11 |
Challenges of Implementing DevOps in Embedded Application DevelopmentPULA, PAVAN KUMAR January 2023 (has links)
Background : Embedded system consists of both hardware and software. Boththese hardware and software development teams must be worked together to complete the project successfully, which requires a lot of communication among theteams. DevOps is an evolution of agile development that bridges communicationgap between teams. Since Embedded systems are not service-based, it isn’t easy toimplement DevOps. So there is a need to study what challenges are currently facedin implementing embedded application development. Objectives: The focus of this thesis was to gather the challenges and mitigationstrategies to overcome these challenges faced during the implementation of DevOpsin Embedded application development, along with mitigation strategies followed toovercome these challenges. Methods: In this thesis, surveys, and interviews were selected as research methods to identify challenges faced while implementing DevOps in embedded systemapplication development and mitigation strategies, and the survey was considered tocollect demographic questions. Results: A survey was conducted to identify embedded developers with experienceimplementing DevOps for Embedded Application Development. Out of 19 surveyresponses, 12 respondents were further interviewed for detailed information. Datacollected from the interviews are analyzed using thematic analysis and narrativeanalysis. Conclusions: From the analysis, the research concludes that continuous testingis the most challenging phase to implement. Continuous testing and continuous integration are the phases that need to be focused on more for the future implementationof DevOps
|
12 |
A Comparison of CI/CD Tools on KubernetesJohansson, William January 2022 (has links)
Kubernetes is a fast emerging technological platform for developing and operating modern IT applications. The capacity to deploy new apps and change old ones at a faster rate with less chance of error is one of the key value proposition of the Kubernetes platform. A continuous integration and continuous deployment (CI/CD) pipeline is a crucial component of the technology. Such pipelines compile all updated code and do specific tests and may then automatically deploy the produced code artifacts to a running system. There is a thriving ecosystem of CI/CD tools. Tools can also be divided into two types: integrated and standalone. Integrated tools will be utilized for both pipeline phases, CI and CD. The standalone tools will be used just for one of the processes, which needs the usage of two independent programs to build up the pipeline. Some tools predate Kubernetes and may be converted to operate on Kubernetes, while others are new and designed specifically for usage with Kubernetes clusters. CD systems are classified as push-style (artifacts from outside the cluster are pushed into the cluster) or pull-style (CD tool running inside the cluster pulling built artifacts into the cluster). Pull- and push-style pipelines will have an impact on how cluster credentials are managed and if they ever need to leave the cluster. This thesis investigates the deployment time, fault tolerance, and access security of pipelines. Using a simple microservices application, a testing setup is created to measure the metrics of the pipelines. Drone, Argo Workflows, ArgoCD, and GoCD are the tools compared in this study. These tools are coupled to form various pipelines. The pipeline using Kubernetes-specific tools, Argo Workflows and ArgoCD, is the fastest, the pipeline with GoCD is somewhat slower, and the Drone pipeline is the slowest. The pipeline that used Argo Workflows and ArgoCD could also withstand failures. Theother pipelines that used Drone and GoCD were unable to recover and timed out. Pull pipelines handles the Kubernetes access differently to push pipelines as the Kubernetes cluster credentials does not have to leave the cluster, whereas push pipelines needs the cluster credentials in the external environment where the CD tool is running.
|
13 |
A Comparison Between Different Frameworks Based on Application Metrics à la Argo RolloutsGustaf, Söderlund January 2024 (has links)
This research investigates the integration and effectiveness of two monitoring frameworks, the Four Golden Signals and the RED Method, with Argo Rollouts for automated deployments. The study aims to identify which framework integrates better with Argo Rollouts, compare their effectiveness in automating deployment procedures, and assess the impact of automated deployments on application performance. Experiments involve fault injections, such as HTTP 500 errors and delays, to evaluate the frameworks ability to detect unhealthy deployments and trigger rollbacks. Both frameworks were successfully integrated using Prometheus for metric collection and custom analysis templates for health assessment. The Four Golden Signals provided more comprehensive insights due to its additional metrics (saturation and latency), whereas the RED Method was simpler to configure and interpret. The findings highlight the importance of carefully calibrating metric thresholds to accurately identify unhealthy deployments. Future work suggests exploring Blue-Green deployments, investigating the robustness of systems under security breaches, and assessing cost savings from using Argo Rollouts over time.
|
14 |
DevOpsSec i praktiken : En studie av acceptans till implementering av säkerhetsåtgärder mot Poisoned Pipeline ExecutionJönsson, Adam, Meyer, Jesper January 2024 (has links)
Denna studie undersöker hur säkerhetsåtgärder designade för att förhindra Poisoned Pipeline Execution (PPE) attacker påverkar utvecklare som arbetar inom DevOps-team. Studien använder Technology Acceptance Model (TAM) för att analysera hur dessa åtgärder påverkar utvecklares uppfattning om användbarhet, användarvänlighet och deras intentioner att implementera och använda dem. Studiens syfte är att förstå de utmaningar och möjligheter som är förknippade med att integrera säkerhetsåtgärder i DevOps-arbetsflöden, för att säkerställa att de stärker säkerheten utan att hindra produktivitet eller samarbete. Genom en kvalitativ ansats genomfördes semistrukturerade intervjuer med tre erfarna utvecklare från olika organisationer. Tematisk analys visade att bristande medvetenhet om DevOpsSec och dess risker utgör en betydande utmaning. Medan utvecklare erkänner vikten av säkerhet, finns det oro för hur nya åtgärder kan påverka effektivitet och flexibilitet. Resultaten belyser behovet av att organisationer integrerar säkerhet i sin DevOps-kultur, främjar delat ansvar och förståelse. Studien betonar också vikten av att automatisera säkerhetsåtgärder, då detta kan öka deras upplevda användbarhet och användarvänlighet. Genom att analysera utvecklares perspektiv ger studien insikter i komplexiteten av att implementera säkerhetsåtgärder inom DevOps och belyser de nödvändiga stegen för att stärka säkerheten utan att hindra effektiviteten. / This study investigates the impact of security measures designed to prevent Poisoned Pipeline Execution (PPE) attacks on developers working within DevOps teams. It leverages the Technology Acceptance Model (TAM) to analyze how these measures influence developers' perceived usefulness, ease of use, and subsequent behavioral intentions regarding implementation and utilization. The research aims to understand the challenges and opportunities associated with integrating security measures into DevOps workflows, ensuring they enhance security without hindering productivity or collaboration. Employing a qualitative approach, the study conducted semi-structured interviews with three experienced developers from different organizations. Thematic analysis revealed that a lack of awareness about DevOpsSec and its associated risks poses a significant challenge. While developers acknowledge the importance of security, concerns about the impact of new measures on efficiency and flexibility arise. The findings highlight the need for organizations to integrate security into their DevOps culture, fostering a shared responsibility and understanding. Additionally, the study emphasizes the importance of automating security measures, as this can increase their perceived usefulness and ease of use. By analyzing developers' perspectives, the study offers insights into the complexities of implementing security measures within DevOps and sheds light on the necessary steps to enhance security without hindering efficiency.
|
15 |
Performance comparison and assessment of GitHub Actions and JenkinsJamshidi, Sarfaraz, Iminov, Ichtiar January 2022 (has links)
There is a great demand for fast deliveries of improved and updated software in different software development areas, like Internet of Things, web, and cloud, in today’s digitalized world. Software developers and organizations must adapt to be able to deliver according to customers’ wishes, to be able to retain them, and remain competitive with other organizations. Continuous integration and continuous delivery (CI/CD) are methods used within the software development world, allowing developers to automate parts of their work to develop and deliver software faster and with better quality. Tools used for CI/CD come with different benefits and performances making it difficult for developers to choose a tool. There are numerous tools to choose from, and there is a lack of performance comparisons of them. This thesis aims to give developers a performance comparison between the two well-known CI/CD tools, GitHub Actions and Jenkins, to facilitate their choice of a CI/CD tool. The research was qualitative, inductive, and comparative. A literature study and practical tests were conducted to study the performance differences between the two wellknown CI/CD tools, GitHub Actions and Jenkins. The literature study was conducted f irst and gave the necessary knowledge to perform the practical tests, and the practical tests gave the actual results. The practical tests were performed on two different software projects ,and two different tests per projec, per server were conducted. The results from both projects indicated apparent differences in performance between GitHub Actions and Jenkins, as Jenkins ran faster than GitHub Actions while running on a Windows server, and GitHub Actions ran faster than Jenkins while running on an Ubuntu server. These findings indicate that the two well-known CI/CD tools perform differently depending on the server the developers would use these tools. It can not be concluded that one of the tools has better performance than the other; instead, one tool has better performance depending on the operating system the tool is running on. If the developers were to use the tools on an Ubuntu server, GitHub Actions would be the preferred tool, and if they were to use the tool on a Windows server, Jenkins would be the preferred tool. / Det finns en stor efterfrågan på snabba leveranser av förbättrad och uppdaterad mjukvara i olika mjukvaruutvecklings områden så som Sakernas Internet, webb och moln i dagens digitaliserade värld. Mjukvaruutvecklare och organisationer måste anpassa sig för att kunna leverera till kundernas önskemål för att kunna behålla dom och förbli konkurrenskraftiga med andra organisationer. Kontinuerlig integration och kontinuerlig leverans (CI/CD) är metoder som används inom mjukvaruutvecklings världen, så att utvecklare kan automatisera delar av sitt arbete för att utveckla och leverera mjukvara snabbare och med bättre kvalité. Verktyg som används för CI/CD kommer med olika fördelar och prestanda som gör det svårt för utvecklare att välja ett verktyg. Det finns många verktyg att välja mellan och det finns en brist på prestandajämförelser av dem. Detta examensarbete syftar till att ge utvecklare en prestandajämförelse mellan de två välkända CI/CD-verktygen GitHub Actions och Jenkins, för att underlätta utvecklarens val av ett CI/CD-verktyg. En kvalitativ, induktiv och komparativ forskningsmetod användes för att genomföra denna studie. En litteraturstudie och praktiska tester genomfördes för att studera prestandaskillnader mellan de två välkända CI/CD-verktygen GitHub Actions och Jenkins. Litteraturstudien genomfördes först och gav författarna nödvändiga kunskap för att utföra dem praktiska testerna, dem praktiska testerna gav de faktiska resultaten. Praktiska testerna utfördes på två olika mjukvaruprojekt och två olika tester per projekt, en per server genomfördes. Resultaten från båda projekten visade på uppenbara skillnader i prestanda mellan GitHub Actions och Jenkins. Då Jenkins kördes snabbare än GitHub Actions när körningen kördes på en Windows server och GitHub Actions kördes snabbare än Jenkins när de kördes på en Ubuntu server. Dessa resultat tyder på att de två välkända CI/CD-verktygen fungerar olika beroende på vilken server utvecklarna skulle använda dessa verktyg på. Det går inte att dra slutsatsen att ett verktyg är bättre över det andra, i stället har ett verktyg bättre prestanda beroende på vilket operativ system verktyget körs på. Om utvecklarna skulle använda verktygen på en Ubuntu server skulle GitHub Actions vara det föredragna verktyget och om utvecklarna skulle använda verktyget på en Window server skulle Jenkins vara det föredragna verktyget.
|
16 |
A DevOps Approach to the EA Blueprint Architectural PatternPersson, Susanna January 2022 (has links)
In the world of software development, there is an increasing demand for software to keep up with rapid changes in its real-world context. A Resilient Digital Twin of an Organization is a type of software whose purpose is to digitally represent an organization or a component of an organization - as a Digital Twin -, and to keep doing so accurately throughout the real-world organization’s changes - a Resilient Digital Twin. An architectural pattern, called the EA Blueprint Pattern, has recently been proposed as a pattern to use for developing Resilient Digital Twins that can change together with the changes in the organization. However, software architecture is not the only factor that enables continuous change and adaptability in software. For software development teams to be able to deliver software rapidly and reliably, the software development process itself must be adapted to allow for frequent and fast changes. From this need, the Agile methodology and subsequently the set of work practises called DevOps has emerged. DevOps leverages automation and fast feedback as tools to facilitate a shorter system development life cycle and continuous delivery. The usage of DevOps is becoming increasingly popular in the software development field. It stands to reason that there is a need to ensure that the EA Blueprint Pattern is appropriate even in a DevOps context, where different tools and routines may be used than in traditional development. To complete this project, a use case of the EA Blueprint Pattern has been moved from a traditionally developed and deployed setting to a DevOps setting that includes essential DevOps tools such as Infrastructure as Code, a cloud environment, and a CI/CD pipeline that enables automatic deployment and therefore a shorter system development life cycle. By doing this, it can be gauged how well the EA Blueprint Pattern is adapted to a modern software development process which utilises the advantages of DevOps.
|
17 |
Hromadná orchestrácia v multirepo CI/CD prostrediach / Bulk Operation Orchestration in Multirepo CI/CD EnvironmentsVíšek, Jakub January 2021 (has links)
Multirepo model přístupu ke správě a verzování zdrojového kódu, jež zahrnuje použití mnoha oddělených repozitářů verzovacích systémů, je poslední dobou často zmiňován v odborné literatuře. Jednou z jeho nevýhod je množství zdlouhavých, nezajímavých a repetitivních úkonů, které je nutno provádět při hromadných operacích tvořících transakce napříč těmito repozitáři. Multirepo repozitáře navíc umožňují využití široké škály technologií, což jen umocňuje riziko lidské chyby, ke které při ručně prováděných hromadných operacích může dojít. V rámci této práce je navrženo, implementováno a otestováno řešení pro automatizaci operací prováděných napříč množstvím repozitářů uspořádaných v multirepo modelu, což s nimi uživatelům zlepšuje zkušenost.
|
18 |
Tracing Integration Errors to Upstream Development Activities : An exploratory studyAndersson, Dennis, Artale, Jacques January 2023 (has links)
The Eiffel Protocol provides traceability downstream and upstream of all activities that transpire inside the CI/CD pipeline. The traceability achieved by the Eiffel Protocol comes with great benefits even though it does not cover all development activities as it pertains only to the CI/CD pipeline. Our research aims to explore the idea of extending the Eiffel Protocol to cover all activities and discuss what benefits could be seen, especially in the scope of reducing the number of integration failures. A literature study was first carried out to find the root causes of these failures. After the literature study, we conducted a focus group session to gather data about the potential benefits and problems of an extension, what analyses could be drawn, and how it can affect integration errors. Our results show that an extension is beneficial as analyses that can be made with the generated data can tackle some of the biggest issues found in software development teams, especially in larger organizations. The complexity, cost involved and the time needed to see a return on investment does however weigh it down. Thus, while it is beneficial it is not enough for organizations to consider it as a priority to integrate with their environments when thinking of the costs involved to do so. Further implementation solutions need to be researched before it shows its worth.
|
19 |
Introducing the Modern and Future Development of “Web Applications” Using JHipster Development Platform.Vilcinskaite, Milena January 2021 (has links)
Generating web applications with correct structure and modern functionalities using a development platform is not widely known for students in academia around the world. Modern web development is moving further towards advancement where different functionalities adapted for web application development increase and become more central in today's market. Introducing modern concepts in web application development to the students in academia at an early stage is essential in order to provide better insight of how to suitably develop and maintain the structure of modern "Web Applications". This thesis describes the work carried out to investigate how a web application can effectively be developed and structured by the undergraduate students in the course II1302 Projects and project methods at the Royal Institute of Technology (KTH) using a development platform. The case study is conducted as a research method for this thesis. The research method revolved around experimentation with an example application to identify the possibilities of using a development platform in conjunction to improve the teaching of modern web application development early in education, and then apply the development platform in the course's future projects. This thesis identifies pertinent fields of knowledge throughout the development of a web application using the development platform to learn about the relevant concepts and definitions of modern and future technologies used in web application development. The implementation of the web application covers the areas such as automation, deployment, and monitoring. These areas are utilized in the form of the following aspects: DevOps, CI/CD, integration cloud deployment, IoT simulated device, MVC design pattern architecture for both frontend and backend, programming frameworks, i.e., Angular JS frontend framework and Spring Boot backend framework. A description of how the application is managed and what technologies and resources are used is presented. These aspects are used throughout the process of web application development. The requirements of using the development platform aim to be relevant to the students' studies at a sufficient difficulty level in course II1302. The students are expected to have an extended knowledge in basic web application development. / Att generera webbapplikationer med rätt struktur och moderna funktioner med hjälp av en utvecklingsplattform är inte allmänt känt för studenter inom akademin runt om i världen. Modern webbutveckling går vidare mot avancemang där olika funktioner anpassade för webbapplikationsutveckling ökar och blir mer centrala på dagens marknad. Att introducera moderna koncept inom webbapplikationsutveckling för studenter i akademin på ett tidigt stadium är viktigt för att ge bättre insikt om hur man på ett lämpligt sätt kan utveckla och behålla strukturen för moderna "Web Applications". Denna avhandling beskriver arbetet med att undersöka hur en webbapplikation effektivt kan utvecklas och struktureras av studenterna i kursen II1302 Projekt och projektmetoder vid Royal Institute of Technology (KTH) med hjälp av en utvecklingsplattform. Fallstudien genomförs som en forskningsmetod för denna avhandling. Forskningsmetoden kretsade kring experiment med en exempelapplikation för att identifiera möjligheterna att använda en utvecklingsplattform tillsammans för att förbättra undervisningen i modern webbapplikationsutveckling tidigt i utbildningen och sedan tillämpa utvecklingsplattformen i kursens framtida projekt. Denna avhandling identifierar relevanta kunskapsområden genom utvecklingen av en webbapplikation med hjälp av utvecklingsplattformen för att lära sig relevanta begrepp och definitioner av modern och framtida teknik som används i webbapplikationsutveckling. Implementeringen av webbapplikationen täcker områden som automatisering, distribution och övervakning. Dessa områden används i form av följande aspekter: DevOps, CI/CD, integration av moln, IoT -simulerad enhet, MVC -designmönsterarkitektur för både frontend och backend, programmeringsramar, dvs Angular JS frontend framework och Spring Boot backend framework. En beskrivning av hur applikationen hanteras och vilken teknik och resurser som används presenteras. Dessa aspekter används under hela processen för webbapplikationsutveckling. Kraven för att använda utvecklingsplattformen syftar till att vara relevanta för studenternas studier med tillräcklig svårighetsgrad i kurs II1302. Studenterna förväntas ha en utökad kunskap inom grundläggande webbapplikationsutveckling.
|
20 |
Implementace a rozšíření frameworku pro testování technické dokumentace / Implementation and Extension of the Technical Documentation Testing FrameworkMacko, Peter January 2020 (has links)
Práca sa zaoberá automatizáciou testovania technickej dokumentácie napísanej v značkovacom jazyku AsciiDoc pomocou open-source frameworku testovania technickej dokumentácie Emender implementovaného na CI/CD platforme. Framework bol rozšírený o webovú aplikáciu emenderwebservice s REST API, ktorá poskytuje užívateľské grafické rozhranie s výsledkami testov a mechanizmom na odrieknutie falošne pozitívnych výsledkov testov. Webová aplikácia bola vytvorená pomocou WSGI frameworku na tvorbu webových aplikácií Flask s databázou ktorá umožňuje agregáciu výsledkov testov a ich unikátnu identifikáciu. Aplikácia uľahčuje prístup ku výsledkom testov vygenerovaných frameworkom Emender v CI/CD systémoch a poskytuje technical writer-om ucelené užívateľské prostredie.
|
Page generated in 0.0623 seconds