Insight and analysis from thought leaders in agile development and testing, DevOps, security, test automation, and more.
Any developer who has ever opened up a pom file on a large project will be familiar with the seemingly infinite number of dependences which make governance nearly impossible. Thankfully, Sonatype is making our job a little bit easier with Nexus Firewall–a tool which allows system administrators the ability to craft policies to limit which […]
Bringing in DevOps to an organization means making some changes to the culture and structure of teams and the organization. These changes are often disruptive and frequently meet with some resistance from leadership, teams, and individuals. A successful DevOps team is cross-functional, with members that represent the business, development, quality assurance, operations, and anyone else […]
Ansible’s immaturity compared to chef/puppet really shows when talking about the prioritized variable loading (facts). In the chef world we had about 4 different places to store attributes with 3 different priorities. This ordering is so important for organization and design that this page was one of two pages I had new people read and bookmark […]
Last month I started writing about the DevOps pipeline that I built out for a PHP project. Today I plan on filling it out a bit more. What I described last week is what many people consider a full CI Pipeline, executing unit tests, code coverage, and static analysis. I threw in a little more […]
What happens when you don’t like every feature in Windows 10? I chose to downgrade back to Windows 7. This may trigger issues that cause the computer to slooooooow down. Like many developers, I eagerly upgraded to Windows 10 for testing as soon as it was available. The first thing I noticed was that some of my programs weren’t working as […]
I often find myself in a position where I have multiple Jenkins servers that are almost clones of each other. In many cases, this is because I run a “test” Jenkins where we develop jobs, test them, then promote them over to our “prod” Jenkins server. Because the servers look identical, I’m always afraid I might […]
Commercial Agile and DevOps best practices now available to Federal Agencies Fairfax, VA., March 1, 2016 — Coveros, the market leader in secure software development using agile methods, announced today that it has been awarded an Information Technology Schedule 70 Contract by the U.S. General Services Administration (GSA). IT Schedule 70 is the largest and […]
For automation, we want to store as much text as possible in our git repositories, and any binary artifacts in an artifact repository (like Sonatype’s nexus). However, Git can be a dangerous place to ever store passwords. If a bad guy ever acquired access, he could roll back in time and find every password you’ve ever stored […]
I recently was put on a project where we are doing development for a website. There was already a large code, and we went in to add features in order to complete the site, and perform code refactoring when necessary. In order to accomplish this successfully, we decided to follow the SecureAgileTM, which involves ensuring […]
Problem with Default Validation While using Laravel to build a web application, I needed to perform custom validation on user input, such as a password parameter. By default, Laravel manages this through AJAX handled on the client side. However, I wanted a more robust solution. Also, helpful libraries, such as a check of whether an […]
