4d ago · 3 min read · I thought my CI/CD pipeline was complete. Build ✔Docker ✔Deployment ✔ Everything was working end to end. Then I added one more step: Code quality. Introducing Code Quality into the Pipeline To make t
Join discussion
Mar 29 · 5 min read · "If you can't measure it, you can't secure it." In this post, I’m pulling back the curtain on the EduConnect CI/CD pipeline. We aren't just looking at code; we are looking at real-time security telem
Join discussion
Mar 29 · 10 min read · Finding a bug in production costs significantly more to fix than catching it during development. This is the core argument behind shift-left testing, the practice of moving quality checks earlier in t
Join discussionMar 23 · 5 min read · Introduction When managing multiple application pipelines using Devtron — an open-source Kubernetes-native CI/CD platform — teams often need a consistent way to enforce code quality standards across a
Join discussionMar 19 · 21 min read · Introduction Hello everyone, and welcome to my very first blog post! In this post, I’ll be starting with a foundational task in DevSecOps. For those of you new to this world, DevSecOps is simply the p
Join discussion
Mar 3 · 8 min read · Static Analysis Beyond Linting: CodeQL, Semgrep, SonarQube, and Snyk Code Linters enforce style. Static analysis finds bugs. The difference matters. ESLint will tell you about unused variables and inconsistent formatting. CodeQL will tell you that us...
Join discussionMar 1 · 6 min read · Real‑world DevOps implementation in a corporate Azure environment with private networking, PostgreSQL, NSG, and firewall troubleshooting. 📌 Introduction In most enterprise environments, Azure Virtu
Join discussionFeb 12 · 9 min read · Why Traditional Quality Gate Implementations Fail Most organizations implement SonarQube quality gates using the simplest possible approach: run analysis, check status, fail build if quality gate fails. This naive implementation breaks down under mod...
Join discussionFeb 6 · 16 min read · Basic security terms for the course SAST, SCA, DAST, IAST SAST: Static Application Security Testing (Code review for your own code)-> white box testing SCA: Software Composition Analysis (Background check of external libraries you use) DAST: Dynam...
Join discussion
