Monday, October 10, 2022

Manual Process vs Automation | CICD Process Flow Diagram | How to Implement CICD using Jenkins and Other DevOps tools

Agile Development - Manual Process with No Automation


CICD Process Flow Diagram - How to Implement CICD (Automation) in Agile Development?




What is Continuous Integration?

Continuous integration is a DevOps software development practice where developers regularly merge their code changes into a central repository, after which automated builds and tests are run.

The key goals of continuous integration are to find and address bugs quicker, improve software quality, and reduce the time it takes to validate and release new software updates.

Jenkins is a popular continuous integration tool. Jenkins can integrate with other tools using plug-ins.

How does Continuous Integration Work?

Developers frequently commit to a shared repository using a version control system such as Git. Prior to each commit, developers may choose to run local unit tests on their code as an extra verification layer before integrating. A continuous integration service automatically builds and runs unit tests on the new code changes to immediately surface any errors.

Benefits of Continuous Integration
  • Improve Developers productivity 
  • Find bugs early in the software development stage
  • Deliver products into market place sooner
  • Improve the feedback loop
What is Continuous Delivery?

Continuous delivery is a software development practice where code changes are automatically prepared for a release to production. Continuous delivery is the next extension of continuous integration. The delivery phase is responsible for packaging an artifact together to be delivered to end-users. This phase runs automated building tools to generate this artifact.

Benefits of Continuous Delivery
  • Automate the Software Release Process
  • Improve Developer Productivity
  • Find bugs early in the software development stage
  • Deliver updates faster

Tuesday, October 4, 2022

How to Recover SonarQube Admin password | How to unlock SonarQube admin password in Postgres SQL

Let's say you have setup SonarQube using Docker or Docker Compose, you have forgotten the admin password for SonarQube. This article helps you to reset/recover the admin password. If you changed and then lost the admin password, you can reset it using the following steps.

Watch Steps in YouTube channel:


Pre-requisites:

As we have configured SonarQube using Docker compose, We need to login to PostgreSQL running inside postgres docker container and execute update command to reset to default password.

Step 1: Login to PostgreSQL docker container

type below command to see the list of containers running in your SonarQube instance.

sudo docker ps

Copy the container ID from above command. 

Now login into PostgresSQL docker container

docker exec -it <container_id> /bin/bash

Step 2:  Connect to PostgreSQL database by executing below command:

psql -p 5432 -d sonar -U sonar -h <container_id>

now enter the password for sonarqube database:

from my lab exercise, password for sonar user is admin123

Make sure it shows sonarqube which is your database schema inside PostgresSQL db.

Step 3: Execute the below query to change admin password to default password which is also admin

update users set crypted_password='100000$t2h8AtNs1AlCHuLobDjHQTn9XppwTIx88UjqUm4s8RsfTuXQHSd/fpFexAnewwPsO6jGFQUv/24DnO55hY6Xew==', salt='k9x9eN127/3e/hf38iNiKwVfaVk=', hash_method='PBKDF2', reset_password='true', user_local='true' where login='admin';

Step 4: Login to SonarQube UI and login as admin/admin

Login as admin/admin

Now it will immediately ask you to change the default admin password to something else:

That's it! That is how you recover SonarQube admin password.

References:

https://docs.sonarqube.org/latest/instance-administration/security/

How to Configure GitHub Advanced Security for Azure DevOps | How to Perform Security scan for Azure Repos using GitHub Advanced Security

GitHub Advanced Security for Azure DevOps brings the  secret scanning, dependency scanning  and  CodeQL code scanning  solutions already ava...