Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on Continuous Integration and Development, and related technologies.

Let's talk engineering; building software by building community

For the past three years, I have been running and facilitating a community where folks from all levels and departments at CircleCI can come together to discuss diverse topics. We call it “Let’s Talk Engineering.” Some of the topics we’ve covered have been technical in nature, while others have focused more on leadership: how different teams operate, personal growth, and writing to name a few. Let’s Talk Engineering celebrates interdisciplinarity and multidisciplinarity.

IP ranges - better security for more confidence

Today, we’re announcing that one of our most popular feature requests, IP ranges, is now generally available for CircleCI Cloud customers. This feature enables teams to meet compliance requirements by limiting the connections that communicate with their infrastructure. No company wants to give the entire internet access to their artifact repositories or other sensitive environments. With IP ranges, teams are able to open up their IP-based firewalls to only CircleCI.

Run Datadog Synthetic tests in your Jenkins pipelines

Continuous integration (CI) has become the mainstream approach to software development as it enables organizations to iterate quickly while minimizing the risk of releasing faulty code. To implement CI, many organizations rely on Jenkins—one of the most mature and widely used automation servers on the market. Jenkins comes with hundreds of community-backed plugins to help you easily integrate it with other tools in your development workflow.

Mind Your Dependencies: Defending against malicious npm packages

Modern software projects are mostly composed of open source code. The question of who really controls this code, and is responsible for detecting and fixing software supply chain security issues, became a significant source of concern after the discovery of the Log4Shell vulnerability.

Running regular security scans with scheduled pipelines

Security is a vital part of application development, yet it may be neglected until an attacker takes advantage of a vulnerability in the system. The consequences of a security breach can damage an application’s integrity as well as a company’s reputation and revenue. Software architects and engineers need to pay special attention to securing the systems they work on.

Continuous Service Virtualization, Part 2: Steps for Optimizing DevOps

In my prior blog, Continuous Service Virtualization, Part 1: Introduction and Best Practices, we offered an introduction to continuous service virtualization (SV) and discussed some key best practices. In this, the second and final post in the series, we will discuss the continuous SV lifecycle and how it helps to optimize DevOps and the continuous integration/continuous delivery (CI/CD) pipeline.

Continuous Software Pipelines: Why Enterprises Are Going Cloud-Native Dev Week Enterprise Open Talk

Your entire tech stack is likely in the Cloud - so why aren’t your software packages? Whether you’re currently on-premise, have your own in-house solution or have a bit of a hybrid set up, join us in this session to explore:- Why enterprise organizations are making the move from on-premise solutions to completely Cloud-Native ones- What this means for improving, scaling, and securing their CI/CD pipelines- What the benefits of this are over cloud-hosted- How to easily set up a secure, cloud-native software pipeline in 60 seconds.