-
5 Best Practices for GitHub Implementation in Large Organizations
The sheer scale of GitHub is evident in its user base: over 73 million developers and 4 million companies collaborate across more than 200 million repositories, making it the world’s largest source code site. GitHub security can get increasingly complex and difficult to monitor as the organization’s teams expand. Additionally, hackers may be drawn to…
-
Implement GitOps for Scalable Deployments, 5 Best Practices
Given that developers widely use Git today, it’s no surprise that GitOps has gained immense popularity. DevOps teams leverage GitOps to simplify app management and deployment by utilizing Git’s version control. With GitOps, Git drives every change, enabling teams to automate tasks, enhance collaboration, and achieve reliable, scalable results. This post outlines five key GitOps…
-
GitHub Code Scanning Using Third-Party Actions
GitHub’s code scanning helps identify vulnerabilities and errors in your codebase, and while CodeQL is a powerful built-in option, you can also integrate third-party tools for a tailored approach. Configuring code scanning with third-party actions allows you to leverage tools like SonarQube, Checkmarx, or Trivy within GitHub Actions workflows. By uploading results in SARIF format,…
-
Code Security with GitHub Code Scanning and CodeQL Custom Queries
For this blog, we’ll enhance the advanced setup in our Instance-Security repo (a Java/Maven project) by creating a custom query pack to test CodeQL’s flexibility. If you haven’t explored our blog on Code Scanning with Advanced CodeQL Setup, we strongly recommend checking it out first, as it’s a prerequisite for following along with this blog.…
-
Code Security with GitHub Code Scanning and Advanced CodeQL Setup
Advanced setup for code scanning is ideal when you need a tailored approach to securing your codebase. By crafting and modifying a workflow file, you can customize the scanning process extensively.
-
Understanding and Setting up Continuous Integration for MyShuttle Using GitHub Actions
Introduction Introduction to GitHub Actions for Automated Workflows: GitHub Actions is an integrated automation platform allowing developers to define, customize, and automate workflows within their GitHub repositories. Using YAML files, developers can automate tasks like building, testing, and deploying software, simplifying complex processes with reusable actions. Benefits of using GitHub Actions for setting up and…
-
Rollback strategy using AWS CodeDeploy
Dive into collaborative coding, envisioning a seamless process where developers’ commits trigger automatic builds, tests, and deployments. Starting with a manual deployment of HTML code on a Nginx web server, we transition into the world of AWS CodePipeline, automating the CI/CD pipeline for our sample code. To add a twist, we deliberately introduce deployment errors,…
-
Using Git LFS to Manage Large File Storage
Git LFS (Huge File Storage) is an open-source Git extension that was created by Atlassian, GitHub, and few other open-source contributors. It minimizes the impact of large files in your repository by downloading the necessary copies of them slowly. Small file storage was the original purpose of Git. Uploading some huge files is necessary in…