The simplest way to ensure the safety of all the open source (OSS) components used by your teams and sites, is with a software composition analysis (SCA) tool. You need an automated and reliable way to manage and keep track of your open source usage. With JFrog Xray, you can set up vulnerability and license compliance scanning built into your software development lifecycle (SDLC).

Keeping up with customer demand and staying ahead of the competition requires fast releases and efficient code. This is where DevOps comes into play. Where DevOps is the practice, mindset, and culture of combining software development (i.e. Dev) and IT operations (i.e. Ops) to accelerate the development lifecycle and provide continuous delivery without compromising quality.

Bitbucket Pipelines now allows you to talk to your favorite third-party applications without an access token or secret. You no longer need to store your secrets in Bitbucket Pipelines. You can generate an OpenID Connect token in Bitbucket Pipelines, and use that to talk to any third-party application that supports OpenID Connect.

We’ve launched a new Android template in Bitbucket Pipelines. This template helps you automate building and testing an Android project in a Docker container, using Gradle as your build tool. Access the template code here or go to the Pipelines tab of your repo and select the Android template. This blog walks you through how this template is structured and has tips on how you can scale it.

Once my new projects are almost ready to share with the team and I can build and test them locally, I’ll need a CI automation tool to test and deploy each release. As a Principal Consultant Declarative Systems, I’ve been recommending JFrog Artifactory to clients looking to bullet-proof their deployments since 2016. After considering different CI solutions, we found that JFrog Pipelines has the best integration with Artifactory which made choosing this platform a no-brainer.

For many software engineers and developers, using standard libraries or built-in objects is just not enough. To save time and increase efficiency, most developers build on work done by others. Whatever the coding problem, there is likely another programmer who has already created a solution for it. There is usually no need to repeat the problem-solving process. This principle is known as Do not Repeat Yourself or DRY.

If you shudder thinking about compilation for different platforms, I know the feeling. One of the Java promises, the WORA (Write Once, Run Anywhere) principle, while revolutionizing platform independence, it stopped short of one more step – to be able to deploy anywhere. Personally, I think that WORADA sounds awesome, but I guess before Docker it didn’t occur to people that eliminating “works on my machine” is as simple as shipping your machine.

Kubernetes can bring a wide collection of advantages to a development organization, but efficiently deploying applications to Kubernetes is something many organizations are still working to perfect. Properly using Kubernetes can significantly improve productivity, empower you to better utilize your cloud spend, and improve application stability and reliability. On the flip side, if you are not properly leveraging Kubernetes, your would-be benefits become drawbacks.

Our team at CircleCI has been hard at work this past year. From rolling out major product additions like CircleCI Insights and private orbs, along with educational resources like our developer hub and State of Software Delivery Report that includes the first CI/CD benchmarks for high-performing engineering teams, it seems like every day there is something new to look forward to. All of this has taken place during unprecedented times for everyone across the globe.

This blog will take you on a step-by-step journey to show you how you can leverage your Kubernetes cluster resources to run your CI/CD workflows using the Codefresh hybrid solution. What Is the Codefresh Hybrid Solution and How Does It Work? The Codefresh hybrid solution provides you with a way of running the platform’s workflows on your Kubernetes resources, keeping your private resources safe while enjoying the benefits of a SaaS solution.