Using Semaphore CI to Push packages to Cloudsmith
A short demo of how you can set up a Semaphore CI workflow to push a package to a private Cloudsmith repository.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
Cloudsmith
Cloud-Hosted of Cloud-Native? Discover Why Cloudsmith Was Born in the Cloud
Today, almost every service now is offered in a “Cloud” variant. But what does that really mean? Are all clouds services equal? It’s easy to see why so many vendors rush to add a Cloud edition/variant of established software they sell. Undoubtedly, there has been a move to Cloud services across the industry, as more and more organizations seek to take advantage of the higher reliability and lower total cost of ownership that Cloud platforms promise.
Integrating a Cloudsmith repository with a Harness CD pipeline
In this blog, we will walk through the process of configuring a private Cloudsmith repository as an artifact source for a Harness Continuous Deployment pipeline. Harness is a Continuous Deployment platform that allows you to easily automate the deployment of your software to your infrastructure and environments.
Collision 2021 - Securing Software Pipelines with Continuous Packaging
Building automation and security into software supply chains requires packaging source code, dependencies and containers into logical, versioned units. But, in 2021, how engineers package their software is more vital than ever, requiring a serious refresh with a name befitting its focus on security within the cloud. We call it Continuous Packaging. Now on-demand, watch our talk from Collision Conference 2021 where we explored Continuous Packaging and how it can help secure your delivery pipelines, from development through to deployment.
Using Harness to deploy packages from Cloudsmith
A short demo of how you can use Harness CD to deploy a docker image from a private Cloudsmith repository to an AWS ECS Cluster.
Thoughts On the Codecov Breach
It was revealed just a few days ago that US Federal investigators are looking into an intrusion and insertion of malicious code into Codecov. As many readers here will already know, Codecov is a software auditing tool that analyses your source code to check for the amount of test coverage. The intrusion targeted the Codecov bash uploader, which is a script that provides a way to send coverage reports to Codecov.
Using Drone CI to push packages to Cloudsmith
A short demo of how you can set up a Drone CI pipeline to push a package to a private Cloudsmith repository.
Integrating a Cloudsmith repository with a Drone CI pipeline
At Cloudsmith, we strive hard to ensure that private Cloudsmith repositories work with any build and release process that our customers use. Our mission is to be the universal package management solution that any modern DevOps workflow requires.
Missing Infrastructure: Accelerated Worldwide Delivery
Software development by distributed teams is nothing new. But since 2020, it’s no longer just teams that are globally dispersed, it is the individual team members themselves. Remote working is the new normal. So in this unpredictable, “modern” world we’re in, how do you put together a solution that delivers for every single team member, no matter their location?
Dependency Confusion Attacks
You must secure your software supply chain. Now, more than ever, it is vital. For a long time, a primary concern in security was malicious actors exploiting inherent weaknesses in software. Privilege escalations, SQL injections, race conditions etc. These are, of course, still a concern and should be afforded the attention that they deserve. But now, there is another worry, one that is arguably even more important – A Supply Chain Attack.