Continuous Integration & DeliveryThe automation of builds, tests, reports and deployments ensures stable updates, provides better insight into the code and its dependencies and also ensures greater protection of the source code and compiled assets. Suitable systems and tool(chain)s can help here. |
As the number of developed components increases, a consistent build process becomes increasingly important. Version differences in the language used or different setups on the developer machines can lead to incorrect results and build artifacts.
The integration of external libraries into your own code is absolutely common. However, these libraries should also be examined more closely. After all, their functionalities are integrated into your own application. A developer can secure his own code, but cannot change gaps that have crept into the code with external libraries. Checking the build manifests of the respective language used and language-specific linters reduces the probability of imported security vulnerabilities and highlights corresponding problems at an early stage.
The code itself should be written according to certain conventions that are common to all programming languages. Compliance with these coding guidelines not only ensures generally standardized code, but also enables new developers to quickly get started with existing software. With additional code analyses, e.g. cyclomatic complexity, you can prevent unnecessarily complex code, which is difficult to maintain, at an early stage. Automatically executed unit tests should always be executed and checked if available.
The list of options for maintaining and analyzing your own code is long and is usually accompanied by a whole toolchain of helpers. I support you with the setup of suitable CI/CD systems and their configuration, the development of build pipelines and workflows through to artifact management and deployment.
The code has been written and compiled, checked for integration environments and the corresponding artifacts are ready on a server. But how exactly does the new software get to the production environment in the most reliable and secure way? Who has full access to the production servers and the corresponding credentials required for setup?
The most common way (in most SMEs) is a developer who is trusted accordingly. The new components are pushed to the server manually on the command line and the corresponding configuration files are maintained manually. This may work for a while, but sooner or later it will become a problem. CI/CD systems also offer various tools and options for automating precisely these steps.
I support you in planning and implementing an automated deployment. This means that the installation of a new release or updated software can also be carried out by non-developers at the touch of a button.