Development of an ERP with CI/CD application, Authentication and System Auditing

Developing and maintaining software like ERPs can be challenging because of the complexity and the amount of data that these systems require maintaining. Many of the software programs can grow with weak structure, which lead to great effort to maintain, and with more probability to error. This project proposes that a development cycle that incorporates DevOps can have major bene ts, by not only removing some hassle the programmers and systems admins have with testing and deploying the system, but can also give a early feedback if the changes made into the application brings problems to the systems. The design of a CI/CD pipeline and audit logs, and the implementation in an ERP development helped get more feedback and cause of root problems, which lead to more confidence in the developers to make changes, and to escalate more quickly since the deployment is automatized.Desenvolver "software" como os ERPs podem ser difícil de manter devido à complexidade e a quantidade de dados envolvida nestes sistemas. Isto leva a que muitos destes "softwares" cresçam com uma estrutura de código fraca, o que leva a um esforço adicional para manter, e com maior probabilidade para erros. Este projeto propõe que a incorporação do conceito de DevOps no ciclo de desenvolvimento traz muitas vantagens, não só a remover algum trabalho dos programadores e dos administradores de sistemas ao ser mais fácil testar o sistema e fazer deploy do mesmo, mas também fornece uma forma de feedback mais rápida para eventuais erros. O "design" de uma pipeline CI/CD e logs para auditoria do sistema, e a respetiva implementação destes conceitos no desenvolvimento consegue dar mais feedback a problemas, o que leva a uma maior confiança dos programadores para fazer alterações, e conseguir escalar a solução mais rapidamente visto que a implantação é automatizada

From Agile to DevOps, Holistic Approach for Faster and Efficient Software Product Release Management

Release management is one of the most important software processes and is a set of processes that includes the compilation, configuration, and management of software versions in different environments. In recent years, changes in processes, technologies, and tools and changes in practices and understanding have paved the way for more effective, efficient, sustainable, reusable models and methods in this field. The purpose of this study is to examine the DevOps idea to produce a flow, highlight their benefits, and investigate with a model how these philosophies, which are two of the most important processes and methods in software development today, can reveal an effective release management process. What has been learned from the research is how the agile and DevOps practices, which have become widespread in recent years, can be positioned in a general flow in the release management process, although there are different practices, flows, disciplines, and technology. Sharing a case study on these issues in future studies and an experience sharing research where the flow is applied as a case study will reveal positive feedback on the real-life application and results of the flow and the model. Further, a literature review studies in which deficiencies in the literature are identified will be useful in determining the gaps in the process.Comment: You can find published version: https://dergipark.org.tr/tr/pub/@fatihbildiric

Security in DevOps: understanding the most efficient way to integrate security in the agile software development process

Modern development methodologies follow a fast and dynamic pace, which gives great attention to customers’ satisfaction in the delivery of new releases. On the other hand, the work pursued to secure a system, if not adapted to the new development trend, can risk to slow down the delivery of new software and the adaptability typical for an Agile environment. Therefore, it is paramount to think about a new way to integrate security into the development framework, in order to secure the software in the best way without slowing down the pace of the developers. Moreover, the implementation of automatic and repeatable security controls inside the development pipeline can help to catch the presence of vulnerabilities as early as possible, thus reducing costs, comparing to solving the issues at later stages. The thesis presents a series of recommendations on how to best deploy a so called DevSecOps approach and applies the theory to the use case of Awake.AI, a Finnish startup company focusing its business on the maritime industry. It is not always easy and feasible to practically apply all the suggestions presented in the literature to a real case scenario, but rather the recommendations need to be adapted and forged in a way that best suits the situation and the current target. It is undeniable that the presence of a strong and efficient secure development framework can give substantial advantage to the success of a company. In fact, not only it makes sure that the delivery of good quality code to the customers is not slowed down, but it also dramatically reduces the risk of incurring in expensive security incidents. Lastly, it is valuable to also mention that, being able to show a clean and efficient approach to security, the framework improves the reputation and trustfulness of the company under the eyes of the customers