Operations | Monitoring | ITSM | DevOps | Cloud

May 2022

Deploying a Laravel application to Heroku

In this tutorial, I will show you how to set up a continuous deployment pipeline to deploy a Laravel application to the Heroku platform with minimum hassle. Automating deployment helps teams limit human intervention during the deployment process, reducing the risk of errors and streamlining the entire software release process.

5 Experiences from JFrog swampUP 2022 San Diego that will Get You Excited for What's Next

Last week hundreds of community leaders, customers, and partners gathered in San Diego for the first stop of JFrog’s multi-city swampUp world tour! It was my first in-person swampUP and I can’t tell you how invigorating it was to see everyone back together, in-person again. As I was walking the halls and sitting in on the keynote sessions, I felt like I was at a big reunion of old colleagues and friends who have not seen each other in years.

CI/CD Pipelines for Kubernetes: Best Practices and Tools

Kubernetes is today’s leading container management platform, due to its comprehensive API and developer-friendly features. Using Kubernetes, you can create scalable and reliable applications that run on-premises systems and public clouds. Its out-of-the-box features allow it to distribute hundreds of instances over data centers and keep them up and running. In order to catch up with the automation level of Kubernetes, developing and deploying applications requires more autonomy.

Testing Flask framework with Pytest

Writing tests in any programming language can be difficult, but it does not have to be. In this tutorial, I will show you how you can easily write and run tests using Flask and Pytest. As a bonus, we will also integrate a CI/CD pipeline to run tests on a Flask app using CircleCI. Be sure to check out our other Flask tutorials to learn about application logging, authentication decorators, and automating Flask deployments.

DevOps for startups

It is an exciting time to be a startup. Our vast technological landscape has made powerful digital tools available to businesses of all sizes, making starting (and scaling) an organization easier than ever before. In an era where technology is a fundamental building block of almost every business, methodologies like DevOps have become ubiquitous across many industries.

Drew McManus on Agile in practice and lessons from Pivotal Labs

Rob sits down with Drew McManus, CEO of 33 Teams to discuss Agile development. Hear stories from Drew's time at Pivotal Labs and the valuable lessons he's taking with him. This episode covers how to suggest change, finding the best Agile practices for you, and how working with the right people may be worth a career shift.

Serverless vs containers: Which is best for your application?

To keep ahead of the curve, many organizations are looking at how to evolve their technical processes to accelerate their IT infrastructure development. Fast and robust deployments to the latest platforms are key to achieving the low lead times that enable this evolution. Two of the most widely-used technologies to host these deployments are serverless functions and containers. What are they, how do they differ, and how do you decide which is best for your application?

Top 30+ Best DevOps Tools in 2022: A Comprehensive List of Automation Technologies You May Not Be Using in Your Pipeline

The software is getting more and more complicated and so is the infrastructure behind it. It is no longer what it used to be with a single web or application server and a database backing it up. Throughout the years, the infrastructure has become more and more complicated. We have multiple databases, queues, datastores, search engines, and configurations. We want to incorporate continuous delivery and automated testing and deploy everything easily.

JFrog Connect: Ready for What's Next for DevSecOps, Edge and IoT

Today at swampUP, our annual DevOps conference, JFrog CTO Yoav Landman unveiled the next step toward making the Liquid Software vision of continuous, secure updates a truly universal reality. We’ve introduced JFrog Connect, a new solution designed to help developers update, manage, monitor, and secure remote Linux & Internet of Things (IoT) devices at scale.
Featured Post

The Evolution of Software Trends in 2022

Software delivery has never been more critical to the success of business in every industry. It's also never been more complex. With the growing challenges of complexity, how can engineering teams succeed? After analyzing millions of workflows from more than 50,000 organizations across the world, here are a few truths of software delivery today.

Docker image versus container: What are the differences?

If you are new to Docker, you may find it challenging to understand all the terms. It can seem like everyone has a different idea of what Docker terms mean, and sometimes, terms get used interchangeably. For instance, you — like others who are learning about Docker — may wonder how a Docker image differs from a Docker container. Their contrasts are subtle but significant.

Continuous integration for React applications using Jest and Enzyme

React continues to be the web framework of choice for many UI developers, surpassing jQuery as the most popular framweork in the 2021 Stack Overflow Developer Survey. It provides an intuitive model for building data-driven user interfaces, and efficiently updates the DOM when this data changes. React pairs nicely with Redux for managing the data that React needs to render interfaces. Redux offers a predictable way to structure and update the data in those frontend applications.

AWS Production Deployment Checklist

CI/CD is now an inevitable need of every modern application. Many startup companies adopt CI/CD with a good cloud vendor. Still, they do not follow the guidelines needed for successful deployment, and even if they do that, they find difficulty scaling the application. Here in this article, we will go through a comprehensive checklist to help you perform stable and successful production deployments on AWS.

Automate testing for Golang Gin-gonic RESTful APIs

Gin is a high-performance HTTP web framework written in Golang. It contains features and functionalities like routing and middleware out of the box. This helps to reduce boilerplate code, improves productivity, and simplifies the process of building microservices. In this tutorial, I will guide you through the process of building a RESTful API with Golang using the Gin-gonic framework. I will also lead you through building an API to manage the basic details of a company.

Continuous Performance Testing in CI Pipelines: CircleCI

With over 50,000 active organizations and 250 million workflows, CircleCI is one of the most popular networked CI platforms. When getting started with CI pipelines, teams typically want to ensure that code will compile, pass unit tests, and build a container image. After catching these low hanging fruit of syntax errors, engineering teams need to dig much further to find business logic and scalability errors.

Improving performance on complex diffs

Bitbucket Cloud is making changes to pull request diff functionality that will improve diff performance, particularly on complex diffs. We are changing our diff algorithm from what we call a '3-way' diff to a 2-way 'three-dot' diff, which will show the difference between the tip of a source branch and the commit from which it branched off the destination, as shown below. This new diff will be implemented on the Pull request page and Branch page in the coming weeks.

Software bill of materials: What it is and why you need one

Most organizations that make software — from small startups to multi-billion-dollar behemoths — use third-party libraries and tools to develop their applications. Modern apps depend on many external components to build and deliver software to customers. These libraries and tools are collectively called the software supply chain. A software supply chain for a typical web app may include components like these.

Making HTTP requests with Axios

Axios is a promise-based HTTP library that lets developers make requests to either their own or a third-party server to fetch data. It offers different ways of making requests such as GET, POST, PUT/PATCH, and DELETE. In this tutorial, I will explain how Axios interacts with applications, describe the structure of Axios requests and responses, how to make requests to an API, and how to write tests for your requests using CircleCI.

What is Continuous Integration and Continuous Delivery?

Continuous integration is a DevOps practice, where developers continuously integrate the code changes into a central repository. It most often refers to the build or the integration stage of the software release process. A continuous integration service helps to automatically build and run unit tests on the new code changes to find any errors instantly.

What is Continuous Integration (CI) - Best Practices, Benefits of CI, Tools

Continuous integration (CI) is a development practice where development teams can make small, frequent changes to code. With an automated build which verified the code each time developers verify their changes into the version control repository. Which helps the development teams to detect any defect in an early stage. Continuous integration is the first part of CI/CD, which enables the development team to release the code changes gradually to production quickly and regularly.

Application logging with Flask

Without logs, or a good understanding of them, debugging an application or looking through an error stack trace can be challenging. Luckily, Flask logging can change the way you understand debugging and how you interact with logs produced by the application. The Flask logging module gives you a way to record errors over different severity levels. A default logging module is included in the Python standard library, and it provides both simple and advanced logging functions.

Announcing support for Windows runners in Bitbucket Pipelines

We are happy to announce that Bitbucket Pipelines now supports self-hosted runners on Windows. You can create a self-hosted runner and run it on your Windows infrastructure to run builds with the.Net framework. Since you're using your own runner, you won’t be charged for any Bitbucket Pipelines build minutes. This self-hosted runner will be non-containerized, allowing your CI/CD step to access the host’s hardware, such as the graphics card or any connected external devices.

Codefresh Upends Continuous Delivery with Hosted GitOps Platform featuring DORA dashboards and first-class integrations for CI.

Today we’re excited to make three major announcements. First, we’re making it easier to adopt the very popular Codefresh GitOps CD with a fully SaaS offering that is hosted and managed by Codefresh. We’ve heard from many in the community that they’d like to get away from managing Argo CD and focus just on deploying and managing their applications. Hosted GitOps CD makes it easier than ever to adopt GitOps, just create an account, connect your target clusters, and deploy.

Deploying K3s with Ansible

There are many different ways to run a Kubernetes cluster, from setting everything up manually to using a lightweight distribution like K3s. K3s is a Kubernetes distribution built for IoT and edge computing and is excellent for running on low-powered devices like Raspberry Pis. However, you aren’t limited to running it on low-powered hardware; it can be used for anything from a Homelab up to a Production cluster.

How to write optimized & secure docker file to create docker images

How to write optimized and secure docker file to create docker image. Learn the simplest approach to Docker images and how to use them using a Docker repository, such as Docker Hub, or hosting your own private repository. What you will learn from this video: What is docker? How to write a docker file? How to write an optimized docker file? How to write a secure docker file? What about the docker repository? How to put or host docker images?

Incident response: leadership & psychological safety with Jeli founder Nora Jones

Incident response can tricky. How do you create a culture prepared to handle it in a healthy and efficient way? What should and shouldn't leaders be involved in? How do you create a psychologically safe environment? Find out in this episode as Rob as he interviews Jeli founder Nora Jones on the do's and don'ts of incident response.

Code quality metrics: How to evaluate and improve your code

High-quality code is efficient and reliable, runs well without bugs, and meets user needs. It can cope with errors or unusual conditions. It is also easy to understand, maintain, and expand with new features. Additionally, its portability means that it can run on as many machines as reasonably possible. Development teams work with codebases that are constantly changing. They add, delete, and modify existing code to improve speed or implement new features.

Beyond CI/CD: The Software Supply Chain Is the Enterprise Path to Production

For those managing enterprise software development organizations, the concept of software supply chains—that is, the set of sources and actions that take software from “raw materials” to a finished product—might represent an abstract concept. While this definition is essentially correct, it doesn’t do enough to explain how supply chains can be complementary to your existing continuous integration and continuous deployment (CI/CD) environments.

Creating snapshots in Jest for testing React applications

Automated tests are especially important in large applications that have lots of moving parts. It is smart to learn about many methods of testing applications so that you can provide as much coverage as possible. If you are not familiar with using snapshots in testing, read on. Snapshot tests are written as part of frontend test automation.

Are metrics vendors lying? Reaction to Gergerly Orosz's tweet

Gergely Orosz said measuring developer productivity by visualizing JIRA+git stats is a dead-end if you want truly high-performing teams, and that engineering managers hang on to this hope, fueled by vendors claiming how these tools helps teams ship better/faster. So are metrics vendors lying? Find out what Don has to say. SLEUTH A deploy-based DORA / Accelerate Metrics tracker both managers and developers love.

Standardizing your GitOps Definition - Ravi Lachhman, Shipa (Meetup for Argo)

Believe it or not, the GitOps paradigm is now going on year five since the defining piece from WeaveWorks. So, at least in theory, leveraging a declarative approach that pairs Kubernetes with GitOps pillars is not novel at this point. But the trickier question right now – and one open to no shortage of interpretation – is what you are sending to a GitOps Engine. The multiple paths of creating Kubernetes manifests and packaging (like Helm, Kustomize, JSonnett, etc) are largely leaving us to our own devices for abstraction. Is an app an app if there is no longer a templating engine?

Cloud-Hosted or Cloud-Native? Discover Why Cloudsmith Was Born in the Cloud

Today, almost every service now is offered in a “Cloud” variant. But what does that really mean? Are all clouds services equal? It’s easy to see why so many vendors rush to add a Cloud edition/variant of established software they sell. Undoubtedly, there has been a move to Cloud services across the industry, as more and more organizations seek to take advantage of the higher reliability and lower total cost of ownership that Cloud platforms promise.

Efforts to Secure OSS fired up after Log4Shell

Who would have thought software could rattle the White House? But a vulnerability in Log4J, a popular open source software project, exposed critical digital infrastructure to remote code execution attacks. This prompted the US Government to engage big tech, infosec professionals, and open source organizations to come together to help secure open source software.

DevOps Horror Stories: Repository of Horror

Just when you thought it was safe to go back in the water... Is there anything more frightening than the unknown? Anything the mind can conjure up is frequently scarier than something realized. The shark in Jaws is terrifying because you don’t see it until it’s too late. It’s a silent, relentless death machine, hiding in the water. A software vulnerability is the unknown, hidden deep within an ocean of code, packages and container dependencies.

Run Synthetic tests in your CI/CD pipelines with the Datadog CircleCI orb

CircleCI is a CI/CD service that allows organizations to rapidly build, test, and deploy within their pipelines on a single platform. If you are using CircleCI for your CI/CD pipelines, you can now leverage the Datadog Synthetics CircleCI orb to implement Synthetic tests as part of shift-left testing. CI/CD testing is a widely adopted DevOps standard that helps teams mitigate any potential issues that could arise as a result of faulty code deployments.

How to Set up a Jenkins CI/CD Pipeline for Your Golang App

Bringing the best software solutions to market as quickly as possible requires using automation to facilitate repetitive tasks (e.g., testing) so you can spend more time writing high-quality code. This is one of the main reasons why today’s top-performing dev teams build continuous integration (CI) and continuous delivery or continuous deployment (CD) pipelines, which enable them to ship new releases faster.

Complete Your Cloud Kubernetes Registry With Terraform Repositories in Artifactory

When developing container-based services that will be orchestrated by Kubernetes, Terraform is an essential part of your artifact ecosystem. These infrastructure-as-code configuration files help automate the provisioning and maintenance of the cloud environments where your K8s applications will run. That’s why it’s great news that you can now store your Terraform modules, providers, and remote state files in Artifactory as a part of your software supply chain.

JFrog Artifactory As Your NuGet Symbol Server

We’ve got great news for.NET developers – JFrog Artifactory can now act as your fully featured Symbol Server! Artifactory has long offered native support for NuGet packages, now developers can also store their symbol files in Artifactory where they can be indexed and consumed by the Visual Studio Debugger and other debugging tools.