United in Security: US and UK Vow to Improve Software Supply Chains
It’s official: regulations by the US and UK governments are coming down the track to secure the software supply chain.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
Integrating a Cloudsmith repository with a Semaphore CI workflow
At Cloudsmith, we believe that packaging should be at the centre of any modern build and deployment process. In fact, we think that Continuous Packaging is the glue that ties Continuous Integration and Continuous Deployment or Delivery together. So with that in mind, in this blog, we will take a walk through how easy it is to integrate Cloudsmith with a Semaphore CI workflow and push the artifacts and packages that you build to a private repository. TL:DR – It’s super easy.
Using Semaphore CI to Push packages to Cloudsmith
A short demo of how you can set up a Semaphore CI workflow to push a package to a private Cloudsmith repository.
Cloud-Hosted of Cloud-Native? Discover Why Cloudsmith Was Born in the Cloud
Today, almost every service now is offered in a “Cloud” variant. But what does that really mean? Are all clouds services equal? It’s easy to see why so many vendors rush to add a Cloud edition/variant of established software they sell. Undoubtedly, there has been a move to Cloud services across the industry, as more and more organizations seek to take advantage of the higher reliability and lower total cost of ownership that Cloud platforms promise.
Integrating a Cloudsmith repository with a Harness CD pipeline
In this blog, we will walk through the process of configuring a private Cloudsmith repository as an artifact source for a Harness Continuous Deployment pipeline. Harness is a Continuous Deployment platform that allows you to easily automate the deployment of your software to your infrastructure and environments.
Collision 2021 - Securing Software Pipelines with Continuous Packaging
Building automation and security into software supply chains requires packaging source code, dependencies and containers into logical, versioned units. But, in 2021, how engineers package their software is more vital than ever, requiring a serious refresh with a name befitting its focus on security within the cloud. We call it Continuous Packaging. Now on-demand, watch our talk from Collision Conference 2021 where we explored Continuous Packaging and how it can help secure your delivery pipelines, from development through to deployment.
Using Harness to deploy packages from Cloudsmith
A short demo of how you can use Harness CD to deploy a docker image from a private Cloudsmith repository to an AWS ECS Cluster.
Thoughts On the Codecov Breach
It was revealed just a few days ago that US Federal investigators are looking into an intrusion and insertion of malicious code into Codecov. As many readers here will already know, Codecov is a software auditing tool that analyses your source code to check for the amount of test coverage. The intrusion targeted the Codecov bash uploader, which is a script that provides a way to send coverage reports to Codecov.
Using Drone CI to push packages to Cloudsmith
A short demo of how you can set up a Drone CI pipeline to push a package to a private Cloudsmith repository.
Integrating a Cloudsmith repository with a Drone CI pipeline
At Cloudsmith, we strive hard to ensure that private Cloudsmith repositories work with any build and release process that our customers use. Our mission is to be the universal package management solution that any modern DevOps workflow requires.