Home / Companies / Codefresh / Blog / October 2017

October 2017 Summaries

3 posts from Codefresh

Filter
Month: Year:
Post Summaries Back to Blog
Automated deployment is crucial for maintaining application security, as exemplified by "Experian's Law," which suggests that the inability to quickly and confidently push changes can lead to vulnerabilities, illustrated by the infamous Experian security breach. Containers play a significant role in integrating infrastructure changes into the application release process, with tools like Codefresh facilitating the management of both application code and container dependencies. By treating containers as integral components, Codefresh allows teams to validate application and infrastructure changes simultaneously, deploying images containing everything needed for a service to run. This approach streamlines the traditionally separate processes of managing OS updates and application changes, as demonstrated by the need for timely updates to Apache Struts in the Experian case. However, automation alone is not a panacea for security concerns; it is part of a comprehensive security strategy that also speeds up development processes, indicating the potential benefits of using Codefresh for those seeking efficiency and enhanced security.
Oct 31, 2017 469 words in the original blog post.
Microservice integration testing presents challenges as services need to operate together despite the modular nature of microservices, making traditional end-to-end testing less valuable due to complexity and false negatives. Consumer-Driven Contract (CDC) testing offers a solution by allowing consumers to define expected service interactions, shifting integration responsibilities to providers and enhancing collaboration across geographically dispersed teams. CDC testing frameworks like Pact and Spring Cloud Contract facilitate this process by enabling the definition and verification of service contracts within CI/CD pipelines. Pact, in particular, supports multiple programming languages, making it suitable for polyglot microservices environments. In practice, developers create consumer tests that specify interactions with provider services, generating a contract file that is shared and verified by the provider, ensuring that service interactions remain consistent and reliable. This approach supports continuous delivery and short feedback loops while maintaining service integrity despite independent development cycles.
Oct 09, 2017 1,302 words in the original blog post.
The text discusses the challenges of maintaining high-quality software systems in the face of increasing complexity, changing requirements, and inevitable failures, highlighting the limitations of traditional testing methods in addressing these issues. It introduces Chaos Engineering as a proactive approach to resilience testing, emphasizing its role in intentionally disrupting systems to identify vulnerabilities and improve stability. The article specifically focuses on a tool called Pumba, designed for chaos testing in Docker environments, which allows users to simulate various failures and network conditions to test the robustness of their systems. The author shares the motivation behind creating Pumba and its functionalities, encouraging software engineers to embrace chaos testing to enhance system reliability.
Oct 04, 2017 1,368 words in the original blog post.