InfoQ Homepage Continuous Integration Content on InfoQ
-
What Will the Next 10 Years of Continuous Delivery Look Like?
Dave Farley and Jez Humble talked at the DeliveryConf about their expectations for the next ten years of Continous Delivery (CD). For CD to succeed, the IT industry needs to focus on three performance aspects: technical, organizational, and cultural–all profoundly interrelated. DORA's report has shown that technical practices can lead the change, but they alone aren't enough.
-
New GitHub CLI Enables Working with Issues and PRs from the Command Line
GitHub has just beta-released GitHub CLI, an open-source tool that allows developers to work with issues and pull requests from the command line. Written in Go, GitHub CLI can be installed on Linux, macOS, and Windows.
-
Jenkins Creator Launches ML Startup in Continuous Risk-Based Testing
Jenkins creator, Kohsuke Kawaguchi, starts Launchable, a startup using machine learning to identify risk-based tests. Testing thought leader Wayne Ariola also writes about the need for a continuous testing approach, where targeted risk-based tests help provide confidence for continuous delivery.
-
Bazel 2.0 Released with Performance and Stability Improvements
Bazel, the build and test tool that is based off of Google's internal build tool Blaze, recently released version 2.0. This release introduces a few flagged changes that will be incompatible with past versions as well as a number of other stability and performance improvements.
-
CircleCI Introduces New Orbs to Simplify Deployment Activities
CircleCI recently announced the availability of Deployment Orbs which focus on streamlining and simplifying the integration of deployment workflows into CircleCI jobs. This release includes orbs for deploying into common environments such as AWS, Google Cloud, Azure, Kubernetes, and Salesforce.
-
Yelp Open-Sources Fuzz-Lightyear, A Swagger-Based IDOR Vulnerability Detector
Business directory and crowd-sourced review service, Yelp, has open-sourced their in-house security testing framework, fuzz-lightyear, that identifies Insecure Direct Object Reference (IDOR) vulnerabilities.
-
Sonatype Disables Unencrypted Access to Maven
Sonatype has disabled unencrypted HTTP access to Maven Central, improving security for build systems such as Maven, Gradle, SBT, and other dependency systems.
-
Gradle 6 Brings Significant Dependency Management Improvements
Gradle, the customizable open source build automation tool, has released version 6.0 with significant improvements to dependency management, out of the box support for javadoc and source jars, and faster incremental compilation of Java and Groovy code. In addition, the latest release 6.1.1 supports a relocatable dependency cache for speeding up ephemeral CI builds.
-
Reducing Build Time with Observability in the Software Supply Chain
Tools commonly used in production can also be applied to gain insight into the CI/CD pipeline to reduce the build time. Ben Hartshorne, engineer at honeycomb.io, gave the presentation Observability in the SSC: Seeing into Your Build System at QCon San Francisco 2019.
-
Improving Continuous Integration at Dropbox Using Bazel
Benjamin Peterson recently shared how Dropbox leverages Bazel to improve their build and deploy experience. Using Bazel, Dropbox was able to scale their continuous integration and deployment pipelines to ensure quick feedback on commits. They achieved this by running only the affected tests within a grouping of commits and selectively pre-declaring which tests are gating to deployments.
-
GitHub Launches Mobile App, Notifications Beta, and Code Navigation Features
At this year's Universe Conference, GitHub made a number of announcements aimed at improving developer experience in the daily use of the platform, including a mobile client app and notification, as well as promoting workflow automation tools such as GitHub Actions and GitHub Packages to general availability.
-
Reduce Xcode Build Times Using Carthage and Caching Binary Dependencies
In a recent post, Spotify engineer Patrick Balestra explained how they managed to improve Xcode build time by 50% using dependency manager Carthage to avoid rebuilding dependencies over and over across their teams.
-
How to Remain Agile While Scaling
Managing the complexity and scale of both the business and the software were key challenges as Yext started to grow, said Sean MacIsaac at Agile Business Day 2019. Yext addresses this by having product solutions that are broadly applicable and configurable by their customer team, and by hiding complexity with independently deployable services with clearly defined interfaces.
-
CircleCI Adds Security Integrations to Streamline Securing CI/CD Pipelines
CircleCI announced the addition of new orbs that address common use cases and needs with securing your CI/CD pipelines. The orbs added to the repository with this release cover vulnerability scanning, secrets management, license scanning, and digital scanning. It includes integrations with AWS and Google Cloud.
-
Atomist Adds Drift Management Features to Minimize Process and Code Divergence
Atomist recently released Drift Management as a new feature within their Software Delivery Machine. This tool helps to track and control drift within repositories, libraries, and Docker images. Drift Management is open source and available in Atomist subscription plans, including the free tier.