Integrate Compliance and Quality into Your DevOps Pipeline
Continuous Delivery is about enabling your organization to bring new features to production, one by one, quickly and reliably. To do so effectively while maintaining a high level of quality, you have to embed code analysis in the CD pipeline. Making code analysis an integral part of your Continuous Delivery process strengthens the test automation section of your CD pipeline and ensures that release managers have an accurate view of the risks the code may introduce.
Embedded code analysis is also crucial for meeting the compliance requirements that are important for your organization. Code can be analyzed for security, open source licensing, adherence to coding standards, and various other quality metrics. When code analysis is baked into the software release process, you can be confident that the evidence you need for auditing purposes is collected and recorded automatically.
With XL Release 7.6, you can see risk and quality metrics in the dashboard for every release. In addition, you can add code analysis tasks to the release pipeline through integrations with third-party products and configure the tasks to fail if the code does not meet quality thresholds. XL Release 7.6 adds the following integrations:
Black Duck
Black Duck is a trusted tool for securing and managing open source software in applications and containers. Integration with Black Duck makes it easy for you to verify as a standard step in your templates and releases that the open source software you use in your applications and containers is secure.Fortify Software Security Center (SSC)
Fortify Software Security Center provides centralized management of application security testing. Security teams use SSC to review and manage security testing activities, prioritize remediation efforts based on risk potential, measure improvements, and generate cross-portfolio management reports.SonarQube
SonarQube is an open source platform for continuous inspection of code quality. Teams use it to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities in application source code.The Result: Better Software for All
Integrating compliance and quality into your DevOps pipeline is crucial for any organization to deliver quality software consistently, and XL Release can help you achieve just that with ease.Related Resources
- Try XL Release for free
- Download the new plugins
- Read more about the XebiaLabs 7.6 release