The most well-known security flaw in Docker is that it requires root access to build your Docker images with the Docker daemon. We have all read at least once that you should be careful using root access. This tutorial will take a look at the downsides of using Docker and Docker alternatives to combat those.
In this article, we will show you how to connect ArgoCD and Codefresh so that you get the full observability experience for GitOps. ArgoCD provides the underlying deployment mechanism and Codefresh the visual dashboard to provide high-level information for deployments. We assume that the following are in place GitOps is a way to do Kubernetes cluster management and application delivery.
This is the second part of our new series -- Introducing Codefresh Quick Bites -- Set-up your first Codefresh step to receive notifications of your builds in Jira.
SonarQube is a universal tool for code analysis that provides continuous inspection of your code to highlight existing and newly introduced issues. This allows you to “Clean as You Code”, which aims to reach the maximum code quality in your newly written code. This post will: The SonarQube architecture consists of a server and a SonarScanner. The Scanner is a separate client type application that is used to analyze projects in connection with SonarQube.
Today Amazon, Codefresh, GitHub, Microsoft, and Weaveworks are announcing the creation of the GitOps Working Group. This will be an open CNCF community project created inside the CNCF fluxcd GitHub organization as the initial venue for collaboration and open governance.
Creating preview environments as a result of making pull requests is one of those practices that have vast potential and are yet largely overlooked. There is a strong chance that you are not using them, even though they can drastically increase productivity. I will not explain what preview environments are, besides stating that they are temporary environments created when pull requests are made and destroyed when PRs are closed.
