Operations | Monitoring | ITSM | DevOps | Cloud

Zero trust security for CI/CD pipelines

The zero trust security model is an approach to network security that enforces strict access controls and authentication at every stage of the software development lifecycle. It treats every user, device, and transaction as a security risk and uses the principle of least privilege to restrict access to sensitive resources and minimize the potential attack surface.

A guide to static application security testing (SAST)

Static application security testing (SAST) involves analyzing source code to identify and address potential security vulnerabilities. Using SAST early in development identifies threats before they can affect a live environment. SAST is particularly important for continuous integration and continuous deployment (CI/CD) pipelines. These pipelines automate the integration of new code changes into the main codebase and deploy applications to production environments.

Setting up continuous integration with CircleCI and GitLab

CircleCI supports GitLab as a version control system (VCS). In this tutorial you will learn how to set up your first CircleCI CI/CD pipeline for a project hosted on GitLab. As GitLab can be used either as a SaaS tool, as well as self-managed on-premise installation, I will cover the steps to connect it with CircleCI for both.

Role-based credential management with OIDC

In our article on managing static credentials, we discussed the necessity of secrets — the passwords, tokens, and API keys that connect digital services together — and the importance of keeping them secure so that your infrastructure and data are kept safe from intrusion and misuse. For organizations delivering software at scale, managing credentials across multiple teams and projects can quickly become tedious and error-prone, creating bottlenecks and unnecessary risk.

Static credential management for platform engineers

Cloud CI/CD is a force multiplier for development teams, especially those working remotely. Automated CI/CD takes load off of developers, allowing them to focus on building better products. Hosted CI/CD adds further benefit to this, ensuring that this newfound capacity isn’t spent managing the testing and deployment infrastructure, and that remote team members have easy access to CI/CD tools.

CircleCI config policies: A tale of empowerment and control

If you’ve worked in a large, security-minded organization, you know how developers’ need for speed often clashes with the organization’s need for security. Often this conflict erupts into a high-stakes battle between two teams with very different priorities and perspectives. Ok, it may not always be so dramatic, but the challenge of control and empowerment is very real.

Deploy a Dockerized Go application to Azure

As a software engineer, one of your goals is to ensure that your product can be accessed globally by your customers. It’s not enough that an app is bug-free and works flawlessly if it only works on localhost. Docker was introduced to solve the “it works on my machine” problem. For example, the particular version of a programming language a developer is using on Windows or MacOS may not be working on the hosting server.

Open sourcing the CircleCI Language Server

The official CircleCI extension for Visual Studio Code is now available for anyone to download on the VS Code Marketplace. This extension was developed by the Developer Experience team of CircleCI and it includes two sets of features: the pipeline manager and the config helper. The config helper provides language support for CircleCI YAML files.

Automating deployment to an EKS cluster using CircleCI and Helm Charts

Kubernetes is a container orchestration system for automating deployment and managing containerized applications. Helm is a Kubernetes package manager that helps you define, install, and upgrade Kubernetes applications. It lets you define reusable templates for Kubernetes components (deployment, service, hpa, service account, etc.) that can be published and shared across applications. In this tutorial, you will learn how to build and install Helm charts for your application to an AWS EKS cluster.

What is Helm? A complete guide

Helm is a tool that automates the creation, packaging, configuration, and deployment of Kubernetes applications by combining your configuration files into a single reusable package. In a microservice architecture, you create more microservices as the application grows, making it increasingly difficult to manage. Kubernetes, an open source container orchestration technology, simplifies the process by grouping multiple microservices into a single deployment.