GitOps has become a buzzword. Developers love it, because it folds DevOps into Git, a frequently used and familiar tool. Using one tool to manage multiple DevOps activities sounds fantastic, and it can be helpful for many. The truth is GitOps has limits. In this article, we explore DevOps and GitOps, compare their similarities and differences, and examine how their principles can work together to support your software development goals.
This article discusses the background, impact, identification, and mitigation of Log4Shell, one of the worst vulnerabilities to arise in the past decade. Here at Cloudsmith, security and privacy are paramount. As a hosted package management service helping customers distribute millions of packages worldwide, we're part of the story for securing software supply chains. Read on further to see how the vulnerability works and what you can protect yourself and your users.
When your development team is under pressure to keep releasing new functionality in order to stay ahead of the competition, the time spent on quality assurance (QA) activities can feel like one overhead that you could do without. After all, with automated CI/CD pipelines enabling multiple deployments per day, you can get a fix out pretty quickly if something does go wrong – so why invest the time in testing before release? The reality is that scrimping on software testing is a false economy.
Marshmallow is a Python library that converts complex data types to and from Python data types. It is a powerful tool for both validating and converting data. In this tutorial, I will be using Marshmallow to validate a simple bookmarks API where users can save their favorite URLs along with a short description of each site.
If you are already a GitHub user, you may know that GitHub Actions provides you with powerful tools to increase efficiencies in your software delivery life cycle. Actions can be impactful for team collaborations and process simplification. For example, you can automate things like building a container, welcoming new users to your open source projects, managing branches, or triaging issues.
Automating the deployment of a new web application and the release of feature updates goes a long way towards improving the productivity and efficiency of your development team. Another benefit of automation is that it minimizes or even eliminates repeated manual deployments. Manual deployments introduce the risk of human error during this critical part of the development process.
Another amazing year in the books! And even though we’ve done the ‘By the Numbers’ series for a few years now, this year’s numbers are the best (and biggest) yet. But even better than that? The people behind the numbers. Carrying on the growth we saw in 2020, the most important number to highlight this year is the massive increase in awesome Cloudsmithers we added to the team!
It is no secret that software development is becoming an increasingly complex process. The individual elements of software like apps, libraries, and services are interconnected and dependent on many other elements. Development teams deal with a whole ecosystem of services that they develop, maintain, or depend on, which in turn are dependent on other software ecosystems, maintained by separate teams. Maintaining this ecosystem is as complex as you might imagine.
When planning our 2021 roadmap this time last year, one of the most prominent themes was security. Although we’re not solely in the security category, as a fully managed service in the heart of our customers’ software supply chains, it was always paramount for what we do and still is. Ensuring the integrity and privacy of customer data is our top priority.
Elastic Observability 7.16 introduces curated data exploration views for ad hoc analysis and further extends visibility into complex and distributed systems with the general availability (GA) of dozens of prebuilt Elastic Agent data integrations, observability tooling for continuous integration and continuous delivery (CI/CD) pipelines, and a new native data source integration with Amazon Web Services (AWS) FireLens. These new features allow customers to.
Gatsby is a static website and application generator that makes building powerful React-based frontend applications easy and effective. With over fifty thousand stars on GitHub (51.5k as at the time of this writing), Gatsby stands as one of the most widely used React frameworks. Gatsby is so popular that most hosting platforms offer custom support for the framework. Netlify is one of those platforms.
A key goal for any DevOps team is to shorten the software development cycle and provide continuous delivery of high-quality software. Instead of continuing to the next logical goal, continuous deployment, most companies stop here. Developed code reaches the testing phase automatically, then, successful testing triggers a manual acceptance step. Only then is the application deployed into production.
Software is one of the most complex tools invented for practical use. One misplaced character can break an entire application. So, careful testing is an essential requirement before publishing any code. In this article, you will learn about two fundamental types of software testing, unit testing and integration testing, and how your team can implement them in your CI/CD pipelines to validate your code quickly and deliver new features to your users with confidence.