Search engine for discovering works of Art, research articles, and books related to Art and Culture
Javascript must be enabled to continue!
Model to reduce DevOps Pipeline execution time using SAST
View through CrossRef
Abstract
Static code analysis (SAST is a well-known concept) to identify security flaws in the code to improve software product quality. A SAST tool called SonarQube which can scan source code of an application and identify the vulnerabilities present in software. It can also find the RCA of the vulnerabilities found in software products. it helps in rehabilitating the securities flaws found in analysis of the software products. SAST tools analyses upside-down for an application. It does not need s system to be in running state to perform analysis. The scan provides instant feedback to developers in terms of reducing security risks for an application. It helps to resolve issues which was present during development and helps developers to increase their knowledge. As a result, developers become competent about knowledge of security for software product. The sonar analysis report provides on demand access to all recommendations. The user can navigate to line-of-code which have vulnerabilities and they can do faster discovery and auditing. And hence the developers can write more code which is less vulnerable. This way they have more secure and quality product delivered. To conduct static analysis, the author(s) has used SonarQube as a tool, which compile and measure the code quality for the code kept in repositories. As Devops/DevSecOps standards, SonarQube is used to create different pipelines which normally increases the build pipeline execution time. In the proposed solution, the author(s) tried to reduce build pipeline execution time by conducting static analysis early Devops phases. Proposed solution uses GitHub open-source project written in C Sharp.Net language, Azure Devops, dotnet sonar scanner tool and SonarQube to conduct static analysis and testing. The authors(s) tried to enhance the software quality in early Devops phases which will be helpful in reducing the build time and cost. Proposed framework will be helpful in increasing reliability, efficiency, and performance of software project.
Title: Model to reduce DevOps Pipeline execution time using SAST
Description:
Abstract
Static code analysis (SAST is a well-known concept) to identify security flaws in the code to improve software product quality.
A SAST tool called SonarQube which can scan source code of an application and identify the vulnerabilities present in software.
It can also find the RCA of the vulnerabilities found in software products.
it helps in rehabilitating the securities flaws found in analysis of the software products.
SAST tools analyses upside-down for an application.
It does not need s system to be in running state to perform analysis.
The scan provides instant feedback to developers in terms of reducing security risks for an application.
It helps to resolve issues which was present during development and helps developers to increase their knowledge.
As a result, developers become competent about knowledge of security for software product.
The sonar analysis report provides on demand access to all recommendations.
The user can navigate to line-of-code which have vulnerabilities and they can do faster discovery and auditing.
And hence the developers can write more code which is less vulnerable.
This way they have more secure and quality product delivered.
To conduct static analysis, the author(s) has used SonarQube as a tool, which compile and measure the code quality for the code kept in repositories.
As Devops/DevSecOps standards, SonarQube is used to create different pipelines which normally increases the build pipeline execution time.
In the proposed solution, the author(s) tried to reduce build pipeline execution time by conducting static analysis early Devops phases.
Proposed solution uses GitHub open-source project written in C Sharp.
Net language, Azure Devops, dotnet sonar scanner tool and SonarQube to conduct static analysis and testing.
The authors(s) tried to enhance the software quality in early Devops phases which will be helpful in reducing the build time and cost.
Proposed framework will be helpful in increasing reliability, efficiency, and performance of software project.
Related Results
Research on the necessity of implementing devops technologies in the Training of Future Computer Science Teachers
Research on the necessity of implementing devops technologies in the Training of Future Computer Science Teachers
The article examines the problem of implementing DevOps technologies in the training of future Computer Science teachers. This problem has arisen due to the development and expansi...
Installation Analysis of Matterhorn Pipeline Replacement
Installation Analysis of Matterhorn Pipeline Replacement
Abstract
The paper describes the installation analysis for the Matterhorn field pipeline replacement, located in water depths between 800-ft to 1200-ft in the Gul...
Automated Continuous Deployment of Software Projects with Jenkins through DevOps-based Hybrid Model
Automated Continuous Deployment of Software Projects with Jenkins through DevOps-based Hybrid Model
Abstract
Software development and delivery have changed from conventional deployment and agile methods to the continuous culture of DevOps. DevOps, the current craze in the...
Implementation of DevOps in healthcare systems
Implementation of DevOps in healthcare systems
The integration of DevOps practices within healthcare systems has emerged as a promising approach to enhance agility, efficiency, and reliability in delivering healthcare services....
Implementation of DevOps in healthcare systems
Implementation of DevOps in healthcare systems
The integration of DevOps practices within healthcare systems has emerged as a promising approach to enhance agility, efficiency, and reliability in delivering healthcare services....
Implementation of DevOps in healthcare systems
Implementation of DevOps in healthcare systems
The integration of DevOps practices within healthcare systems has emerged as a promising approach to enhance agility, efficiency, and reliability in delivering healthcare services....
A Fluid-pipe-soil Approach to Stability Design of Submarine Pipelines
A Fluid-pipe-soil Approach to Stability Design of Submarine Pipelines
Abstract
The conventional approach to submarine pipeline stability design considers interactions between water and pipeline (fluid-pipe) and pipeline and seabed (...
Pipeline Resistance
Pipeline Resistance
Pipeline resistance is where an often abstract and wonky climate movement meets the bravery and boldness of Indigenous and other frontline defenders of land and water who inspire d...