DevOps and Security: 5 Principles for DevSecOps
Jenkins Scripted Pipeline: A Groovy Primer
With the trend toward a more continuous delivery and deployment process, late-lifecycle activities like security assurance present a significant hurdle to continuously delivering value to customers. DevSecOps addresses this by shifting security assurance activities, personnel, and automation closer to development.
Implementing Continuous Delivery in the Federal Government
The Jenkins pipeline documentation does a serviceable job describing a Jenkinsfile. There are a number of examples for common tasks, giving code snippets that can be copied and pasted for your own use. When needing to do simple or commonly performed tasks, this method can be sufficient. There is also a helpful pipeline syntax generator […]
Agile and DevOps Bring the Focus Back on Quality
Federal agencies generally have more regulation, slower processes, and a command-and-control style of bureaucracy. How does it work when trying to foster agility and implement a continuous delivery model? Gene Gotimer relates his experiences and challenges with encouraging a culture change in federal government.
Leveraging Kubernetes as a Tester
I’ve had the privilege (and the many challenges) of working in IT for more than three decades. Early in my career I tended to accept things as they were presented, following the techniques, processes, guidelines, and approaches I was taught by my peers and managers. As I gained experience and wisdom, I became a better independent thinker and started to connect the dots and ask questions.
Installing MicroK8s 1.14 for Local Development
With the advent of agile and DevOps, organizations are moving from specialized roles to cross-functional teams—and that means cross-functional sharing of the specialized tools used in each silo. So it’s not unreasonable for a tester to need access to the tools used in those other silos, such as Kubernetes. Kubernetes is a scalable, production-grade container […]
The Pros and Cons of a Serverless DevOps Solution
In a recent development, MicroK8s replaced its dockerd installation with containerd. Many pre-existing sources mention “microk8s.docker”, but this command is no longer available. I will walk you through the full initial installation and basic usage on Ubuntu 18.04. Practically speaking, this means you now need to install Docker on your Ubuntu machine. In previous versions, […]
Making Security a First Class Citizen in DevOps
The dream of any product owner is fully customizable production software without the expense of paying for the hardware it rests upon. While the cloud and infrastructure as a service (IaaS) partially deliver on this promise, a completely serverless infrastructure would be much closer to this dream. From a product owner’s perspective, the possibility of […]
Running Selenified within Docker
I recently had the opportunity to do a web seminar with Jeff Payne about using open source tools for DevSecOps. In our discussion, I made the point that the goal of DevSecOps is to make application security a first-class citizen in the DevOps process. Making application security a first-class citizen improves the quality of your […]
6 Signs Your Agile Project Isn’t Really Agile
As you move more towards continuous testing, it becomes important to be able to execute your automated tests rapidly in multiple environments. Docker is perfect for this, providing a simple way to execute your tests on any system, against any environment. Selenified works perfectly inside a Docker container, allowing functional tests to be easily integrated […]
More and more organizations are adopting agile software development processes and practices. But in many cases, these organizations have declared they are agile without actually changing how they develop software. Declaring that an apple is an orange doesn’t make it so. These six key indicators can help you determine whether your agile project isn’t really […]