Search engine for discovering works of Art, research articles, and books related to Art and Culture
Javascript must be enabled to continue!
Model to reduce DevOps Pipeline execution time using SAST
View through CrossRef
Abstract
Static code analysis (SAST is a well-known concept) to identify security flaws in the code to improve software product quality. A SAST tool called SonarQube which can scan source code of an application and identify the vulnerabilities present in software. It can also find the RCA of the vulnerabilities found in software products. it helps in rehabilitating the securities flaws found in analysis of the software products. SAST tools analyses upside-down for an application. It does not need s system to be in running state to perform analysis. The scan provides instant feedback to developers in terms of reducing security risks for an application. It helps to resolve issues which was present during development and helps developers to increase their knowledge. As a result, developers become competent about knowledge of security for software product. The sonar analysis report provides on demand access to all recommendations. The user can navigate to line-of-code which have vulnerabilities and they can do faster discovery and auditing. And hence the developers can write more code which is less vulnerable. This way they have more secure and quality product delivered. To conduct static analysis, the author(s) has used SonarQube as a tool, which compile and measure the code quality for the code kept in repositories. As Devops/DevSecOps standards, SonarQube is used to create different pipelines which normally increases the build pipeline execution time. In the proposed solution, the author(s) tried to reduce build pipeline execution time by conducting static analysis early Devops phases. Proposed solution uses GitHub open-source project written in C Sharp.Net language, Azure Devops, dotnet sonar scanner tool and SonarQube to conduct static analysis and testing. The authors(s) tried to enhance the software quality in early Devops phases which will be helpful in reducing the build time and cost. Proposed framework will be helpful in increasing reliability, efficiency, and performance of software project.
Title: Model to reduce DevOps Pipeline execution time using SAST
Description:
Abstract
Static code analysis (SAST is a well-known concept) to identify security flaws in the code to improve software product quality.
A SAST tool called SonarQube which can scan source code of an application and identify the vulnerabilities present in software.
It can also find the RCA of the vulnerabilities found in software products.
it helps in rehabilitating the securities flaws found in analysis of the software products.
SAST tools analyses upside-down for an application.
It does not need s system to be in running state to perform analysis.
The scan provides instant feedback to developers in terms of reducing security risks for an application.
It helps to resolve issues which was present during development and helps developers to increase their knowledge.
As a result, developers become competent about knowledge of security for software product.
The sonar analysis report provides on demand access to all recommendations.
The user can navigate to line-of-code which have vulnerabilities and they can do faster discovery and auditing.
And hence the developers can write more code which is less vulnerable.
This way they have more secure and quality product delivered.
To conduct static analysis, the author(s) has used SonarQube as a tool, which compile and measure the code quality for the code kept in repositories.
As Devops/DevSecOps standards, SonarQube is used to create different pipelines which normally increases the build pipeline execution time.
In the proposed solution, the author(s) tried to reduce build pipeline execution time by conducting static analysis early Devops phases.
Proposed solution uses GitHub open-source project written in C Sharp.
Net language, Azure Devops, dotnet sonar scanner tool and SonarQube to conduct static analysis and testing.
The authors(s) tried to enhance the software quality in early Devops phases which will be helpful in reducing the build time and cost.
Proposed framework will be helpful in increasing reliability, efficiency, and performance of software project.
Related Results
The Role of Leadership in Transforming Retail Technology Infrastructure with DevOps
The Role of Leadership in Transforming Retail Technology Infrastructure with DevOps
In the fast changing retail technology market, DevOps principles are transforming how firms manage and improve their technological infrastructure. This study examines how leadershi...
Mobilizing DevOps: exploration of DevOps adoption in mobile software development
Mobilizing DevOps: exploration of DevOps adoption in mobile software development
Purpose
The purpose of this study is to investigate the factors facilitating and influencing the adoption of DevOps practices specifically tailored to mobile so...
Research on the necessity of implementing devops technologies in the Training of Future Computer Science Teachers
Research on the necessity of implementing devops technologies in the Training of Future Computer Science Teachers
The article examines the problem of implementing DevOps technologies in the training of future Computer Science teachers. This problem has arisen due to the development and expansi...
DevOps for information management systems
DevOps for information management systems
Purpose
Development and operations (DevOps) is complex in nature. Organizations are unsure how to effectively establish a DevOps capability for the continuous delivery of informati...
A qualitative study of architectural design issues in DevOps
A qualitative study of architectural design issues in DevOps
AbstractSoftware architecture is critical in succeeding with Development and Operations (DevOps). However, designing software architectures that enable and support DevOps (DevOps‐d...
AI-driven devops: Leveraging machine learning for automated software deployment and maintenance
AI-driven devops: Leveraging machine learning for automated software deployment and maintenance
The integration of artificial intelligence (AI) and machine learning (ML) into DevOps practices is revolutionizing software deployment and maintenance, paving the way for more effi...
ANALYSIS OF DEVOPS INFRASTRUCTURE METHODOLOGY AND FUNCTIONALITY OF BUILD PIPELINES
ANALYSIS OF DEVOPS INFRASTRUCTURE METHODOLOGY AND FUNCTIONALITY OF BUILD PIPELINES
<p>The DevOps pipeline for infrastructure is a critical component in modern software development and operations practices. It involves automating the provisioning, configurat...
ANALYSIS OF DEVOPS INFRASTRUCTURE METHODOLOGY AND FUNCTIONALITY OF BUILD PIPELINES
ANALYSIS OF DEVOPS INFRASTRUCTURE METHODOLOGY AND FUNCTIONALITY OF BUILD PIPELINES
The DevOps pipeline for infrastructure is a critical component in modern
software development and operations practices. It involves automating
the provisioning, configuration, and ...