-
GitHub Code Scanning Using Third-Party Actions
GitHub’s code scanning helps identify vulnerabilities and errors in your codebase, and while CodeQL is a powerful built-in option, you can also integrate third-party tools for a tailored approach. Configuring code scanning with third-party actions allows you to leverage tools like SonarQube, Checkmarx, or Trivy within GitHub Actions workflows. By uploading results in SARIF format,…
-
Code Security with GitHub Code Scanning and CodeQL Custom Queries
For this blog, we’ll enhance the advanced setup in our Instance-Security repo (a Java/Maven project) by creating a custom query pack to test CodeQL’s flexibility. If you haven’t explored our blog on Code Scanning with Advanced CodeQL Setup, we strongly recommend checking it out first, as it’s a prerequisite for following along with this blog.…
-
Code Security with GitHub Code Scanning and Advanced CodeQL Setup
Advanced setup for code scanning is ideal when you need a tailored approach to securing your codebase. By crafting and modifying a workflow file, you can customize the scanning process extensively.
-
Understanding and Setting up Continuous Integration for MyShuttle Using GitHub Actions
Introduction Introduction to GitHub Actions for Automated Workflows: GitHub Actions is an integrated automation platform allowing developers to define, customize, and automate workflows within their GitHub repositories. Using YAML files, developers can automate tasks like building, testing, and deploying software, simplifying complex processes with reusable actions. Benefits of using GitHub Actions for setting up and…
-
Rollback strategy using AWS CodeDeploy
Dive into collaborative coding, envisioning a seamless process where developers’ commits trigger automatic builds, tests, and deployments. Starting with a manual deployment of HTML code on a Nginx web server, we transition into the world of AWS CodePipeline, automating the CI/CD pipeline for our sample code. To add a twist, we deliberately introduce deployment errors,…
-
Using Git LFS to Manage Large File Storage
Git LFS (Huge File Storage) is an open-source Git extension that was created by Atlassian, GitHub, and few other open-source contributors. It minimizes the impact of large files in your repository by downloading the necessary copies of them slowly. Small file storage was the original purpose of Git. Uploading some huge files is necessary in…