U.S. Department of Defense (DoD) teams that manage DevSecOps software factories or that use DevSecOps factories to develop, secure and operate mission applications, need a trusted repository management system to store their local artifacts as well as artifacts pulled from Iron Bank, the DoD’s central repository of hardened container images. Artifacts that are stored include VM images, container images, binary executables, archives, documentation and many more package types.

The first time I was tasked with maintaining a production server, I relied on a checklist my predecessor had left for me. The checklist contained all the maintenance steps along with their corresponding commands. In those early days, I religiously copied each command, double- and triple-checking each character before pressing the Enter key. Slowly but surely, the commands got committed to memory until one day I realized I did not need the checklist.

Package repositories were never something I thought about as a developer unless something didn’t work. For example, if it was slow, wouldn’t connect, wouldn’t install, or was overly complicated to configure. Mostly I wanted something I barely noticed. Something simple and easy to use.

Is your Helm chart promotion process complicated and difficult to automate? Are rapidly increasing Helm chart versions making your head spin? Do you wish you had a way to quickly and easily see the differences between deployments across all of your environments? If you answered “yes” to any of these questions, then read on! My purpose for writing this article is to share a few of the techniques that I’ve seen make the biggest impact for Codefresh and our customers.

Happy International Day of the Programmer to the coders out there programming our digital world. It is your work and commitment that make the technical community thrive. You create the foundation for the innovations transforming the way we work and live.

Development teams provisioning software services face a constant trade-off between speed and accuracy. New features should be made available in the least possible time with a high amount of accuracy, meaning no downtime. Unforeseen downtime due to human error is common for any manual integration processes your team uses to manage codebases. This kind of unexpected interruption can be one of the key drivers for a team to take on the challenge of automating their integration process.

We are announcing the deprecation of Dispatch, our DKP 1.x CI/CD tool, based on Tekton and ArgoCD. As another step in the continuous improvement of the DKP platform, in DKP 2.0 we have made the move to FluxCD, a CNCF incubator project. Why did we make this decision? Our customers have significant investments in their build pipelines using battle tested technologies such as Jenkins, TeamCity, and CircleCI. It would be a significant change in their workflows to introduce a new CI tool like Tekton.

This blog can provide you with useful information on how to set up a Kubernetes CI/CD workflow using state-of-the-art of open source DevOps tools, whether you are.

One of the reasons we define items as code is it allows for the programmatic creation of resources. This could be for infrastructure, for the packages on your machines, or even for your pipelines. Like many of our clients, at Codefresh we are seeing the benefits of an “everything as code” approach to automation. One of the great things about defining different layers in the stack as code is that these code definitions can start to build on each other.