Dependency Checking Your Ruby Application

Dependency Checking Your Ruby Application Checking your application’s dependencies for known vulnerabilities is a critical, relatively low effort step you should take to secure your application, which you may have read about in another recent article: What is SCA? Compared to the wealth of tools used for dependency checking in, for example JavaScript,  there’s not […]

Read more
Break the pipeline? That’s a notification.

Modern technology continues to accelerate the speed of delivering software, which directly increases the importance of quality awareness as early as possible within your delivery pipeline.  If you don’t know of a problem, you can’t act on it. The Email-ext plugin in Jenkins ( is a great way to notify relevant parties as soon as […]

Read more
Jenkins Scripted Pipeline: A Groovy Primer
panda eating bamboo

The Jenkins pipeline documentation does a serviceable job describing a Jenkinsfile. There are a number of examples for common tasks, giving code snippets that can be copied and pasted for your own use. When needing to do simple or commonly performed tasks, this method can be sufficient. There is also a helpful pipeline syntax generator […]

Read more
What are Jenkins Pipelines and What is a Jenkinsfile?

‘Pipeline as code’ or defining the deployment pipeline through code rather than configuring a running CI/CD tool, provides tremendous benefits for teams automating infrastructure across their environments. One of the most popular ways to implement a pipeline as code is through Jenkins Pipeline. Jenkins, an open source automation server, is used to automate tasks associated […]

Read more
Generate Parameter Values Dynamically in Jenkins
Single Sign On

I am currently working on implementing Single Sign-On (SSO) for the entire Coveros domain. This project required me to implement a process to add current Coveros employees into our FreeIPA server as well as account for any future employees that will be onboarded. In order to deal with this problem, a script was written which […]

Read more
2017 Q1 SecureCI™ Release

I know what you’re thinking…what happened to the 2016 release? Well, 2016 was an interesting year, and unfortunately we weren’t able to get out a mid-year release, and our Q4 release got pushed to Q1 of this year. But, finally, an updated version of SecureCI™ is here! So, what can you expect from this release? Upgrades First and […]

Read more
Hotfixes within DevOps Pipelines

I recently wrote several blog posts about setting up a DevOps pipeline, and it was working great for our code. However, recently, I ran into an issue. My perfectly written and tested code somehow introduced a bug into our production environment! Luckily, we caught this issue quickly, and it was a relatively easy fix. So, I fixed the code, […]

Read more
Ansible Tower: Initial Thoughts

One of our clients recently wanted to start using Ansible on a project. As part of the new effort we wanted to investigate Ansible Tower as a potential way to use Ansible. This blog is a overview of the thoughts I had and some lessons learned. My next blog will be more specific examples of […]

Read more
Jenkins Workflow for Jenkins

Inevitably on any agile project with a good degree of DevOps maturity, engineers start looking less at the application efficiencies and begin to look at addressing issues with their pipelines and frameworks to deliver faster or more effectively. At Coveros, we call this “DevOps’ing your DevOps.” It is a silly sentence but it speaks to the challenge […]

Read more