We like to take a look at our top blogs each year and see what everyone is interested in so we can create interesting content for the new year.
We like to take a look at our top blogs each year and see what everyone is interested in so we can create interesting content for the new year.
Senior DevOps Engineer This role(s) is subject to law, regulation, executive order, or government contract with citizenship/residency restrictions—US Citizens only. Coveros is seeking Senior DevOps Engineers to join our team and help provide our clients with modern DevOps pipelines. The Senior DevOps Engineers are responsible for the design and implementation of an application’s build, release, […]
Background A client recently wanted to move several DevOps and scanning tools into the cloud, to which they were in the process of proving out and transitioning. We had a number of security scanning and static analysis tools, along with corresponding dashboards and a continuous integration server to orchestrate them. All of these tools were […]
At Coveros, we have an internal initiative — Codeveros — responsible for creating and maintaining a reference application used by our training courses. Also, we use it for evaluating new tools and technologies and for any other purpose where an application or source code is needed. Codeveros Overview At its core, it is a microservice […]
Introduction This is the second part of a two-part blog series describing one method to display Fortify scan results in SonarQube. This blog describes the process to convert the Fortify scan results and display them in SonarQube. For an overview of the entire process, and a detailed description of generating the Fortify SCA results, see […]
Overview Fortify Static Code Analyzer (SCA) is a Static Application Security Testing (SAST) tool. It can be used to identify security issues early in the development cycle, enabling developers to resolve findings without waiting until the end. This shifting left of security analysis both speeds up and makes more secure the implementation of new functionality […]
Introduction This is the third part in a series of tutorials focused on the process of creating, deploying, and consuming a Node.js REST microservices. In part one, I walked through the initial creation process and laid out the path forward. In part two, I connected the Node.js app to a database, and updated the routes […]
There has been much discussion about the many benefits of “moving testing left,” and our experts will tell you that doing so by having automated testing (Quality Gates) integrated into your build pipelines is a critical success factor for the rapid build and deploy process automation necessary to truly reap the benefits of Agile. That […]
Helm is a Kubernetes package and operations manager. The name “kubernetes” is derived from the Greek word for “pilot” or “helmsman”, making Helm its steering wheel. Using a packaging manager, Charts, Helm allows us to package Kubernetes releases into a convenient zip (.tgz) file. A Helm chart can contain any number of Kubernetes objects, all […]
In this blog I would like to demonstrate how to use AWS EC2 container service with AWS Codebuild, which is a very powerful and handy tool to automate your builds, so that it helps you run your architecture in a more efficient and automated way. In ECS everything starts with a Docker container. If you […]
