Archive of posts in category 'Software Craftsmanship'

Please note: This archive page is only available in English. If a German version of a post is available, you can change the language once you've opened the post.
See all posts

Scroll down to see more ...

post icon Kubernetes AppOps Security Part 6: Pod Security Policies (2/2) - Exceptions and Troubleshooting

10/28/2020 Johannes Schnatterer in Software Craftsmanship

Kubernetes AppOps Security Part 6: Pod Security Policies (2/2) - Exceptions and Troubleshooting

Pod Security Policies (PSP) allow to use cluster wide settings that are used for all new containers. In comparison to the Security Context, the usage of PSPs not as easy, but especially for large organizations with large clusters it can be beneficial to use them, because they reduce the necessity for manual configuration.

Read more
post icon Kubernetes AppOps Security Part 5: Pod Security Policies (1/2) – Good Practices

09/30/2020 Johannes Schnatterer in Software Craftsmanship

Kubernetes AppOps Security Part 5: Pod Security Policies (1/2) – Good Practices

Pod Security Policies (PSP) allow to use cluster wide settings that are used for all new containers. In comparison to the Security Context, the usage of PSPs not as easy, but especially for large organizations with large clusters it can be beneficial to use them, because they reduce the necessity for manual configuration.

Read more
post icon Kubernetes AppOps Security Part 4: Security Context (2/2) – Background

05/20/2020 Johannes Schnatterer in Software Craftsmanship

Kubernetes AppOps Security Part 4: Security Context (2/2) – Background

A container is basically a normal Linux process that runs isolated from the rest of the system via certain kernel components. This makes containers lighter but more vulnerable than virtual machines (VMs). To reduce this vulnerability to attack, the container runtimes offer a variety of settings whose default values strike a compromise between usability and security.

Read more
post icon Kubernetes AppOps Security Part 3: Security Context (1/2) – Good Practices

03/17/2020 Johannes Schnatterer in Software Craftsmanship

Kubernetes AppOps Security Part 3: Security Context (1/2) – Good Practices

The virtual construct of a “container” is a normal Linux process at its core that largely runs in isolation from the rest of the system using certain kernel components. This makes containers lighter but more vulnerable than virtual machines (VMs). To reduce this vulnerability to attack, the container runtimes offer a variety of settings whose default values strike a compromise between usability and security.

Read more
post icon Kubernetes AppOps Security Part 2: Using Network Policies (2/2) - Advanced Topics and Tricks

01/20/2020 Johannes Schnatterer in Software Craftsmanship

Kubernetes AppOps Security Part 2: Using Network Policies (2/2) - Advanced Topics and Tricks

In a Kubernetes cluster, everything (nodes, pods, Kubelets, etc.) can communicate with each other by default. If an attacker succeeds in exploiting a security vulnerability in one of the applications, he can easily expand his attack to all underlying systems in the same cluster. You can restrict this vulnerability using the on-board network policy features found in Kubernetes.

Read more
post icon Kubernetes AppOps Security Part 1: Using Network Policies (1/2) – Basics and Good Practices

10/29/2019 Johannes Schnatterer in Software Craftsmanship

Kubernetes AppOps Security Part 1: Using Network Policies (1/2) – Basics and Good Practices

If you deploy applications on a managed Kubernetes cluster, operations is responsible for security, right? Not really! Even though Kubernetes abstracts from hardware, its API offers many possibilities for developers to improve security for the applications that are operated on it, by not just using the default settings. This post explains for which attack vectors network policies can offer protection and it will also show pragmatic good practices based on practical examples.

Read more
post icon Continuous Delivery with Sonatype Nexus, Jenkins and the Cloudogu EcoSystem

05/09/2019 Johannes Schnatterer in Software Craftsmanship

Continuous Delivery with Sonatype Nexus, Jenkins and the Cloudogu EcoSystem

In order to meet the growing demand to release new features at an increasingly faster pace, these features must be implemented faster and faster. But that's just one side of the coin. After all, these features have to be put into production as well. Often, deployments are made manually and prone to errors. They tie up resources, and they may take a long time. The solution is complete automation, which is called Continuous Delivery.

Read more
post icon Java Annotation Processors – Generating Code

10/01/2018 Sebastian Sdorra in Software Craftsmanship

Java Annotation Processors – Generating Code

In the third and final blog post of this series, we will demonstrate how you can generate source code with the help of an annotation processor, while in the intro part we have learned how to write, register and use a simple Annotation Processor and in the second part we created configurations.

Read more
post icon Java Annotation Processors – Creating Configurations

08/06/2018 Sebastian Sdorra in Software Craftsmanship

Java Annotation Processors – Creating Configurations

In the second section, we would like to focus on generating configuration files for a simple plugin library. To do this, we will write an annotation processor that exports all classes which are annotated with an `@Extension` annotation to an XML file. In addition to the full name of the class, the Javadoc for the class is also written to the XML file. Additionally, we will write a class that allows us to read these files from the classpath.

Read more
post icon Coding Continuous Delivery — Static Code Analysis with SonarQube and Deployment on Kubernetes et al. with the Jenkins Pipeline Plugin

07/13/2018 Johannes Schnatterer in Software Craftsmanship

Coding Continuous Delivery — Static Code Analysis with SonarQube and Deployment on Kubernetes et al. with the Jenkins Pipeline Plugin

Jenkins Pipelines were subject to three former blog posts. This last part one is dedicated to the integration of SonarQube, Kubernetes and CD on other platforms.

Read more
post icon Java Annotation Processors – An introduction

06/15/2018 Sebastian Sdorra in Software Craftsmanship

Java Annotation Processors – An introduction

Java annotation processors are a very powerful tool in a developer’s toolkit. They can be used for many things, such as logging information during the build, aborting a build with an error message, creating configurations and documentation, altering classes or creating new classes.

Read more
post icon Coding Continuous Delivery — Helpful Tools for the Jenkins Pipeline

05/24/2018 Johannes Schnatterer in Software Craftsmanship

Coding Continuous Delivery — Helpful Tools for the Jenkins Pipeline

After the first two parts of this series discuss the basics and the performance of Jenkins Pipelines, this article describes useful tools and methods: Shared libraries allow for reuse for different jobs and unit testing of the Pipeline code. In addition, the use of containers with Docker© offers advantages when used in Jenkins Pipelines.

Read more
post icon Coding Continuous Delivery — Performance optimization for the Jenkins Pipeline

05/02/2018 Johannes Schnatterer in Software Craftsmanship

Coding Continuous Delivery — Performance optimization for the Jenkins Pipeline

If you’ve ever used a conventional CI tool to set up a Continuous Delivery pipeline by chaining individual jobs without any direct pipeline support, then you’ll know just how complicated this can get. In this article series, we’ll explain how a pipeline can be defined as code in a central location using the Jenkins pipeline plugin. In the first part of this article series, we’ll take a look at the basics and share some practical tips for getting started.

Read more
post icon Coding Continuous Delivery — Jenkins pipeline plugin basics

04/19/2018 Johannes Schnatterer in Software Craftsmanship

Coding Continuous Delivery — Jenkins pipeline plugin basics

If you’ve ever used a conventional CI tool to set up a Continuous Delivery pipeline by chaining individual jobs without any direct pipeline support, then you’ll know just how complicated this can get. In this article series, we’ll explain how a pipeline can be defined as code in a central location using the Jenkins pipeline plugin. In the first part of this article series, we’ll take a look at the basics and share some practical tips for getting started.

Read more
post icon Automated Release Management

04/28/2015 Daniel Huchthausen in Software Craftsmanship

Automated Release Management

Use SCM-Manager Universe to implement an automated release-management for your projects. You can do that by using Jenkins and Sonatype Nexus. In this post we will show the necessary configuration for Maven projects with an automated deploy of snapshots and release of new versions.

Read more
post icon SVN Repository Server Load Balancing and Synchronization

04/01/2014 Daniel Huchthausen in Software Craftsmanship

SVN Repository Server Load Balancing and Synchronization

In our support work of the recent past we saw that the topic of SVN repository synchronization seems to be a current issue. Therefore we want to show you how you can implement a master/slave server structure for load balancing. Slave servers are used for read operations and the master for write operations.

Read more
post icon Permission Management with LDAP Groups

12/06/2013 Daniel Huchthausen in Software Craftsmanship

Permission Management with LDAP Groups

After you downloaded SCM-Manager Universe the permission management for the development tools is based on individual user permissions. Since there seems to be a great interest in using group based permission management we want to show you how. We will show which modifications you have to perform in the tools and how you can handle groups.

Read more