Docker lifecycle automation and testing with Ruby in AWS

My friend and colleague, Stephen Goncher and I got to spend some real time recently implementing a continuous integration and continuous delivery pipeline using only Ruby. We were successful in developing a new module in our pipeline gem that handles many of the docker engine needs without having to skimp out on testing and code Read more…

Migrating from ServerSpec to InSpec

Key Benefits OS and CM agnostic InSpec runtime is faster than ServerSpec DRY – Componentization of test suites using shared InSpec Profiles Removes downloading of Gem files on every test execution Quick to Change from ServerSpec to InSpec CLI binary available to run tests from CI/CD Allows usage of community test suites Allows usage of Read more…

Stelligent Bookclub: “Working Effectively with Legacy Code” by Michael Feathers

If you’re a member of the tech industry then you’ve probably had to work with legacy code — those ancient systems that just hold everything together. Not every project is greenfield, thus “Working Effectively with Legacy Code” by Michael Feathers is a book that has a reputation that would provide a good insight into how Read more…

Introduction to ServerSpec: What is ServerSpec and How do we use it at Stelligent? (Part1)

In this three-part series, I’ll explain ServerSpec infrastructure testing and how we use it at Stelligent, provide some concrete examples demonstrating how we use it at Stelligent, and discuss how Stelligent has extended Serverspec with custom AWS resources and matchers. We will also walk through writing some new matchers for an AWS resource. If you’re Read more…

Security Integration Testing (Part 3): Integrating with a Continuous Delivery pipeline

Continuous Security: Security in the Continuous Delivery Pipeline is a series of articles addressing security concerns and testing in the Continuous Delivery pipeline. This is the seventh article in the series. Introduction The purpose of this blog series is to show how AWS Config and Lambda can be used to add Security Integration tests to a Continuous Read more…

Security Integration Testing (Part 2): Building and deploying a testing framework on AWS

Continuous Security: Security in the Continuous Delivery Pipeline is a series of articles addressing security concerns and testing in the Continuous Delivery pipeline. This is the fifth article in the series. Introduction The purpose of this blog series is to show how AWS Config and Lambda can be used to add Security Integration tests to a Continuous Read more…

Security Integration Testing (Part 1): Resource Monitoring with AWS Config Rules

Continuous Security: Security in the Continuous Delivery Pipeline is a series of articles addressing security concerns and testing in the Continuous Delivery pipeline. This is the third article in the series. Introduction In a Continuous Delivery pipeline it is imperative to enforce infrastructure security policies and ensure that any new code or infrastructure changes don’t result Read more…

Using stubs for the AWS SDK for Ruby

If you plan to write, or have already written, Ruby code that leverages Amazon Web Services, you should consider using AWS Stubs. The ability to stub service responses allows you to develop robust code more quickly and enables you to test your code without incurring any cost. Amazon’s SDK engineers knew that as well, and have Read more…

Stelligent AWS Continuous Delivery Demo Screencast

See the YouTube screencast and transcript below of a Continuous Deployment pipeline demonstration for a Node.js application using AWS services such as EC2, DynamoDB, Route 53, ENI and VPC and tools such as AWS CodePipeline, Jenkins, Chef and AWS CloudFormation. Open source code is available at https://github.com/stelligent/dromedary Transcript In this screencast, you’ll see a live Read more…