Insight and analysis from thought leaders in agile development and testing, DevOps, security, test automation, and more.
Subversion or SVN is a version control system that has been around for over 15 years and was the industry standard before the arrival of Git. Although Git is far superior to SVN, a lot of places are still tied to SVN for any number of reasons. I was exposed to and worked with only […]
OWASP Zed Attack Proxy (ZAP) is one of my favorite tools for scanning and performing vulnerability tests on a web application. It has a simple GUI to get started, with a large capability for customization to tailor scans as needed. Recently, I was faced with a problem to login and then scan the authenticated segments of […]
Zephyr Plugin is the solution for Agile Testing if you are already using JIRA in your Agile Software Management as a tool for issue tracking and project management, and want to integrate test management into the same system. It adds many new features to JIRA: Collaboration Test Cases Writing, Reviewing, Executing, Verify Test Results. Formal […]
It seems like more often we hear stories of another security breach at our favorite retailer, bank, or some place that has our sensitive data. Any organization that has been entrusted to protect sensitive information should have solid security practices in place. Once a hacker has accessed your system it’s all over. The most expensive […]
On my last two posts I went through setting up CI for your PHP project. While I promised this post would cover setting up CD for your pipeline, I realized that I left out a fairly useful (but in my mind unique) part of the process. Our PHP application is using Laravel as the back […]
Ivy – Ant Dependency Bolt On My last assignment introduced me to Gradle. My experiences have let me run the trifecta for build tools: Ant, Maven, and Gradle. However last time I used Ant, Ivy was not managing the dependencies. Versus Maven and Gradle that have automatic dependency resolution built in. What is automatic dependency resolution? In […]
Any developer who has ever opened up a pom file on a large project will be familiar with the seemingly infinite number of dependences which make governance nearly impossible. Thankfully, Sonatype is making our job a little bit easier with Nexus Firewall–a tool which allows system administrators the ability to craft policies to limit which […]
Bringing in DevOps to an organization means making some changes to the culture and structure of teams and the organization. These changes are often disruptive and frequently meet with some resistance from leadership, teams, and individuals. A successful DevOps team is cross-functional, with members that represent the business, development, quality assurance, operations, and anyone else […]
Ansible’s immaturity compared to chef/puppet really shows when talking about the prioritized variable loading (facts). In the chef world we had about 4 different places to store attributes with 3 different priorities. This ordering is so important for organization and design that this page was one of two pages I had new people read and bookmark […]
Last month I started writing about the DevOps pipeline that I built out for a PHP project. Today I plan on filling it out a bit more. What I described last week is what many people consider a full CI Pipeline, executing unit tests, code coverage, and static analysis. I threw in a little more […]
