For CFEngine we manage several public and private repositories of code in GitHub for our Open Source and Enterprise products. In order to ensure quality we run many checks on the code both with nightly builds as well as on each pull request. We use a Jenkins server for nightlies which also includes more extensive deployment tests on all of the platforms we support. Previously we had used Travis for many of these checks but that system started to show its age and limitations.

Software development, DevOps has emerged as a game-changer. It’s not just a buzzword; it’s a cultural and technological shift that allows organizations to accelerate their software delivery while maintaining high quality and reliability. However, successful DevOps implementation is not merely about adopting a set of tools or following a predefined set of rules. It’s a holistic approach that requires a deep understanding of key principles.

Don: The debate is over - how should you structure your software teams? That question is now answered in this year's State of DevOps report 2023. Other questions answered include: How does AI affect my company and team performance? How can we quantify the impact of culture on performance burnout? What even is culture in the first place? All these things are included in the State of DevOps report 2023. We have a very special guest, Eric Maxwell from the DORA group, to offer his takes on the report.

Our 1st blog in our series on securely consuming OSS. Today, I'll give an overview of some of the most common types of attacks from consuming OSS. Open-source software (OSS) fuels innovation. Over 96% of commercial applications rely on at least one OSS component (Synopsys, 2023). At Cloudsmith, we champion OSS and understand its indispensable role in today's software landscape. However, the escalating threat of supply chain attacks targeting OSS demands a robust defence.

As Kubernetes continues to dominate the container orchestration landscape, ensuring the reliability and stability of applications running on this platform is paramount. Testing in a Kubernetes-native environment demands specialized tools that understand the intricacies of containerized deployments. Enter TestKube, a powerful testing framework designed specifically for Kubernetes.

In the ever-evolving world of software development and operations, DevOps has emerged as a game-changer. DevOps, short for Development and Operations, is a set of practices and principles that bridge the gap between these two traditionally siloed domains, fostering collaboration and accelerating the delivery of high-quality software. At the heart of DevOps lies automation, a powerful force that revolutionizes the way software is developed, tested, and deployed.

Most development teams know that testing the application layer of a system (a.k.a the codebase) is of vital importance. Testing the data layer (the database) is just as important. To perform database testing, you construct queries to assert and validate the database operations, structures, and attributes required by the application connecting to the database.

Are your CI/CD pipelines at risk? They might be if you use long-lived, static credentials and tokens. Long-lived, static credentials and tokens are one of the most common causes of data breaches in cloud environments. CI/CD tools need access to cloud services to publish artifacts, deploy software, and access resources on their cloud provider. So, they need credentials. It's tempting to hard-code them. But that's a bad idea.

To excel in embedded development in 2023, it is essential to have a solid understanding of build systems, continuous integration, and deployment strategies. This workshop by Percepio training partner Jacob Beningo aims to provide a comprehensive primer on these practices, equipping participants with the knowledge and skills necessary to tackle complex firmware projects with confidence.

Software development, the evolution of DevOps has been nothing short of revolutionary. What began as a simple concept has transformed into a best practice that is reshaping the way organisations develop, deploy, and maintain their software. In this blog post, we will take a journey through the evolution of DevOps, from its humble beginnings to its current status as an indispensable part of modern software development.

The benefits of automating deployments for your Java Spring Boot application are undoubtable. Not only is it possible to set up images and run tests or compatibility checks before updating the production environment, but CI/CD providers like CircleCI take a step further by streamlining the entire delivery process from code changes to deployment. Many teams assume that the specifics of their development stack or deployment process will make automation difficult to achieve.

Continuous integration (CI) is the process of integrating changes from multiple contributors to create a single software project. A key component for a smooth CI pipeline is testing. Tests prove that the code does exactly what it says on the tin and that it’s safe to merge the code into the central repository. Tests also anticipate edge cases and ensure that the code handles such cases in a deterministic manner.

DevOps practices in software development have revolutionized the way updates are released. However, many companies entrenched in ITIL practices find it challenging to seamlessly integrate with the DevOps practice of Continuous Integration and Continuous Delivery/Deployment (CI/CD). This is because ITIL focuses on stability, which suits older systems, while DevOps is ideal for modern setups with its agile, automated practices.

When a headhunter reached out to me about the CEO role at Cloudsmith (where I started in August!), one of the first things I did was sign up for a trial account. The product's depth and sophistication really impressed me, and contributed to my decision to go ahead with the interviews. (Glad I did.) They were right; our web interface is still largely a Django web app, tightly coupled to the back end, and you can see the Bootstrap showing everywhere.

Last year we launched the Codefresh delivery platform powered by Argo. After the initial launch we started collecting feedback from all companies that tried it (as well as existing customers) and cataloged all feature requests and implementation ideas. The main goal is always to iterate quickly and address the most common issues in the most efficient way possible.

When it comes to building and delivering modern web applications, the importance of continuous integration cannot be overemphasized. With the rapid pace of software development, ensuring that every change in your codebase is thoroughly tested and seamlessly integrated into your project is essential for maintaining a robust and dependable application.

In the previous article of the series, we explained how to use Configmap generators in order to use Progressive Delivery for your configuration (and not just the container images). In this post, we will also cover another popular question: how to use Argo Rollouts with multiple services. Argo Rollouts is a Kubernetes controller that allows you to perform advanced deployment methods in a Kubernetes cluster. By default, it only supports a single service/application.

This tutorial provides an easy-to-understand introduction on how to run your mobile gaming CI/CD in the cloud using CircleCI, GameCI, and Unity.

Continuous Integration/Continuous Deployment (CI/CD), the ability to adapt swiftly to fluctuating workloads is paramount. Kubernetes, with its dynamic orchestration capabilities, offers an invaluable toolset for achieving seamless scalability. This article explores the concept of Kubernetes autoscaling and its pivotal role in optimising CI/CD pipelines.