InfoQ Homepage Continuous Integration Content on InfoQ
-
HashiCorp Moves HCP Packer into GA with New Security Workflows
HashiCorp has moved HCP Packer into full general availability. HCP Packer is their cloud hosted offering of Packer, a machine-image building tool. The release adds a number of new features including improved security workflows, custom metadata, and integration of compliance checks with Terraform Cloud workflows.
-
Docker Desktop Best Practices for Code Sharing
In a recent article, Docker engineer Stephen Turner shared a few best practices to help developers understand file sharing between a Docker container and its local host and how its performance varies across OSes.
-
Google and GitHub Announce OpenSSF Scorecards v4 with New GitHub Actions Workflow
GitHub and Google have announced the version 4 release of the Open Source Security Foundation (OpenSSF)'s Scorecards project. Scorecards is an automated security tool that identifies risky supply chain practices in open source projects. This release includes a new Scorecards GitHub Action, new security checks, and a large increase in the repositories included in the foundations weekly scans.
-
Aqua Security Reports Large Increase in Supply Chain Attacks
Aqua Security's recent report highlights the increasing threat of supply chain attacks. According to the report, supply chain attacks grew by 300% from 2020 to 2021 while the level of security across software development environments remained low. Google and the CNCF have recently released papers detailing approaches to improving the security of the supply chain.
-
HashiCorp Waypoint Adds Triggers and External Data Fetching
HashiCorp has released version 0.7 of Waypoint, their open-source application deployment tool. This release presents a number of redesigns to the user interface, the introduction of scripting and continuous integration lifecycle operations via triggers, external data fetching, and scoping of configurations to specific workspaces.
-
GitLab 14.6 Improves Geo Replication and Adds Support for .NET 6 Projects
GitLab 14.6 new Geo configuration streamlines the process of using the geographically closest replica to speed up clone and pull commands. It also introduces an activity list for GitLab's Agent to log real-time events and brings support for .NET 6.
-
Migrating Neo4j Graph Schemas with Neo4j Migrations
Neo4j Labs has released Neo4j Migrations, a database migration and refactoring tool that offers version control for relational databases. Inspired by FlywayDB, the tool supports migrations based on Cypher statements or Java. Triggering the migrations is possible via the CLI, Maven plugin, or a Spring Boot starter.
-
GitHub Improves Code Navigation and Search
GitHub announced improvements to its code search and code navigation capabilities. The new code search, which is still available experimentally, features now the possibility of finding code symbols and using regular expressions. Code navigation has been made available from within pull requests and extended to provide more precise information for Python repos.
-
XCRemoteCache Aims to Speed up iOS App Build Times
Spotify created XCRemoteCache to reduce Xcode compile times. Recently open-sourced, XCRemoteCache can decrease clean build times by 70%, says Spotify.
-
ClusterFuzzLite Brings ClusterFuzz to GitHub Actions and Other CI/CD Pipelines
ClusterFuzzLite, as implied by its name, is a light version of Google ClusterFuzz, a tool aimed to find security and stability issues in software systems through fuzz testing. ClusterFuzzLite is meant to be integrated in a CI pipeline with a few lines of code, says Google.
-
Building Large-Scale iOS Apps at Airbnb
The Airbnb iOS team addressed the challenge of its growing mobile app codebase and complexity by adopting new tools and processes, including a modern build systems, module types, and dev apps.
-
Pants Build System Adds Support for Java, Scala, and Go
In its upcoming release, now available to early adopters, build system Pants adds Java, Scala, and Go to previously supported Python. InfoQ has spoken with Benjy Weinberger, one of the creator of Pants alongside John Sirois, and currently CEO of Toolchain, Pants' main sponsor.
-
HashiCorp Launches Public Beta of HCP Packer
HashiCorp Cloud Platform (HCP) Packer’s new public beta puts the long-standing machine-image building tool in the cloud, and also delivers new features such as release channels and a deeper integration with Terraform. Packer - a tool for building automated machine images which was launched back in 2013 - has been relaunched onto HashiCorp Cloud Platform, with a host of improvements.
-
GitHub Introduces Projects, Updates Codespaces, Copilot, Code Scanning, and More
At its Universe 2021 conference, GitHub promoted its new Issues experience to public beta, providing projects and dynamic tables, expanded Copilot support for Jetbrains and Java, added Ruby support for code scanning, and announced many more features.
-
Travis CI Vulnerability Potentially Leaked Customer Secrets
Popular continuous integration and delivery service Travis CI disclosed a vulnerability that potentially leaked secure environment variables, including signing keys, access credentials, and API tokens. The flaw was quickly fixed on September 10, but the developer community found Travis CI handling of this issue insufficient.