Terms like DevOps or DevSecOps have become an integral part of our industry. In other words, agile software development that is focused on security is one of the most important approaches to modern development. Or is it?Read more
Archive of posts in category 'Quality'
Scroll down to see more ...
These are exciting times, with digital transformation bringing new disruptive technologies that impact the way we work, sleep, eat and how we spend our personal time. For developers, this fast paced world offers plenty of opportunity to be part of something great. The chance to make their mark on a project that would affect others for decades to come. But as these new opportunities emerge, so do new risks.Read more
The world’s reliance on software is already great and will continue to grow. That's why the security of applications will also become increasingly important. This development is further reinforced by the global pandemic, as more businesses and services have increased their online availability. The U.S. Federal Bureau of Investigation (FBI), for example, has reported a 300% increase in cybercrime since the beginning of the pandemic: This shows that with the growing reliance on software and applications, the risk of attacks is also increasing.Read more
More security thanks to micro-learning and gamification – Secure Code Warrior plugin for SCM-Manager
The regularity of media reports on cyberattacks shows that security is, or should be, a key issue for software development teams these days. Learning methods like micro-learning and gamification help to raise awareness and knowledge about security issues. The new Secure Code Warrior plugin for SCM-Manager integrates these approaches into the review process.Read more
You can find out here how Clean Code Development can help you and what hurdles the integration of the approach entails in everyday lifeRead more
In an economy that is shaped by applications, software development teams face the challenge to release new versions faster, improve the quality and to expedite innovation.Read more
Gauge is a lightweight behavior driven testing framework that allows you to automate end-to-end tests. In this post we will show an example of how to write a test framework with Gauge in Java code. If you want to learn how to install and get started with Gauge, you should read this introductory post from our partner blog.Read more
It is already quite common to describe infrastructure in code with e.g. Puppet or Chef. These days there is another option for that: Docker©. Especially for Docker© it is important to keep track of the infrastructure’s configuration, because sources for your containers might have changed or vanished. Therefore you should test your infrastructure to ensure that it is as expected. Serverspec offers you the ability to do exactly that.Read more
In the last post we defined quality as » the degree of conformance to explicit or implicit requirements and expectations« and took a closer look at the different terms of the definition. During this examination it became clear that quality starts with thoroughly defined requirments. In this post we want to go one step further and show which steps can be taken to improve quality.Read more
Subsequent to the first part of this post you can improve your code quality by implementing an automated code review system to your projects. You only need to perform a few modifications to SCM-Manager, Jenkins and SonarQube. In the first part of this article we already showed you the necessary configuration of SCM-Manager and Jenkins. Now, in the second part we will show you the necessary modifications to integrate SonarQube to the automated process.Read more
A good way to improve code quality is to use code review. Often teams recoil from code review because it demands a lot of time. An alternative could be an automated code review system that checks your code for compliance with certain metrics and rules. With the Cloudogu EcoSystem you can implement such a system based on SCM-Manager, Jenkins and SonarQube. In this first part we will show you how to configure SCM-Manager and Jenkins. The second part will be about extending the system by integrating SonarQube.Read more