report
Software firms have long relied on a DevOps approach to enhance agility and collaboration in software delivery. CI/CD pipelines automate processes in the software development lifecycle (SDLC) to enable seamless integration and delivery of new features. While CI/CD pipelines enhance software development through automation and agility, they involve integrating numerous tools and services, which can introduce security gaps. Identifying and remediating these security gaps is key to ensuring secure CI/CD practices. This article presents a general overview of what you need to know as you secure your CI/CD pipeline.
This is an article from DZone's 2022 DevOps Trend Report.
For more:
Read the Report
Continuous integration and continuous deployment are the two major components of DevOps principles. Every organization that wants to move away from the traditional way of working has to learn, design, and implement a mature CI/CD pipeline. Having a mature CI/CD pipeline is a good start for site reliability engineering, but alone, it’s not enough. The site reliability engineering (SRE) methodology brings a new perspective to the software development life cycle by aiming to achieve reliability at scale.
This is an article from DZone's 2022 DevOps Trend Report.
For more:
Read the Report
There have been a few breakthroughs throughout the short history of software development that have completely revolutionized the way we write and release code. From Object-Oriented Programming to web-based languages like JavaScript and TypeScript, these innovations have moved software engineering by leaps and bounds.
This is an article from DZone's 2022 DevOps Trend Report.
For more:
Read the Report
Continuous integration (CI) and continuous delivery (CD) are crucial parts of developing and maintaining any cloud-native application. From my experience, proper adoption of tools and processes makes a CI/CD pipeline simple, secure, and extendable. Cloud native (or cloud based) simply means that an application utilizes cloud services. For example, a cloud-native app can be a web application deployed via Docker containers and uses Azure Container Registry deployed to Azure Kubernetes Services or uses Amazon EC2, AWS Lambda, or Amazon S3 services.
Continuous Integration is considered one of the best practices in development where code integrations are done frequently into the code repository rather than waiting to commit a larger version. As a part of continuous integration, the developer should ensure that integrations should not break the already available code, as being a shared repository would have a significant impact. To solve this problem and show how continuous integration and testing work, we’ll use one of the most popular continuous integration services: Travis CI pipeline.
Travis CI pipeline would help the user report automatic build changes and test the integrations and deployment management. It also helps your code repository with improved and shippable software quality with reduced risks and better collaboration.
CI/CD is a method to frequently deliver apps to customers by introducing automation into the stages of app development.
It is the brief definition of CI/CD from the Red Hat community. So, CI/CD pipelines can be defined as the steps for developers to deliver a new software version or product. In the CI part, pipelines build code and run tests; in the CD part, pipelines deploy and deliver the new version.
In this video tutorial, we are going to explore a demo (part 1) of developing spring boot REST API on AWS.
It involves the following steps:
In the previous posting, we build a Spinnaker pipeline to pull images from Dockerhub to deploy to a Minikube cluster. In this article, we will build a pipeline that deploys to a second staging environment after waiting for the go-ahead from an approval step. Kustomize will, furthermore, be used to illustrate how Spinnaker utilizes its built-in kubectl command to manage configurations from one environment to the next.
The hard yards have been done and it is time for play. Only Kustomize will be added to the soup. Do not despair should you not be familiar with it. This write-up serves as an excellent introduction to Kustomize.
In the previous article, we installed Spinnaker on a Minikube cluster running on Windows 10. In this article, we will add GitHub as a data provider for a Spinnaker pipeline to continuously deploy a dockerized Spring Boot microservice onto the Minikube cluster. The pipeline will be triggered using a Cron job and can be templated so that all one's micro-services are automatically deployed to have a fully up-to-date local development environment at all times.
An understanding of Spring Boot, Github, and Docker Hub is presumed. However, fall-back instructions will be given for those that want to follow a lighter track that pulls the Docker image from the author's registry. However, certain things like proper artifact binding might not work as expected should the full guide not be followed.
Spinnaker is a continuous integration/continuous delivery tool that was started by Netflix in its quest for more agility. This posting will show how to get hands-on experience running Spinnaker on Windows 10.
Minikube provides the ability to run a Kubernetes cluster on local Linux, Mac, or Windows. It can therefore serve as a sandbox environment for Spinnaker training, experimentation or even to keep ones local development environment up to date with all the latest commits.
Today, in a world where online software is expected to be available 24/7 across the globe, engineering teams writing and delivering software are expected to do so at speed, while maintaining quality and security. To help meet the challenge, online CI/CD platforms have emerged to provide everything a developer needs to plan, version, deploy, test, and promote an application from their laptop to a production environment – where an end-user can consume it and provide valuable feedback.
This article will cover the key ingredients of a CI/CD platform, how they are evolving and whether you should try to build your own or utilize an industry leader.
Azure DevOps by Microsoft Azure is one of the leading tools that automate CI/CD’s process and, in turn, supports automatic builds and code projects to make them available to others. The Azure pipelines combine Continuous Integration (CI) and Continuous Delivery (CD) to consistently test and build the code and ship it to the target environment.
In this article, we will learn how to configure an Azure CI/CD pipeline and integrate it to LambdaTest Azure DevOps for bug tracking.
He is a gifted driver. Famed for speed, reverse J, and drifts. He can breeze through the Moscow and Mexico traffic without sweating a drop. Of course, no one gets cracking on Bengaluru roads But despite being so adept behind the wheels, he sometimes fails to champ the street races. Screeching tyres buzz in his head doesn’t let him sleep at times. I wish to tell him it’s not always about the driver, sometimes it’s the engine. That’s what happens when the right dev talent uses wrong, inefficient, incompatible CI/CD tools. The DevOps technologies you chose can abruptly break or smoothly accelerate your software development cycle. This article explores the Ford & the Ferrari of the CI/CD world in detail, CircleCI vs. GitLab, to help you pick the right one.
Modern software development approaches prioritize automating repetitive processes. ‘Lean, modular, iterative development is the new mantra of the dev community.
One of the most common scenarios in an automation framework is to run scripts on different environments like QA, staging, production, etc. There are multiple ways to configure your Cypress framework to run on different environments. I am going to show the three most used methods
In this article, I have explained 3 different methods to run your Cypress tests on multiple environments.
Azure DevOps UI provides an option to trigger multiple days or once a week. We know that many times we need to execute Azure DevOps pipeline triggers once a month, or twice a month, and this can be done using Cron Expressions in Azure DevOps.
Azure DevOps uses NCronTab to evaluate cron expressions, so advanced expressions are not fully supported by Azure DevOps. However, most of the expression is supported so it does the job.