Skip to content

Sonatype Blog
Syndicate content
Blogs about software supply automation, devops, open source, continuous delivery, application security.
Updated: 5 hours 28 min ago

Using Nexus 3 as Your Repository – Part 1: Maven Artifacts

14 hours 28 min ago
This article is the first in a three part series by one of our community advocates, Rafael Eyng. You can follow his work at CodeHeaven.io

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

System Hardening with Ansible

Mon, 02/20/2017 - 15:00
The DevOps pipeline is constantly changing.  Therefore relevant security controls must be applied contextually. We want to be secure, but I think all of us would rather spend our time developing and deploying software. Keeping up with server updates and all of the other security tasks is...

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

Achieving CI/CD with Kubernetes

Fri, 02/17/2017 - 20:52
Hola amigos !!(In English – Hello Friends !!) Hope you are having a jolly good day ! Continuous Integration/Delivery is best said in terms of Martin Fowler, according to him it can be defined as, “Continuous Integration is a software development practice where members of a team integrate their work...

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

DevOps at Massive Scale

Thu, 02/16/2017 - 22:13
When you have a billion users, people notice.  That’s where our story about DevOps and Yahoo! starts.  For Kishore Jalleda and Gopal Mor, both engineers at Yahoo!, when something goes wrong on a Yahoo! page, people will notice.  Correction: a lot of people will notice.

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

Sonatype Nexus Installation Using Docker

Fri, 02/10/2017 - 19:21
1. Download the Docker image using following commands.. # docker pull sonatype/nexus   2. Build an image from a Nexus Dockerfile# docker build –rm –tag sonatype/nexus oss/ # docker build –rm –tag sonatype/nexus-pro pro/ (For Pro)  

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

Paul Volkman: Why is Sonatype the best solution?

Fri, 02/10/2017 - 18:04
When Paul Volkman was asked "Why is Sonatype the best solution?," he didn't hesitate. Watch and listen as he gives the best, most succinct explanation you'll find anywhere.

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

DevOps and Opportunities in Software Supply Chain Governance

Fri, 02/10/2017 - 00:27
Governance has been an evil word for software developers but new approaches unlock massive gains in productivity, reductions in cost, and improvements in quality.

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

DevSecOps: Better Software, Faster

Wed, 02/08/2017 - 08:31
“The big problems are where people don't realize they have one in the first place.” - W. Edwards Deming, patron saint of DevOps.

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

Docker: The New Ordinary

Sat, 02/04/2017 - 01:58
The “new ordinary”.

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

Docker Inside/Out: A Hero’s Journey

Sat, 02/04/2017 - 01:58
The “new ordinary”.

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

One Team, 5,000 Jobs: Life in the DevOps Jungle

Wed, 02/01/2017 - 18:31
Damien has 5,000 jobs. While you might gasp at that workload, Damien is not stressing out. All 5,000 jobs are automated within his team’s Jenkins pipelines. How does he do it? Damien follows four key principles to keep his cool in the job jungle: self-service, security, simplicity,...

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

Step-by-Step: Block and Quarantine Vulnerable Open Source Components and Artifacts with Nexus Firewall

Wed, 02/01/2017 - 08:00
We have added two more videos in the Tips from the Trenches Series free video based training, explaining how to configure and use Nexus Firewall to block and quarantine open source components with known vulnerabilities. 

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

The Nexus Firewall – Perimeter Defense for Software Development

Wed, 01/25/2017 - 08:00
The quantitative research summarized below, covering over 7,000 repositories across nearly 100 countries, highlights some of the challenges with quality at modern development velocities. You can respond by leveraging automation in your repository manager to improve application quality and reduce...

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

DevOps: Making the Boring Things Stay Boring

Thu, 01/19/2017 - 06:47
“I, For One, Welcome Our New Robot Overlords” is the title of Mykel Alvis’ (@mykelalvis) session at the 2016 All Day DevOps Conference. He wasn’t trying to curry favor with the new robot rulers, ala Kent Brockman, but, instead, was evangelizing on the importance of precision in...

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

LEGO, Death Stars, and Millennium Falcons, Oh My

Wed, 01/18/2017 - 08:50
Summary: Sonatype now offers a new revolutionary way to instantly give your teams access to vulnerability, license, and quality related data for the components they are consuming.

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies

DevOps for Small Organizations: Lessons from Ed

Fri, 01/13/2017 - 16:07
Ed was demoralized. He had just heard a speaker who would change his life. He knew he needed to change, and he knew what the end goal was. He just didn’t know how to get there. He needed fresh air. He needed endorphins. What better way to do that than go on a 6-hour run through some of the seedier...

To read more, visit our blog at www.sonatype.org/nexus.
Categories: Companies