I know you're on paternity leave so feel free to ignore this if you don't want to think about it, but has there been any progress on open-sourcing Tumblr's front-end? Inquiring minds would like to know

i hadn’t seen any progress on it before i left. there’s a strong willingness to do it, it’s just a big task to get it open-source-able in a sustainable way. a lot of our CI/CD processes rely on stuff that would need to be rebuilt from scratch, i think. totally doable, just not a priority.

but maybe there’s been progress since i left, i dunno! 🤞

See eye

I've been making slow progress on Lesson 24 of the Vulkan tutorial ("Images"). Some of the time has been spent deciding between two approaches for loading images: Java's Abstract Window Toolkit or LWJGL's STB library? (In the end, I decided to use AWT because it works with Java streams.) Some of the delay has been caused by distractions, both software-related (Gradle v8.2.1) and otherwise. Also there were bugs in my code, but unfortunately not the sort of bugs that make interesting war stories.

Instead of blogging about what I did and didn't do this week, I'll highlight a small (but important) milestone from last week: setting up continuous integration (CI) at GitHub. (That was commit 3881b184, in case you're following along.)

Continuous integration is a very simple idea: each time you submit a change, it gets integrated immediately, and the entire project gets built in a stable environment, with prompt notification in case the build fails.

"But surely," you think, "An experienced coder like frog707 rebuilds his project for every commit, let alone every push!"

It's true, I rebuild more often than I commit, but only in my dev environment (currently Java 17 on Windows 11). And more importantly, the project I'm building might not match what's in the public repo at GitHub. That's because I follow a relaxed coding style, which means sometimes I have multiple changes in progress at once. For instance, while working on adding a major feature, I might notice some valuable refactoring that needs doing. Rather than waiting until the feature is done, I refactor while the idea is fresh in my mind. The feature and the refactor will of course end up in separate commits, and it's quite possible I'll push them to the public repo separately, or even days apart. That's one way I can break the public repo without realizing it. CI lets me know I screwed up, so I can correct promptly.

Another boo-boo that CI catches for me is when I push changes that build on one platform or Java version but not another.

CI becomes even more important when I'm working as part of a team. In team projects, "breaking the build" might mean that nobody can submit changes, and that's a major disruption!

Continuous Integration (CI) is essential for fast, reliable, and error-free releases. At ITTStar, we implement CI pipelines specifically tailored for financial organizations, ensuring that your deployments are quick and secure. With our expertise, you can accelerate your time-to-market without compromising on security or compliance. Let us help you achieve faster releases while maintaining the highest standards of protection. Get in touch today to discuss how we can streamline your CI pipeline.

Automated Visual Regression Testing With Playwright

New Post has been published on https://thedigitalinsider.com/automated-visual-regression-testing-with-playwright/

Automated Visual Regression Testing With Playwright

Comparing visual artifacts can be a powerful, if fickle, approach to automated testing. Playwright makes this seem simple for websites, but the details might take a little finessing.

Recent downtime prompted me to scratch an itch that had been plaguing me for a while: The style sheet of a website I maintain has grown just a little unwieldy as we’ve been adding code while exploring new features. Now that we have a better idea of the requirements, it’s time for internal CSS refactoring to pay down some of our technical debt, taking advantage of modern CSS features (like using CSS nesting for more obvious structure). More importantly, a cleaner foundation should make it easier to introduce that dark mode feature we’re sorely lacking so we can finally respect users’ preferred color scheme.

However, being of the apprehensive persuasion, I was reluctant to make large changes for fear of unwittingly introducing bugs. I needed something to guard against visual regressions while refactoring — except that means snapshot testing, which is notoriously slow and brittle.

In this context, snapshot testing means taking screenshots to establish a reliable baseline against which we can compare future results. As we’ll see, those artifacts are influenced by a multitude of factors that might not always be fully controllable (e.g. timing, variable hardware resources, or randomized content). We also have to maintain state between test runs, i.e. save those screenshots, which complicates the setup and means our test code alone doesn’t fully describe expectations.

Having procrastinated without a more agreeable solution revealing itself, I finally set out to create what I assumed would be a quick spike. After all, this wouldn’t be part of the regular test suite; just a one-off utility for this particular refactoring task.

Fortunately, I had vague recollections of past research and quickly rediscovered Playwright’s built-in visual comparison feature. Because I try to select dependencies carefully, I was glad to see that Playwright seems not to rely on many external packages.

Setup

The recommended setup with npm init playwright@latest does a decent job, but my minimalist taste had me set everything up from scratch instead. This do-it-yourself approach also helped me understand how the different pieces fit together.

Given that I expect snapshot testing to only be used on rare occasions, I wanted to isolate everything in a dedicated subdirectory, called test/visual; that will be our working directory from here on out. We’ll start with package.json to declare our dependencies, adding a few helper scripts (spoiler!) while we’re at it:

"scripts": "test": "playwright test", "report": "playwright show-report", "update": "playwright test --update-snapshots", "reset": "rm -r ./playwright-report ./test-results ./viz.test.js-snapshots , "devDependencies": "@playwright/test": "^1.49.1"

If you don’t want node_modules hidden in some subdirectory but also don’t want to burden the root project with this rarely-used dependency, you might resort to manually invoking npm install --no-save @playwright/test in the root directory when needed.

With that in place, npm install downloads Playwright. Afterwards, npx playwright install downloads a range of headless browsers. (We’ll use npm here, but you might prefer a different package manager and task runner.)

We define our test environment via playwright.config.js with about a dozen basic Playwright settings:

import defineConfig, devices from "@playwright/test"; let BROWSERS = ["Desktop Firefox", "Desktop Chrome", "Desktop Safari"]; let BASE_URL = "http://localhost:8000"; let SERVER = "cd ../../dist && python3 -m http.server"; let IS_CI = !!process.env.CI; export default defineConfig( testDir: "./", fullyParallel: true, forbidOnly: IS_CI, retries: 2, workers: IS_CI ? 1 : undefined, reporter: "html", webServer: command: SERVER, url: BASE_URL, reuseExistingServer: !IS_CI , use: baseURL: BASE_URL, trace: "on-first-retry" , projects: BROWSERS.map(ua => ( name: ua.toLowerCase().replaceAll(" ", "-"), use: ...devices[ua] )) );

Here we expect our static website to already reside within the root directory’s dist folder and to be served at localhost:8000 (see SERVER; I prefer Python there because it’s widely available). I’ve included multiple browsers for illustration purposes. Still, we might reduce that number to speed things up (thus our simple BROWSERS list, which we then map to Playwright’s more elaborate projects data structure). Similarly, continuous integration is YAGNI for my particular scenario, so that whole IS_CI dance could be discarded.

Capture and compare

Let’s turn to the actual tests, starting with a minimal sample.test.js file:

import test, expect from "@playwright/test"; test("home page", async ( page ) => await page.goto("/"); await expect(page).toHaveScreenshot(); );

npm test executes this little test suite (based on file-name conventions). The initial run always fails because it first needs to create baseline snapshots against which subsequent runs compare their results. Invoking npm test once more should report a passing test.

Changing our site, e.g. by recklessly messing with build artifacts in dist, should make the test fail again. Such failures will offer various options to compare expected and actual visuals:

We can also inspect those baseline snapshots directly: Playwright creates a folder for screenshots named after the test file (sample.test.js-snapshots in this case), with file names derived from the respective test’s title (e.g. home-page-desktop-firefox.png).

Generating tests

Getting back to our original motivation, what we want is a test for every page. Instead of arduously writing and maintaining repetitive tests, we’ll create a simple web crawler for our website and have tests generated automatically; one for each URL we’ve identified.

Playwright’s global setup enables us to perform preparatory work before test discovery begins: Determine those URLs and write them to a file. Afterward, we can dynamically generate our tests at runtime.

While there are other ways to pass data between the setup and test-discovery phases, having a file on disk makes it easy to modify the list of URLs before test runs (e.g. temporarily ignoring irrelevant pages).

Site map

The first step is to extend playwright.config.js by inserting globalSetup and exporting two of our configuration values:

export let BROWSERS = ["Desktop Firefox", "Desktop Chrome", "Desktop Safari"]; export let BASE_URL = "http://localhost:8000"; // etc. export default defineConfig( // etc. globalSetup: require.resolve("./setup.js") );

Although we’re using ES modules here, we can still rely on CommonJS-specific APIs like require.resolve and __dirname. It appears there’s some Babel transpilation happening in the background, so what’s actually being executed is probably CommonJS? Such nuances sometimes confuse me because it isn’t always obvious what’s being executed where.

We can now reuse those exported values within a newly created setup.js, which spins up a headless browser to crawl our site (just because that’s easier here than using a separate HTML parser):

import BASE_URL, BROWSERS from "./playwright.config.js"; import createSiteMap, readSiteMap from "./sitemap.js"; import playwright from "@playwright/test"; export default async function globalSetup(config) // only create site map if it doesn't already exist try readSiteMap(); return; catch(err) // launch browser and initiate crawler let browser = playwright.devices[BROWSERS[0]].defaultBrowserType; browser = await playwright[browser].launch(); let page = await browser.newPage(); await createSiteMap(BASE_URL, page); await browser.close();

This is fairly boring glue code; the actual crawling is happening within sitemap.js:

createSiteMap determines URLs and writes them to disk.

readSiteMap merely reads any previously created site map from disk. This will be our foundation for dynamically generating tests. (We’ll see later why this needs to be synchronous.)

Fortunately, the website in question provides a comprehensive index of all pages, so my crawler only needs to collect unique local URLs from that index page:

function extractLocalLinks(baseURL) let urls = new Set(); let offset = baseURL.length; for(let href of document.links) if(href.startsWith(baseURL)) let path = href.slice(offset); urls.add(path); return Array.from(urls);

Wrapping that in a more boring glue code gives us our sitemap.js:

import readFileSync, writeFileSync from "node:fs"; import join from "node:path"; let ENTRY_POINT = "/topics"; let SITEMAP = join(__dirname, "./sitemap.json"); export async function createSiteMap(baseURL, page) await page.goto(baseURL + ENTRY_POINT); let urls = await page.evaluate(extractLocalLinks, baseURL); let data = JSON.stringify(urls, null, 4); writeFileSync(SITEMAP, data, encoding: "utf-8" ); export function readSiteMap() try var data = readFileSync(SITEMAP, encoding: "utf-8" ); catch(err) if(err.code === "ENOENT") throw new Error("missing site map"); throw err; return JSON.parse(data); function extractLocalLinks(baseURL) // etc.

The interesting bit here is that extractLocalLinks is evaluated within the browser context — thus we can rely on DOM APIs, notably document.links — while the rest is executed within the Playwright environment (i.e. Node).

Tests

Now that we have our list of URLs, we basically just need a test file with a simple loop to dynamically generate corresponding tests:

for(let url of readSiteMap()) test(`page at $url`, async ( page ) => await page.goto(url); await expect(page).toHaveScreenshot(); );

This is why readSiteMap had to be synchronous above: Playwright doesn’t currently support top-level await within test files.

In practice, we’ll want better error reporting for when the site map doesn’t exist yet. Let’s call our actual test file viz.test.js:

import readSiteMap from "./sitemap.js"; import test, expect from "@playwright/test"; let sitemap = []; try sitemap = readSiteMap(); catch(err) test("site map", ( page ) => throw new Error("missing site map"); ); for(let url of sitemap) test(`page at $url`, async ( page ) => await page.goto(url); await expect(page).toHaveScreenshot(); );

Getting here was a bit of a journey, but we’re pretty much done… unless we have to deal with reality, which typically takes a bit more tweaking.

Exceptions

Because visual testing is inherently flaky, we sometimes need to compensate via special casing. Playwright lets us inject custom CSS, which is often the easiest and most effective approach. Tweaking viz.test.js…

// etc. import join from "node:path"; let OPTIONS = stylePath: join(__dirname, "./viz.tweaks.css") ; // etc. await expect(page).toHaveScreenshot(OPTIONS); // etc.

… allows us to define exceptions in viz.tweaks.css:

/* suppress state */ main a:visited color: var(--color-link); /* suppress randomness */ iframe[src$="/articles/signals-reactivity/demo.html"] visibility: hidden; /* suppress flakiness */ body:has(h1 a[href="/wip/unicode-symbols/"]) main tbody > tr:last-child > td:first-child font-size: 0; visibility: hidden;

:has() strikes again!

Page vs. viewport

At this point, everything seemed hunky-dory to me, until I realized that my tests didn’t actually fail after I had changed some styling. That’s not good! What I hadn’t taken into account is that .toHaveScreenshot only captures the viewport rather than the entire page. We can rectify that by further extending playwright.config.js.

export let WIDTH = 800; export let HEIGHT = WIDTH; // etc. projects: BROWSERS.map(ua => ( name: ua.toLowerCase().replaceAll(" ", "-"), use: ...devices[ua], viewport: width: WIDTH, height: HEIGHT ))

…and then by adjusting viz.test.js‘s test-generating loop:

import WIDTH, HEIGHT from "./playwright.config.js"; // etc. for(let url of sitemap) test(`page at $url`, async ( page ) => checkSnapshot(url, page); ); async function checkSnapshot(url, page) // determine page height with default viewport await page.setViewportSize( width: WIDTH, height: HEIGHT ); await page.goto(url); await page.waitForLoadState("networkidle"); let height = await page.evaluate(getFullHeight); // resize viewport for before snapshotting await page.setViewportSize( width: WIDTH, height: Math.ceil(height) ); await page.waitForLoadState("networkidle"); await expect(page).toHaveScreenshot(OPTIONS); function getFullHeight() return document.documentElement.getBoundingClientRect().height;

Note that we’ve also introduced a waiting condition, holding until there’s no network traffic for a while in a crude attempt to account for stuff like lazy-loading images.

Be aware that capturing the entire page is more resource-intensive and doesn’t always work reliably: You might have to deal with layout shifts or run into timeouts for long or asset-heavy pages. In other words: This risks exacerbating flakiness.

Conclusion

So much for that quick spike. While it took more effort than expected (I believe that’s called “software development”), this might actually solve my original problem now (not a common feature of software these days). Of course, shaving this yak still leaves me itchy, as I have yet to do the actual work of scratching CSS without breaking anything. Then comes the real challenge: Retrofitting dark mode to an existing website. I just might need more downtime.

AI in DevSecOps: Revolutionizing Security Testing and Code Analysis

DevSecOps, short for Development, Security, and Operations, is an approach that integrates security practices within the DevOps workflow. You can think of it as an extra step necessary for integrating security. Before, software development focused on speed and efficiency, often delaying security to the final stages.  

However, the rise in cyber threats has made it essential to integrate security into every phase of the software lifecycle. This evolution gave rise to DevSecOps, ensuring that security is not an afterthought but a shared responsibility across teams. 

From DevOps to DevSecOps: The Main Goal 

The shift from DevOps to DevSecOps emphasizes applying security into continuous integration and delivery (CI/CD) pipelines. The main goal of DevSecOps is to build secure applications by automating security checks. This approach helps in fostering a culture where developers, operations teams, and security experts collaborate seamlessly.  

How is AI Reshaping the Security Testing & Code Analysis Industry? 

Artificial intelligence and generative AI are transforming the landscape of security testing and code analysis by enhancing precision, speed, and scalability. Before AI took over, manual code reviews and testing were time-consuming and prone to errors. AI-driven solutions, however, automate these processes, enabling real-time vulnerability detection and smarter decision-making. 

Let’s look at how AI does that in detail:  

AI models analyze code repositories to identify known and unknown vulnerabilities with higher accuracy. 

Machine learning algorithms predict potential attack vectors and their impact on applications. 

AI tools simulate attacks to assess application resilience, saving time and effort compared to manual testing. 

AI ensures code adheres to security and performance standards by analyzing patterns and dependencies. 

As you can imagine, there have been several benefits of this:  

Reducing False Positives: AI algorithms improve accuracy in identifying real threats. 

Accelerating Scans: Traditional methods could take hours, but AI-powered tools perform security scans in minutes. 

Self-Learning Capabilities: AI systems evolve based on new data, adapting to emerging threats. 

Now that we know about the benefits AI has, let’s look at some challenges AI could pose in security testing & code analysis: 

AI systems require large datasets for training, which can expose sensitive information if not properly secured. This could cause disastrous data leaks.  

AI models trained on incomplete or biased data may lead to blind spots and errors. 

While AI automates many processes, over-reliance can result in missed threats that require human intuition to detect. 

Cybercriminals are leveraging AI to create advanced malware that can bypass traditional security measures, posing a new level of risk. 

Now that we know the current scenario, let’s look at how AI in DevSecOps will look like in the future:  

The Future of AI in DevSecOps 

AI’s role in DevSecOps will expand with emerging trends as:  

Advanced algorithms will proactively search for threats across networks, to prevent attacks. 

Future systems will use AI to detect vulnerabilities and automatically patch them without human intervention. 

AI will monitor user and system behavior to identify anomalies, enhancing the detection of unusual activities. 

Integrated AI platforms will facilitate seamless communication between development, operations, and security teams for faster decision-making. 

AI is revolutionizing DevSecOps by making security testing and code analysis smarter, faster, and more effective. While challenges like data leaks and algorithm bias exist, its potential is much more than the risks it poses.  

To learn how our AI-driven solutions can elevate your DevSecOps practices, contact us at Nitor Infotech. 

https://elmar-dott.com/articles/bottleneck-pull-requests/

Master DevOps: Your Complete Guide and Roadmap | DevOps Online Training

Introduction to DevOps

In today's rapidly evolving technological landscape, the need for streamlined and efficient software development practices has never been greater. Enter DevOps—a culture, philosophy, and set of practices that bring development (Dev) and operations (Ops) together to improve collaboration, integration, and automation throughout the software development lifecycle. DevOps is not just a buzzword; it's a transformative approach that enables organizations to deliver high-quality software faster and more reliably. If you're looking to build a career in this field, DevOps Online Training is your gateway to mastering the skills required to excel in this domain.

What is DevOps?

DevOps is a combination of practices, tools, and cultural philosophies designed to increase an organization's ability to deliver applications and services at high velocity. By breaking down the traditional silos between development and operations teams, DevOps fosters a culture of collaboration, where both teams work together throughout the entire software development lifecycle. This collaboration leads to faster development, more frequent deployment of updates, and higher overall software quality.

At its core, DevOps emphasizes automation, continuous integration, continuous delivery (CI/CD), and monitoring. The goal is to minimize manual intervention, reduce errors, and improve the efficiency of software development and deployment. Through DevOps Online Training, you can learn how to implement these practices in real-world scenarios, making you an invaluable asset to any tech organization.

How DevOps Works

DevOps is built on a set of principles and practices that enable organizations to build, test, and deploy software rapidly and efficiently. Here's how DevOps works in practice:

1. Continuous Integration and Continuous Deployment (CI/CD)

Continuous Integration (CI) is the practice of merging code changes frequently, often multiple times a day, into a shared repository. Automated testing is then conducted to identify and resolve issues early in the development process. Continuous Deployment (CD) takes this a step further by automatically deploying code changes to production after passing the CI pipeline. Together, CI/CD reduces the time between writing code and delivering it to customers, ensuring that software updates are released frequently and reliably.

2. Automation

Automation is a critical component of DevOps. From building and testing code to deploying and monitoring applications, automation helps streamline the entire software development lifecycle. By automating repetitive tasks, teams can focus on more strategic activities, such as optimizing code and improving system performance. Automation tools like Jenkins, Ansible, and Puppet are commonly used in DevOps to create efficient, repeatable processes.

3. Infrastructure as Code (IaC)

Infrastructure as Code (IaC) is the practice of managing and provisioning computing infrastructure through machine-readable scripts rather than manual processes. This approach allows teams to automate the setup and configuration of environments, ensuring consistency across development, testing, and production stages. Tools like Terraform and AWS CloudFormation are popular choices for implementing IaC.

4. Monitoring and Logging

Effective monitoring and logging are essential to maintaining the health and performance of applications in a DevOps environment. By continuously monitoring systems and capturing logs, teams can identify and resolve issues before they impact end-users. Tools like Prometheus, Grafana, and ELK Stack are widely used for monitoring and logging in DevOps.

5. Collaboration and Communication

DevOps is as much about culture as it is about technology. A key aspect of DevOps is fostering a culture of collaboration and communication between development, operations, and other stakeholders. This collaboration ensures that everyone is aligned with the project's goals and that issues are addressed quickly. Tools like Slack, Microsoft Teams, and Jira facilitate communication and collaboration in a DevOps environment.

6. Security in DevOps (DevSecOps)

As security becomes increasingly important in software development, DevOps practices have evolved to include security as a core component. DevSecOps integrates security into every stage of the software development lifecycle, ensuring that security vulnerabilities are identified and addressed early in the process. By adopting DevSecOps practices, organizations can build more secure applications without compromising on speed and agility.

The Roadmap to Becoming a DevOps Engineer

Becoming a DevOps engineer requires a combination of technical skills, practical experience, and a deep understanding of DevOps principles. Here's a step-by-step roadmap to guide you on your journey:

1. Understand the Basics of DevOps

Before diving into specific tools and technologies, it's important to understand the fundamental principles of DevOps. Learn about the core concepts of CI/CD, automation, IaC, and monitoring. DevOps Online Training can provide you with a solid foundation in these areas, helping you grasp the essential elements of DevOps.

2. Gain Proficiency in Programming and Scripting

A strong foundation in programming and scripting is essential for a DevOps engineer. Start by learning a programming language like Python, Ruby, or Go, as well as scripting languages like Bash or PowerShell. These skills will enable you to automate tasks, write custom scripts, and work with various DevOps tools.

3. Master Version Control Systems

Version control systems (VCS) like Git are critical to DevOps practices. Learn how to use Git for version control, branching, and merging code. Understand how to collaborate with other developers using GitHub, GitLab, or Bitbucket. Version control is a fundamental skill that every DevOps engineer must possess.

4. Get Hands-On with CI/CD Tools

CI/CD is at the heart of DevOps, so gaining hands-on experience with CI/CD tools is crucial. Learn how to set up and configure Jenkins, CircleCI, or Travis CI to automate the build, test, and deployment processes. DevOps Online Training often includes practical labs and exercises that allow you to practice using these tools in real-world scenarios.

5. Learn About Infrastructure as Code (IaC)

IaC is a key practice in DevOps, enabling teams to manage and provision infrastructure programmatically. Familiarize yourself with IaC tools like Terraform, AWS CloudFormation, and Ansible. Learn how to write scripts that automate the creation and configuration of infrastructure, ensuring consistency across environments.

6. Develop Cloud Computing Skills

Cloud computing is an integral part of DevOps, as it provides the scalability and flexibility needed for modern software development. Gain proficiency in cloud platforms like AWS, Azure, or Google Cloud. Learn how to deploy applications to the cloud, manage cloud resources, and work with cloud-based DevOps tools.

7. Enhance Your Automation Skills

Automation is a cornerstone of DevOps, so it's essential to master automation tools and techniques. Learn how to automate tasks using tools like Jenkins, Puppet, and Chef. Understand how to create automated workflows that integrate with other DevOps tools and processes.

8. Learn About Monitoring and Logging

Effective monitoring and logging are crucial for maintaining the health of applications in a DevOps environment. Familiarize yourself with monitoring tools like Prometheus and Grafana, as well as logging tools like the ELK Stack. Learn how to set up monitoring dashboards, create alerts, and analyze logs to identify and resolve issues.

9. Embrace DevSecOps Practices

Security is a critical aspect of DevOps, and understanding DevSecOps practices is essential for a successful career in this field. Learn how to integrate security into the CI/CD pipeline, conduct security testing, and implement security best practices throughout the software development lifecycle.

10. Gain Practical Experience

Theory alone is not enough to become a proficient DevOps engineer. Hands-on experience is crucial. Work on real-world projects, contribute to open-source DevOps projects, or participate in internships. Practical experience will help you apply the skills you've learned and build a portfolio that showcases your expertise.

11. Obtain DevOps Certifications

Certifications can validate your skills and make you stand out in the job market. Consider obtaining certifications like AWS Certified DevOps Engineer, Google Cloud DevOps Engineer, or Microsoft Certified: Azure DevOps Engineer Expert. These certifications demonstrate your proficiency in DevOps practices and tools.

12. Stay Updated with Industry Trends

The field of DevOps is constantly evolving, with new tools and practices emerging regularly. Stay updated with industry trends by reading blogs, attending conferences, and participating in online communities. DevOps Online Training programs often include updates on the latest trends and tools in the industry.

13. Build a Strong Professional Network

Networking is important in any career, and DevOps is no exception. Join DevOps communities, attend meetups, and connect with other professionals in the field. Building a strong network can lead to job opportunities, collaborations, and valuable insights.

14. Prepare for DevOps Interviews

As you near the end of your learning journey, it's time to prepare for DevOps interviews. Practice common DevOps interview questions, participate in mock interviews, and review your projects and experiences. DevOps Online Training programs often include interview preparation sessions to help you succeed in landing your first DevOps job.

Conclusion

DevOps is a powerful approach that has revolutionized the way software is developed, tested, and deployed. By fostering collaboration between development and operations teams and leveraging automation, CI/CD, and cloud computing, DevOps enables organizations to deliver high-quality software at a rapid pace. Whether you're just starting your career or looking to transition into the field, DevOps Online Training can provide you with the skills and knowledge needed to succeed as a DevOps engineer.

By following the roadmap outlined in this article, you can develop the technical expertise, practical experience, and industry knowledge required to excel in DevOps. Remember to stay updated with the latest trends, build a strong network, and continuously improve your skills.

Future Of AI In Software Development

The usage of AI in Software Development has seen a boom in recent years and it will further continue to redefine the IT industry. In this blog post, we’ll be sharing the existing scenario of AI, its impacts and benefits for software engineers, future trends and challenge areas to help you give a bigger picture of the performance of artificial intelligence (AI). This trend has grown to the extent that it has become an important part of the software development process. With the rapid evolvements happening in the software industry, AI is surely going to dominate.

Read More

Loving Travis

For most of my open-source software projects, I use the Actions platform built into GitHub for CI (continuous integration). GitHub Actions provides virtual machines to run workflows, so I don't have to administer build environments for Linux, MacOS, Windows, and so on. It's modern, convenient (if you use GitHub instead of, say, GitLab), fairly reliable, and (best of all) free (for public repos).

For me, the main limitation of Actions is that all their hosted runners use the x64 architecture. Sometimes I want to build and/or test on Arm CPUs---for instance my Libbulletjme project, which has a bunch of platform-sensitive C++ code.

For Libbulletjme, I still depend on the older TravisCI platform, run by a private firm in Berlin. In addition to a huge selection of build environments based on AMD CPUs, Travis also provides Arm-based Linux environments. (Officially, they're a "beta-stage" feature, but they've been in beta for years.) Like Actions, Travis is also free to open-source projects, though their notion of "open-source" seems a bit stricter than GitHub's.

I mention Travis because my experiments with the Vulkan API exposed a limitation in Libbulletjme, which led me to begin work on a new release of Libbulletjme, which led me to discover an issue with Travis's Arm-based build environments. A recent change to these environments caused all my Arm-based builds to fail. I could only go a bit further with Vulkan before I would have to make hard choices about how to work around the limitations of Libbulletjme v18.5.0 .

At 20:09 hours UTC yesterday (a Sunday), I e-mailed TravisCI customer support and explained my issue. At 12:25 hours UTC today, Travis announced a hotfix to solve my issue. That's pretty good turnaround, for a non-paying customer having issues with a "beta-stage" feature on a summer weekend.

Bottom line: I still love Travis. <3

Jenkins Docker Compose Install and Configuration

Jenkins Docker Compose Install and Configuration #devops #jenkins #cicd #continuousintegration #continuousdeployment #dockercompose #docker #kubernetes #traefik #ingress #jenkinsagent #jenkinsssh #homelab #homeserver #virtualizationhowto #virtualization

I have been experimenting with many different continuous integration and continuous deployment tools in the home lab. Recently, I have been using GitLab for most of my workflows. However, I have played around with Jenkins in the past and want to get an instance back in the lab environment for comparison with GitLab. In this post, we will look at content around how to install and configure a…

View On WordPress

Streamline Your Software Delivery with Goognu’s DevOps Consulting Services

At Goognu, we understand the critical role that DevOps plays in ensuring efficient and reliable software delivery. Our DevOps Consulting Services are designed to empower organizations with the knowledge, tools, and best practices needed to streamline their development and operations processes.

Best 3 internal developer portals of 2025 - AI News

New Post has been published on https://thedigitalinsider.com/best-3-internal-developer-portals-of-2025-ai-news/

Best 3 internal developer portals of 2025 - AI News

What is an internal developer portal?

An internal developer portal (IDP) is a centralised, self-service platform built in organisations to provide developers with everything they need to develop, deploy, and maintain software. Imagine it as a ‘one-stop shop’ where internal teams can access documentation, APIs, tools, services, best practices, and deployment pipelines.

IDPs eliminate reliance on manual processes and slow-moving communication by letting developers independently pull resources, thereby speeding up workflows and focusing on what matters most – building robust applications.

IDPs are often tied to the concept of platform engineering, which centralises software infrastructure, automation, and tools to maximise developer efficiency and collaboration.

Top 3 Internal Developer Portals

1. Port

Port Internal Developer Platform stands out as an internal developer portal that reimagines developer workflows through its approach to platform engineering. Unlike traditional tools that offer fragmented solutions, Port provides a holistic platform that integrates service catalogue management, self-service capabilities, and comprehensive workflow automation.

The platform’s strength lies in its developer-centric design. Port understands that each organisation has unique technological ecosystems, and therefore offers customisable interfaces that can be tailored to specific organisational needs. Its robust service catalogue goes beyond documentation, offering interactive, context-aware information that helps developers make informed decisions quickly.

One of Port’s most compelling features is its approach to developer self-service. The platform eliminates traditional bottlenecks by empowering developers to provision resources, manage environments, and execute complex workflows with minimal friction. Through intelligent automation and well-defined guardrails, Port ensures that self-service capabilities remain secure and aligned with organisational standards.

2. Cycloid

Cycloid emerges as a powerful internal developer portal that transcends traditional boundaries between development, operations, and infrastructure teams. Its unique value lies in creating a unified, collaborative environment that promotes transparency, efficiency, and innovation.

At the heart of Cycloid’s offering is its comprehensive infrastructure management approach. The platform provides a unified interface for managing complex, multi-cloud environments, allowing teams to provision, configure, and monitor resources across different cloud providers and on-premises infrastructure seamlessly.

Cycloid’s strength is its emphasis on infrastructure-as-code (IaC) principles. By letting teams define and manage infrastructure through code, the platform ensures consistency, reproducibility, and version control of infrastructure configurations. This approach reduces configuration drift and enhances overall system reliability.

The platform also distinguishes itself through its continuous delivery capabilities. Cycloid offers pipeline management tools that support deployment scenarios, including multi-stage releases, canary deployments, and sophisticated rollback mechanisms. The features provide development teams with unprecedented flexibility and control over their software delivery processes.

Another notable aspect of Cycloid is its commitment to security and compliance. The platform integrates comprehensive security scanning, compliance checking, and governance frameworks directly into the development workflow. The proactive approach ensures that security considerations are not an afterthought but an integral part of the development process.

3. Roadie.io

Roadie.io represents a modern, cloud-native approach to internal developer portals, focusing on simplicity, extensibility, and rapid value delivery. Built on the popular Backstage open-source framework, Roadie.io offers a sophisticated yet intuitive platform that accelerates developer productivity and organisational efficiency.

The platform’s core strength is its plugin-based architecture, which allows unprecedented customisation and extensibility. Unlike monolithic solutions, Roadie.io lets organisations build a developer portal that matches their technological ecosystem. Developers can integrate various tools, services, and workflows through a plugin system.

Roadie.io’s service catalog is impressive, offering more than static documentation. The platform provides interactive, context-aware service information that helps developers understand complex system relationships, dependencies, and operational status at a glance. The rich, dynamic approach to service documentation significantly reduces cognitive load and speeds up problem-solving.

Another feature is Roadie.io’s emphasis on developer experience. The platform offers intuitive, user-friendly interfaces that make complex technological interactions feel simple and straightforward. From self-service infrastructure provisioning to sophisticated workflow automation, Roadie.io prioritises ease of use without compromising on advanced capabilities.

The platform’s approach to software lifecycle management means it provides comprehensive tools for tracking software health, managing technical debt, and ensuring long-term system maintainability. By offering insights into service performance, dependency management, and potential improvement areas, the platform supports continuous technological evolution.

Key features that define exceptional internal developer portals

The most effective internal developer portals are characterised by a comprehensive set of features that address the multifaceted needs of modern software development teams:

Comprehensive service catalogue

A robust service catalogue serves as the backbone of an internal developer portal. It provides detailed information about all existing services, including their purpose, technical specifications, ownership, dependencies, and current status. Developers can quickly understand the technological landscape and make informed decisions about service interactions and potential modifications.

Self-service infrastructure provisioning

Modern developer portals give teams self-service capabilities for infrastructure provisioning. Developers can request and configure development environments, databases, and other resources without waiting for manual approvals or intervention from operations teams. The capability significantly accelerates development cycles and reduces administrative overhead.

Integrated documentation and knowledge management

Internal developer portals offer documentation systems that go beyond static wikis. They provide dynamic, interconnected documentation that evolves with the software ecosystem, including automatic API documentation generation, version tracking, and contextual guidance.

Advanced monitoring and observability

Monitoring capabilities allow developers to track the health and performance of services. These features include metrics visualisation, log aggregation, trace analysis, and intelligent alerting mechanisms that help teams identify and address potential issues.

Streamlined workflow automation

Workflow automation features enable teams to create, manage, and optimise complex development pipelines. From continuous integration and continuous deployment (CI/CD) configurations to automated testing and security scanning, these capabilities ensure consistent and reliable software delivery.

The future of software development

As technological landscapes evolve, internal developer portals will become important infrastructure for organisations. They represent more than technological solutions – they are starting points for transformation, promoting collaboration, innovation, and continuous improvement.

The future of software development is collaborative, transparent, and increasingly automated. Internal developer portals are part of this transformation, letting teams achieve better levels of efficiency, creativity, and excellence.

(Image source: Unsplash)

On Being Directive

Or why you should avoid customizations in IT projects Photo by Nick Chong on Unsplash As you may or may not know, I have been working in fintech for some time now and the experience has been interesting to say the least. I have learnt a trick or two on the way, nothing too disruptive, but still, interesting ideas, concepts or insights on the industry, which I like to share on my blog. Like…

View On WordPress