Dependency Checking Your Ruby Application Checking your application’s dependencies for known vulnerabilities is a critical, relatively low effort step you should take to secure your application, which you may have read about in another recent article: What is SCA? Compared to the wealth of tools used for dependency checking in, for example JavaScript, there’s not […]
Modern technology continues to accelerate the speed of delivering software, which directly increases the importance of quality awareness as early as possible within your delivery pipeline. If you don’t know of a problem, you can’t act on it. The Email-ext plugin in Jenkins (https://wiki.jenkins.io/display/JENKINS/Email-ext+plugin) is a great way to notify relevant parties as soon as […]
The Jenkins pipeline documentation does a serviceable job describing a Jenkinsfile. There are a number of examples for common tasks, giving code snippets that can be copied and pasted for your own use. When needing to do simple or commonly performed tasks, this method can be sufficient. There is also a helpful pipeline syntax generator […]
I was lucky enough to speak at AgileDC 2017 and present my experience report on the Agile DevOps Transformation I have been a part of at Housing and Urban Development. In this presentation, I go over the theories of DevOps, how we intended to put these theories into practice, and how we actually put these […]
‘Pipeline as code’ or defining the deployment pipeline through code rather than configuring a running CI/CD tool, provides tremendous benefits for teams automating infrastructure across their environments. One of the most popular ways to implement a pipeline as code is through Jenkins Pipeline. Jenkins, an open source automation server, is used to automate tasks associated […]
I am currently working on implementing Single Sign-On (SSO) for the entire Coveros domain. This project required me to implement a process to add current Coveros employees into our FreeIPA server as well as account for any future employees that will be onboarded. In order to deal with this problem, a script was written which […]
I know what you’re thinking…what happened to the 2016 release? Well, 2016 was an interesting year, and unfortunately we weren’t able to get out a mid-year release, and our Q4 release got pushed to Q1 of this year. But, finally, an updated version of SecureCI™ is here! So, what can you expect from this release? Upgrades First and […]
I recently wrote several blog posts about setting up a DevOps pipeline, and it was working great for our code. However, recently, I ran into an issue. My perfectly written and tested code somehow introduced a bug into our production environment! Luckily, we caught this issue quickly, and it was a relatively easy fix. So, I fixed the code, […]
One of our clients recently wanted to start using Ansible on a project. As part of the new effort we wanted to investigate Ansible Tower as a potential way to use Ansible. This blog is a overview of the thoughts I had and some lessons learned. My next blog will be more specific examples of […]
Inevitably on any agile project with a good degree of DevOps maturity, engineers start looking less at the application efficiencies and begin to look at addressing issues with their pipelines and frameworks to deliver faster or more effectively. At Coveros, we call this “DevOps’ing your DevOps.” It is a silly sentence but it speaks to the challenge […]
