%term

The latest News and Information on Continuous Integration and Development, and related technologies.

CI/CD Pipeline Security 101

Apr 23, 2021 By Juho Nurminen In Mattermost

In our previous post, we discussed the recent security incident at Codecov and the following investigation at Mattermost. As a follow-up to that we wanted to share some of the basic design principles as well as a handful of more technical tips and tricks around CI/CD pipeline security that helped Mattermost come out of the incident unscathed.

Read Post

Mattermost

Read more about CI/CD Pipeline Security 101

Collision 2021 - Securing Software Pipelines with Continuous Packaging

Apr 22, 2021 By Cloudsmith In Cloudsmith

Building automation and security into software supply chains requires packaging source code, dependencies and containers into logical, versioned units. But, in 2021, how engineers package their software is more vital than ever, requiring a serious refresh with a name befitting its focus on security within the cloud. We call it Continuous Packaging. Now on-demand, watch our talk from Collision Conference 2021 where we explored Continuous Packaging and how it can help secure your delivery pipelines, from development through to deployment.

View Video

Cloudsmith

CI CD
DevOps

Read more about Collision 2021 - Securing Software Pipelines with Continuous Packaging

Editing Pull Requests just got a little easier

Apr 22, 2021 By Sukeerthi Khadri In Atlassian

Bitbucket Cloud’s code review experience is highlighted by the pull request view – a central place to view and discuss proposed changes, create actionable tasks from discussion, and reach a consensus on the changes making their way to your codebase.

Read Post

Atlassian

Read more about Editing Pull Requests just got a little easier

How We Improved Our DB Sync Performance | JFrog Xray

Apr 22, 2021 By Batel Tova and Noam Shemesh In JFrog

We all want to develop everything super fast. So, when something like a “simple” database sync process takes ages, we need to think outside the box. Here are the solutions we implemented, in JFrog Xray, to improve our DB performance, reducing the sync time from 16 hours to 2 hours!

Read Post

JFrog

Read more about How We Improved Our DB Sync Performance | JFrog Xray

Using Harness to deploy packages from Cloudsmith

Apr 20, 2021 By Cloudsmith In Cloudsmith

A short demo of how you can use Harness CD to deploy a docker image from a private Cloudsmith repository to an AWS ECS Cluster.

View Video

Cloudsmith

CI CD
DevOps

Read more about Using Harness to deploy packages from Cloudsmith

JFrog Artifactory Terraform Provider Gains Xray Functionality

Apr 20, 2021 By Ryn Daniels In JFrog

A few months ago, I was asked if I wanted to develop an open-source Terraform provider. Eleanor Saitta, principal at Systems Structure Ltd, had a client who was setting up JFrog Xray across their Github repositories but didn’t want to configure each repository by hand. As an SRE who enjoys working on projects that automate away those sorts of pain points (and someone who works extensively with Terraform during their day job), this sounded like an interesting project to work on.

Read Post

JFrog

Read more about JFrog Artifactory Terraform Provider Gains Xray Functionality

We are rolling out Docker v20 to Pipelines in June 2021

Apr 19, 2021 By Tung Tran In Atlassian

Docker v20 was officially released a few months ago, bringing new features that will make your builds faster and more secure. We will be progressively rolling out the new version to Bitbucket Pipelines throughout the month of June 2021.

Read Post

Atlassian

Read more about We are rolling out Docker v20 to Pipelines in June 2021

Sleuth + SOC 2 Type II: Our constant commitment to security

Apr 14, 2021 By Dylan Etkin In Sleuth

‍In Sleuth’s continuing efforts to help our customers to deliver faster and safer, we have always put security as a top-level business priority. Security and privacy of our customers’ data is always in the forefront of our design, development, and deployment concerns. We understand the level of trust our customers put in us when they connect key systems together with Sleuth.

Read Post

Sleuth

Read more about Sleuth + SOC 2 Type II: Our constant commitment to security

3D-printed, Sleuth logo UNBOXING

Apr 14, 2021 By Sleuth In Sleuth

Andy, a regular viewer of Don's dev-focused Twitch streams, created a 3D-printed, 100 LED RGB Sleuth logo, and this is its unboxing. Don and Andy also get it working, connected to the internet, then Don extends his Twitch chat bot to allow viewers to change the logo's lights. The stream finishes with Don hooking the logo up to Twitch follow events so that when a viewer starts following, the logo lights up. This video is a lightly edited from the original Twitch stream. Huge thanks to Andy for building and sharing such a cool project!

View Video