Deploy Arm-based applications to AWS Graviton2 with CircleCI
Join us as we demonstrate how CircleCI and AWS are able to bring scalability and reliability to the Arm developer community.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
CI CD
The latest News and Information on Continuous Integration and Development, and related technologies.
QA Activities- What Should You Keep In Mind?
When your development team is under pressure to keep releasing new functionality in order to stay ahead of the competition, the time spent on quality assurance (QA) activities can feel like one overhead that you could do without. After all, with automated CI/CD pipelines enabling multiple deployments per day, you can get a fix out pretty quickly if something does go wrong – so why invest the time in testing before release? The reality is that scrimping on software testing is a false economy.
Object validation and conversion with Marshmallow in Python
Marshmallow is a Python library that converts complex data types to and from Python data types. It is a powerful tool for both validating and converting data. In this tutorial, I will be using Marshmallow to validate a simple bookmarks API where users can save their favorite URLs along with a short description of each site.
Your Log4shell Remediation Cookbook Using the JFrog Platform
Last week, a researcher from the Alibaba Cloud Security Team dropped a zero-day remote code execution exploit on Twitter, targeting the extremely popular log4j logging framework for Java (specifically, the 2.x branch called Log4j2). The vulnerability was originally discovered and reported to Apache by the Alibaba cloud security team on November 24th. MITRE assigned CVE-2021-44228 to this vulnerability, which has since been dubbed Log4Shell by security researchers.
How to define software failure
Two of the four DORA metrics, Change Failure Rate and MTTR, require that you first define what failure means. Does failure always mean incident? Or should failure mean rollback? In this video, Don walks you through a couple different ways to define failure, and how Sleuth does it today. SLEUTH A deploy-based DORA / Accelerate Metrics tracker both managers and developers love.
Stop Using Branches for Deploying to Different GitOps Environments
In our big guide for GitOps problems, we briefly explained (see points 3 and 4) how the current crop of GitOps tools don’t really cover the case of promotion between different environments or how even to model multi-cluster setups. The question of “How do I promote a release to the next environment?” is becoming increasingly popular among organizations that want to adopt GitOps.
Building Observability in Your CircleCI Deploy
With Liz Fong Jones, Principal Developer Advocate at Honeycomb and Ryan Pedersen, Senior Solutions Engineer at CircleCI In this talk, you’ll learn how Honeycomb keeps its CircleCI workflow duration at about 10 minutes per build through parallelizing build steps, using native container builders per architecture, and tracing execution of the build to know where to optimize.
Trigger your CircleCI pipelines from a GitHub Actions workflow
If you are already a GitHub user, you may know that GitHub Actions provides you with powerful tools to increase efficiencies in your software delivery life cycle. Actions can be impactful for team collaborations and process simplification. For example, you can automate things like building a container, welcoming new users to your open source projects, managing branches, or triaging issues.
Introduction to JFrog Xray
JFrog Xray is a universal software composition analysis (SCA) solution that natively integrates with Artifactory as part of the JFrog Platform. Xray gives developers and DevSecOps teams an easy way to proactively identify open source vulnerabilities and license compliance violations before they manifest in production.
Build your software distribution fast lane with Distribution Edges
DO YOU NEED TO CONTINUOUSLY PUBLISH AND DISTRIBUTE YOUR SOFTWARE TO SHARE WITH: Then you know what a hassle it can be -- with network bottlenecks, security overhead, and operational challenges managing distribution infrastructure at scale slowing down your releases.