The CI/CD and DevOps Blog

Manisha Sahasrabudhe

Manisha Sahasrabudhe

Recent Posts

Provision AWS EC2 virtual machine with Ansible

This tutorial explains how to manually provision an AWS EC2 virtual machine using Ansible. Before you start, you should be familiar with the following concepts:

 The best way to get started is to install ansible and run playbooks manually on your local machine to provision a VM. The first section of this tutorial explains how to do that. However, manual execution isn't the best and most efficient way to run ansible playbooks, so we will take a look at the challenges and learn how to automate this workflow.

Announcing Windows, Mac OS, and CentOS BUILDS

Today, we are excited to announce support for multiple Operating Systems, including Windows, Mac OS, and CentOS. From the start, our goal at Shippable has been to provide you with a common CI and DevOps platform for all your applications, irrespective of application technology and architecture. 

Our journey started with Continuous Integration (CI) in 2013, when we debuted the first CI platform to support native Docker workflows for our customers. Last year, we added Assembly Lines to let you easily define end-to-end workflows across your DevOps tools to achieve Continuous Delivery with Application Release Automation, Release orchestration, approval gates, etc. This completed our end-to-end support for Ubuntu applications. 

As much as we like Ubuntu, most Enterprises have a mix of applications across multiple Operating Systems. We are proud to expand Shippable today with support for multiple platforms, as well as a bunch of other enhancements that will help you manage build infrastructure and create CI, CD, and DevOps workflows more easily.

Let's look at the top features launched today. In upcoming weeks, we will post detailed blogs on how to use each of these features.

Security Best Practices At Shippable

In light of a recent blog post about a competitor's security vulnerabilities, I wanted to be completely transparent about our security best practices to reassure our customers that they're in good hands.

From the start, we've been very aware of the fact that when customers click on the Authorize button to grant us access to their GitHub or Bitbucket repositories, they trust us with their Intellectual Property.  This is a tremendous step, especially since we're all aware of hackers attacking almost every major site and stealing personal information.

Our security measures fall under two pillars, Product and Process, both of which are explained below.

Are you Stuck in The New DevOps Matrix From Hell?

If you google "matrix from hell", you'll see many articles about how Docker solves the matrix from hell. So what is the matrix from hell? Put simply, it is the challenge of packaging any application, regardless of language/frameworks/dependencies, so that it can run on any cloud, regardless of operating systems/hardware/infrastructure.

                     

The original matrix from hell: applications were tightly coupled with underlying hardware

 

Docker solved for the matrix from hell by decoupling the application from the underlying operating system and hardware. It did this by packaging all dependencies inside Docker containers, including the OS. This makes Docker containers "portable", i,e, they can run on any cloud or machine without the dreaded "it works on this machine" problems. This is the single biggest reason Docker is considered the hottest new technology of the last decade.

With DevOps principles gaining center stage over the last few years, Ops teams have started automating their tasks like provisioning infrastructure,  managing config, triggering production deployments, etc. IT automation tools like Ansible and Terraform help tremendously with these use cases since they allow you to represent your infrastructure-as-code, which can be versioned and committed to source control. Most of these tools are configured with a YAML or JSON based language which describes the activity you're trying to achieve. 

Using NPM Private Modules In Your CI Workflow

In addition to publicly available packages, npm also allows users to publish and manage packages in a private namespace. If you want your npm install command in the CI workflow to install your private dependencies, there are a couple of setup steps that are required.

Unless you follow these steps, your npm install command will throw an error, such as 

  npm ERR! 404 Not found : @manishas/my-private-module   

 

Step 1: Get your npm auth token

First, you need to find your npm token, which is stored in the .npmrc file in your home directory. The file will contain a line which looks like this:

  //registry.npmjs.org/:_authToken=GFYR$E8D-89DG-GH54-HJDR-TYDGOSYT785T  

Copy the value of the token, which is everything after authToken=