Today Bitbucket is releasing a new labs feature, "Pending Merges", which allows for automatic merging of pull requests when builds pass. This means no more continually checking back in on your pull request, just waiting and waiting for your builds to pass before you can finally merge it. You will no longer be forced to begrudgingly fix that one-character whitespace typo in your comment that you really should fix, but that means you're in for another 30-60 minutes of watching your builds.

Introducing, adding, or replacing a new SCA (Software Composition Analysis) tool such as JFrog Xray into your SDLC, if not handled correctly, can be very disruptive to the SDLC and organization. This blog post provides recommended best practices for onboarding JFrog Xray; in order to reduce disruption, improve adoption, and shift left to create a DevSecOps behaviour.

In order to have the most successful deployment, there are a few best practices that software development teams should be mindful of. First, following a continuous delivery approach allows software development teams to release in shorter cycles, so that building, testing, and releasing can be done with greater speed and reduced error rates. As stated in an earlier post of ours, you’re doing continuous delivery when: Your software is deployable throughout its lifecycle.

In order to have the most successful deployment, there are a few best practices that software development teams should be mindful of. First, following a continuous delivery approach allows software development teams to release in shorter cycles, so that building, testing, and releasing can be done with greater speed and reduced error rates.

Continuous Integration and Continuous Delivery (CI/CD) delivers services fast, effectively, and accurately. In doing so, CI/CD pipelines have become the mainstay of effective DevOps. But this process needs accurate, timely, contextual data if it’s to operate effectively. This critical data comes in the form of logs and this article will guide you through optimizing logs for CI/CD.

Jessica Deen’s swampUP 2020 talk takes Kubernetes to the next level. If you want to understand how to make your K8s implementation enterprise grade, then this is the session for you. JFrog was proud to announce Jessica Deen, Microsoft Azure Avenger, as the winner of the inaugural swampUP Carl Quinn Speaker Award. Jessica’s talk was full of demos, practical advice, and covered a wide range of real-world situations.

I’ve recently co-founded a startup, and after working so long in more mature enterprises with diverse toolchains, it was actually massively educational to return to first steps and figure out what our critical needs were, balanced with essentially zero budget. As we’ve grown and raised money, we’ve graduated in some areas to other tools, but I wanted to share what we felt were the absolute can’t-live-without-tools for a team building SaaS software.

Adopting cloud native technologies like Kubernetes and Helm means your company’s operations can sail swiftly across the globe’s oceans to reach teams and customers. But there are dangers in the deep. With many components in Kubernetes, securing every dimension can be quite challenging and require a bit of learning curve. Let’s identify some important best practices that can help you to steer straight.