Code analysis tools are essential to gain an overview and understanding of the quality of your code. This post is going to cover the following While these tools target similar use cases, they differ in their implementation, ease of use, and documentation just to name a few. This post provides an overview of each tool as well as a detailed comparison to help analyse and decide which tool is best suited for your needs.

As all developers know, when building software things don’t always go as planned. In fact, most of the time they don’t. With today’s modern distributed architectures it’s more important than ever to have the proper tools in your toolbelt. This allows us to automate as much of the software delivery lifecycle as possible and then be able to immediately triage issues when they arise.

Zero trust is a security concept that is centered around the idea that organizations should never trust anyone or anything that does not originate from their domains. Organizations seeking zero trust automatically assume that any external services it commissions have security breaches and may leak sensitive information.

Delivering modern applications is complicated and requires the coordination of many moving parts. Applications are frequently updated to implement new features and improve security and performance which translates to a better user experience for your customers. To further complicate matters, infrastructure must also be deployed and maintained simultaneously with applications to avoid conflicts or dependencies.

In our previous guide, we documented 10 Docker anti-patterns. This guide has been very popular as it can help you in your first steps with container images. Creating container images for your application, however, is only half the story. You still need a way to deploy these containers in production, and the de facto solution for doing this is by using Kubernetes clusters. We soon realized that we must also create a similar guide for Kubernetes deployments.

This is the second part in our Kubernetes Anti-patterns series. See also part 1 for for the previous part and part 3 for the next part. You can also download all 3 parts in a PDF ebook.

This is the third and last part in our Kubernetes Anti-patterns series. See also part 1 and part 2 for the previous anti-patterns. You can also download all 3 parts in a PDF ebook.

Where do you usually track your code coverage? If you are not sure about the answer to this question or you would like to explore other options to the ones that you are currently using, then this post is for you. Specifically, this post details how you can use Codacy in your Codefresh pipeline to create and send coverage reports of your repository with every pipeline build. To follow along, make sure to have a Codacy and a Codefresh account. If not, now is the time to set-up a fresh account for free!

The appearance of containers and their performance benefits compared to the existing paradigm of virtual machines has forced several companies to rethink their software lifecycle, especially the delivery part. Continuous integration and deployment tools (CI/CD) are passing through a second renaissance phase which is characterized by new approaches centered around short-lived environments that are launched and destroyed in a much more dynamic way.

When I started working at Purple managing the E-commerce stack, I inherited a single AWS EC2 instance that represented our entire infrastructure. The problem was, the company was doubling in size every few months, and with this exponential increase in load combined with the issues we were already experiencing with this infrastructure, it became a large business risk.