In this blog we have listed Selinium Tips for CSS Selector and a Pseudo Class that will convert your Xpath Locators to CSS....Read More
In this blog post article, our aim is to focus on Continuous Integration/ Continuous Delivery tools.
For using a CI/ CD Pipeline, the first and foremost thing is to get the infrastructure in place. For a CI/CD pipeline, we need to install 15 tools that we have divided into six categories:
In this blog post, we will discuss tools from the first three categories: Source Code Repository, Continuous Integration Server, Continuous Integration Software.
Source Code Repository: Source Code Repository is used as a place to manage source codes. It is a place that is used to take source code from: for processing, building, testing, deploying and so on. You can select from a SaaS service like GitHub or choose from a self-hosted service like GitLab and install it on your server.
Download Link: https://github.com/
Download Link: https://about.gitlab.com/install/
Continuous Integration Server: This aims at providing a way to visualize the workflows.
Download Link: https://www.gocd.org/download/
Download Link: https://www.atlassian.com/software/bamboo
Download Link: http://integrity.github.io/
Continuous Integration Software: These software aids at the implementation of CI/CD Pipeline.
Download Link: https://jenkins.io/download/
Download Link: https://semaphoreci.com
4. Code Quality Tools: Code Quality Tools are helpful in displaying the quality of the code in terms of code coverage, test failures, static code analysis and so on.
FindBugs is free software that aims at finding bugs in the java code by doing static analysis. It can analyze Java programs compiled from any version ranging from 1.0 to 1.8.
a. Potential errors are classified into 4 ranks:
iv) of concern.
This provides a hint to developers regarding the level of severity.
b. This tool operates on Java Byte core rather than on source code.
Download Link: http://findbugs.sourceforge.net
CheckMarx is a software to manage software exposure at the speed of DevOps.
i. Gain Full Visibility: Get complete visibility into your software everywhere.
ii. Evaluate exposure with Comprehensive Platform: Measure exposure using a platform that unifies all the security aspects.
iii. Determine Acceptable Risk: Determine and Define the acceptable risk policies across your portfolio.
iv. Secure Your Entire SDLC: Secure all the SDLC phases starting with requirements phase covering all the phases Code, Build and Test.
Download Link: https://info.checkmarx.com/request-a-demo
Checkstyle is a tool that helps developers to write a Java code conforming to the coding standards.
i. Automates the task of checking the Java code. Thus, responsible for conducting the static analysis of the Java code to check whether it conforms to the coding standards.
ii. Checkstyle can be made to conform to any coding standard.
iii. It has a feature that allows for checking the code layout and formatting issues.
iv. It is capable of finding class design problems and method design problems.
Download Link: https://github.com/checkstyle/checkstyle/releases/
PMD is an extensible static source code analyser.
i. It is designed to find programming flaws like- empty cache block, unnecessary object creation, unused variable, unclean object and many more.
iii. It also includes Copy Paste Detector- which is responsible for finding duplicate code in Java, C, C++, C#, and many more programming languages.
Download Link: https://pmd.github.io/
CircleCI helps to automate the development process quickly, safely and at scale. This tool reduces bugs and improves the overall quality of the application.
i. It allows selecting the build environment.
iii. It has a feature where pending builds- queued or running builds are canceled when the new build is triggered.
iv. This tool does not allow non admin users to modify critical project settings.
5. Binary Repository Manager: Binary Repository Manager is basically used to store binary artifacts, where the same artifact can be run multiple times in many environments. As it is faster to deploy already created binaries than creating new ones.
Archiva is an extensible repository manager that takes care of a person or enterprise-wide built-artifact repository.
i. A perfect companion for tools like ANT, MAVEN, etc.
ii. It provides features like remote repository proxying, built artifact storage, delivering, browsing, indexing and usage reporting, etc.
Download Link: http://archiva.apache.org/index.cgi
b. Sonatype Nexus Repository:
Sonatype Nexus Repository is used to manage and build binaries across your software supply chain.
i. Compatible with popular tools like Eclipse, Hudson, Jenkins, etc.
ii. Advance support for JVM Ecosystem, including Gradle, Ant, Maven, and Ivy.
iii. It provides support for encrypting SSL Communication, thus securing the development.
iv. Now it is possible to view components that need remediation, ones that are prioritized by the severity of the vulnerability.
v. Repository Health Checkup provides up-to-date component intelligence.
Download Link: https://www.sonatype.com/product-nexus-repository
6. Communication Tools: Communication tool is very crucial for the smooth functioning of the SDLC. It enables an immediate reaction, thus saving time.
Rocket.Chat is a free, unlimited, open-source Team communication tool.
i. It can be a substitute for Email: All you need to do is to open a conversation and remove the need to CC/ BCC by using Channels and Private Groups. Address the relevant participants by using @username.
ii. Secure Conversations: It provides a safe workplace with username restrictions and admin transparency.
iii. Free audio and video conferencing are provided.
iv. Other features like screen sharing, file sharing, LDAP Group Sync, two-factor authentication and many more are provided.
Slack aims at giving your team power and alignment they need to work best.
i. Slack brings all communication together- a single place for messaging, tools and files.
ii. There is a channel for every conversation- team members can leave or join the channel as needed, channels can be divided by team, project, client.
iii. It supports integrated file sharing.
With this, we are done with the few most popular Tools for CI/ CD Pipeline. I hope you must have understood why we have categorised them.