Operations | Monitoring | ITSM | DevOps | Cloud

June 2022

Software supply chain: What it is and how to keep it secure

As shortages of consumer goods and rising prices caused by bottlenecks in international supply networks have become more common, the global supply chain and its vulnerabilities have been top of mind for many. For developers, several high-profile software security exploits have recently underscored the risks inherent in a similar type of supplier network: the software supply chain.

Prevent XSS attacks with browser testing

Security is a never-ending battle on the web. You can have a server up in just a few minutes, and the next minute, someone is already trying to hack into it. These attacks could be automated using malicious bots or launched manually. Websites can be targeted by a malicious user trying to compromise your web presence or data. Cross-site scripting (XSS) is just one type of attack your site may be vulnerable to.

Automating deployment of a Dockerized Python app to Docker Hub

CI/CD systems follow a multi-tiered environments pattern: development, testing, staging, and production release are all part of this process. Each setting in this cycle could have a variety of set ups and configurations. As a result, having to set up separate configurations for different environments could be inconvenient and burdensome. In this tutorial, we will take a look at what Docker is and how it has freed developers from set-up problems and port clashes.

Trunk-based vs. feature-based development

When you are the only dev building a software project, you can create and modify your code according to personal preference. When you contribute code to a team-run project, you need to follow a standardized set of guidelines and coordinate precisely with other team members. Standard guidelines and coordinated work effort are vital to the success of every team-based software development project.

The value of blameless culture - from IC to C-Suite

At CircleCI, CI has a second meaning: Continuous Improvement. We continuously seek out feedback not only to improve our code but to improve our processes and get better at our jobs along the way. This Continuous Improvement starts with one important company value: a blameless culture. Our blameless culture extends into every part of how we operate.

What is cloud bursting? Managing sporadic workloads on the hybrid cloud

The DevOps field is engaged in a great, collective migration into the cloud. Businesses are decentralizing their applications and databases, hosting them in the cloud to make them available regardless of geography or user device. Some organizations choose to host their applications on private servers, but in periods of high demand take advantage of the public cloud by directing overflow traffic to cloud servers. This approach is called cloud bursting.

Developing a pipeline-builds logging system with CircleCI webhooks and Airtable Automations

Ever since CircleCI introduced webhooks, I have been excited about the possibilities this new way of integration opens up to developers. I decided to try out one of the use cases described in the webhooks documentation. This use case involves transmitting information about build-pipeline workflows into an Airtable database. The data piped into Airtable forms a log for you to monitor your workflows and you can go as far as designing graphs and other visualizations to analyze the build data.

How to change your mind about failure with Rollbar CPO, Cyrus Radfar

Nearly every project can benefit from improvements, but which effort has the most impact? Rob sits down with Rollbar CPO Cyrus Radfar to discuss how to reframe your mindset on failure, knowing and operating from your top-level goal, and making failures a vital part of company culture.

Testing Commander.js command line applications

Breaking changes in production are inconvenient and can be costly to fix. Using commands like git clone < some GitHub repository >, executed on your terminal is a common practice, known as using the command line. This practice can be faster and more efficient than using a GUI. For this tutorial, I will walk you through the process of testing command-line applications git, explain why you need command-line applications, and describe in detail how they work.

How to review your CircleCI configuration

Configuration files can take some time to set up, but after that initial push they are easy to forget about. “If it’s not broken, don’t fix it” is a common approach that many developers take with their configuration files. But when it comes to your continuous integration pipelines, small changes can have huge benefits.

Continuous integration for a production-ready Dockerized Django application

Continuous integration has become a widely accepted practice for software projects. As more technologies are introduced in both continuous integration and software development, developers are looking for practical ways to benefit from them. Basic tutorials that cover toy examples are not always enough for real-life practitioners. As an actual user of Django, Docker, and CircleCI, this was certainly a pain point for me. That is why I wrote this tutorial.

Data structures for effective Python applications

Because computers rely on data to execute instructions, computing will always entail data interaction. The amount of data can be overwhelming in real world applications, so developers must consistently devise methods to access it quickly and efficiently in a programmatic way. A solid understanding of data structures is a great advantage for teams that specialize in developing tools and systems. Organizing data optimally maximizes efficiency and makes data processing easy and seamless.