Collaborate Disseminate
I want to integrate OWASP Zap security tests in my continuous integration chain using the official Jenkins plugin.
However, since it injects harmful payloads in database, I don’t want the database to become corrupted! And it… Continue reading Owasp Zap’s active scan harming the database
I am asked to integrate the code audit tool HP Fortify in our development process, but the main constraint about it is that the whole code should not be scanned every time: only the classes impacted by the last backlog item s… Continue reading HP Fortify scan automation
You patched the operarting system, you patched your apps, but did you patch your plugins? Continue reading Malware, Sir? Jenkins ‘software butler’ tool gets many security fixes
I’ve set up a server running Jenkins. The web-interface doesn’t have SSL/TLS support turned on by default, and I have not attempted to turn it on, and do not want to turn it on (for now at least).
When I set this server up, … Continue reading ERR_SSL_PROTOCOL_ERROR on a site that doesn’t use SSL/TLS, on an odd port
I’ve set up a server running Jenkins. The web-interface doesn’t have SSL/TLS support turned on by default, and I have not attempted to turn it on, and do not want to turn it on (for now at least).
When I set this server up, … Continue reading ERR_SSL_PROTOCOL_ERROR on a site that doesn’t use SSL/TLS, on an odd port
Jenkins is open-source automation software that tries to automate parts of the software development process. When you submit code, for example, Jenkins will grab it, build the project with it and run any tests on it. If you have a large number of people submitting new code or data, Jenkins will wait and grab a bunch of the submissions to build. Depending on the size of the project, this can take a while, and if there’s a problem, you need to know quickly so that people aren’t waiting on a broken build. Email’s fine for this, but [dkt01] saw one …read more
When you have a large software development team working on a project, monitoring the build server is an important part of the process. When a message comes in from your build servers, you need to take time away from what you’re doing to make sure the build’s not broken and, if it’s broken because of something you did, you have to stop what you’re doing, start fixing it and let people know that you’re on it.
[ridingintraffic]’s team uses Jenkins to automatically build their project and if there’s a problem, it sends a message to a Slack channel. This means …read more
Continue reading Jenkins and Slack Report Build Failure! Light the Beacons!
