All posts by Danny Bradbury

Salesforce launches a new streaming TV service, Salesforce+


Danny Bradbury

11 Aug, 2021

Salesforce is launching a streaming business TV service called Salesforce+ that will roll out as part of its Dreamforce conference in September. 

The company is designing the service on the digital content models used by companies like Netflix and Peloton but aimed at a business audience. The content will initially be created entirely using its internal team, under the brand name Salesforce Studios. Over time, though, it hopes to encourage more community content.

“The people watching Disney+, the people watching ESPN+, are the same people watching Salesforce content in a business setting, so why wouldn’t we follow that sort of direction? That’s really the genesis of this idea,” explained the company’s senior VP of brand marketing Colin Fleming in an interview about the new service. 

The initial Salesforce+ content features new shows and content the company has already produced and distributes through its YouTube channel. One example is its 70-episode-strong Leading Through Change series, which launched in March 2020. 

Other content on the service will include Connections, which features innovations with marketing executives from different companies, and a career advice series called Boss Talks. Another show, Simply Put, will be a short form program featuring simple explainer videos for complex business topics. 

The initiative will be the conduit for the company’s Dreamforce event next month, which moved online last year due to the pandemic. The event will be mainly online this year, with in-person attendance by invitation only.

Salesforce+ Dreamforce coverage will feature four broadcast channels with a combined 100 hours of initial content: Prime Time, Trailblazer, Customer 360, and Industries. 

Prime Time will feature news announcements and customer case studies. Trailblazer will feature interviews with industry leaders and previews of Salesforce products. The Customer 360 and Industries channels will feature more case studies and innovation stories. 

The company added that viewers would be able to customize their content into collections focusing on different topics, such as artificial intelligence (AI) and financial services. They will also be able to ask questions via the platform and get live answers from presenters during the Dreamforce event.

Salesforce enhances cloud-based health care offering


Danny Bradbury

10 Aug, 2021

Salesforce has expanded Health Cloud, its cloud-based service for health care organisations, with several new features targeting remote patient management and data protection. 

The company has added four enhancements to Health Cloud. The first addition, remote patient exception monitoring, harvests data from connected health care devices and presents it in a single dashboard interface targeting care coordinators. 

Metrics displayable in the dashboard include heart rate and blood glucose levels. This will enable health care workers to better understand patient conditions without needing physical visits, Salesforce said. 

Salesforce’s new appointment management feature suggests remote and in-person appointment times for patients. Users can select available appointment types and times via any device, and the system can also offer pre-appointment questionnaires to help gather the necessary data ahead of the appointment. 

The cloud service provider says this will reduce no-shows and administrative costs incurred through manual back and forth with human schedulers. 

The third new feature, medication management, tackles the management of medication lists. Many clinics still use manual, paper-based systems to track patient medication, making it difficult to monitor medication adherence, Salesforce said. 

Targeting pharmacies, small clinics, and retail outlets, medication management will reduce the administrative overhead of tracking patient medication lists. The service will also integrate with RXNorm, a system that standardises naming conventions for generic and brand name drugs in the US. 

The final enhancement focuses on regulatory compliance and helps in-home patient care companies protect patients’ health information. Salesforce is certifying Salesforce Maps, B2C Commerce, and Order Management services as compliant with the US government’s HIPAA health care privacy regulations. 

This certification gives mobile health care workers access to sensitive patient data on the move via Salesforce Maps while staying compliant with regulations, the company said. It also enables companies, including retail health locations and pharmacies, to set up e-commerce stores dealing with sensitive patient orders via HIPAA support in Salesforce B2C Commerce and Salesforce Order Management. 

Microsoft suspends Windows 365 trials


Danny Bradbury

5 Aug, 2021

Microsoft has suspended its Windows 365 trial just a day after launch due to heavy demand. 

In a tweet, the company said it was experiencing “significant demand” for the service, which offers easy-access virtual desktops in the cloud accessible via a browser or Microsoft’s Remote Desktop application. It added it reached capacity for Windows 365 trials. 

This morning, Scott Manchester, director of program management for Windows 365, added that the company saw an “unbelievable response.” People should still sign up for the service to be notified when it resumes, he added. 

Microsoft announced Windows 365 on July 14 and took it live Monday, August 2, providing an easy way for smaller businesses to access virtual Windows desktops in the cloud. The service runs on a virtual machine Microsoft calls a Cloud PC, which is available in various configurations up to eight cores with 32GB of RAM. 

Windows 365’s Business Edition is configurable using a self-service portal, and the Enterprise Edition is configurable using Microsoft’s Endpoint Manager tool. The latter also features integrations with Azure Active Directory and Defender for Endpoint. 

Microsoft already offers a desktop as a service (DaaS) option in Azure Virtual Desktop, which the company used to call Windows Virtual Desktop. However, Microsoft sells this on a consumption-based pricing model, plus it’s more complex to administer. Windows 365 is available for a flat monthly fee.

Initial reactions to the service were mixed. “I’ve just had it for a day but it’s already been useful,” tweeted one user in response to Manchester. “Full coding on my iPad.” 

Another user was less impressed. “Is this why my Cloud PC refuses to reset? I’ve been waiting 30 hours for it to reset and no one from support has answered me,” they said. 

It’s still early days for Windows 365, which will receive more features over time. Microsoft promised support for offline working, along with potential GPU options for Cloud PC power users.

MuleSoft buys automation company Servicetrace


Danny Bradbury

3 Aug, 2021

Salesforce-owned MuleSoft has announced it will buy robotic process automation (RPA) company Servicetrace for an undisclosed amount.

The acquisition will complement MuleSoft’s application composition platform, explained executives.

MuleSoft sells Anypoint, an application programming interface (API) development platform for building reusable connections between applications and data so developers can compose applications more easily. Salesforce acquired MuleSoft in 2018.

Servicetrace offers the XceleratorOne RPA tool. RPA helps companies to automate manual processes by copying human activities, cutting down on manual labour and human error.

The Servicetrace tool enables companies to identify processes that would benefit from RPA and model them for automation. Servicetrace says that the tool can automate long, complex processes and connect artificial intelligence (AI) solutions for automated decisions. It also organises those automations across a company and enables managers to assess the return on investment from automated processes.

The RPA product will integrate with Salesforce’s Einstein Automate solution, which already handles automation tasks for the company’s clients.

“Our platform makes it easy to unlock and integrate data from anywhere — wherever it resides — and manage, monitor, secure, and govern that data at scale,” said MuleSoft CEO Brent Hayward in an announcement.

MuleSoft will now also make it easy for line of business and knowledge workers to automate business processes and dramatically increase efficiency and speed.”

Servicetrace also offers automated software testing tools and application performance monitoring tools that use bots to monitor users’ experience across complex software architectures.

The acquisition will close by the third quarter of Salesforce’s fiscal year, ending October 31, 2021.

IBM snaps up DevOps services specialist BoxBoat


Danny Bradbury

9 Jul, 2021

IBM is acquiring DevOps consulting company BoxBoat Technologies as part of an ongoing effort to bolster its cloud software capabilities.

BoxBoat was founded in 2016 to help create strategies for container-based software development. It advises companies on how to build software development pipelines for cloud-native applications and on how to convert existing applications for container-based environments, and offers a range of training services to support this.

This is the latest acquisition in IBM’s push to establish dominance in the cloud software development space, which has seen it invest heavily in Kubernetes-based container infrastructure, on which many modern cloud applications depend.

IBM has said it will fold BoxBoat into its Global Business Services unit to bolster its hybrid cloud portfolio, focusing on container strategy and services. The deal’s value has not been disclosed.

One of BoxBoat’s focal areas is increasing the security of DevOps processes and has spent time recently addressing software supply chain security following the SolarWinds attack. Security experts are increasingly worried about adversaries compromising software development processes and inserting malicious code into software before it is deployed.

BoxBoat has been working closely with the Cloud Native Computing Foundation (CNCF) on its Secure Production Identity Framework for Everyone (SPIFFE) project. This is an open-source initiative that assigns secure identity certificates to cloud workloads, making it easier for microservices to authenticate with each other securely in the cloud.

The company also works with another Linux Foundation initiative called in-toto, to help secure DevOps pipelines from intruders who might try to compromise software in development.

BoxBoat has parlayed some of this work on third-party software security into a contract with the US Department of Defense under its Small Business Innovation Research (SBIR) initiative to help secure software supply chains.

This is the latest acquisition in a series for IBM, which acquired Red Hat in 2019 for $34bn. More recently, it acquired cloud implementation services company Nordcloud in a December deal that closed in Q1 2021. It also bought cloud managed services provider Taos a month later.

Microsoft announces Windows 11 with redesigned UI, third-party app payments, and more


Danny Bradbury

25 Jun, 2021

Microsoft officially rolled out Windows 11 today with a slew of features targeting users and developers alike — and a sideways jab at rival Apple

Openness was the key talking point for CEO Satya Nadella when unveiling the new operating system, which will ship later this year. “Windows recognises that there is no personal computing without personal agency,” he said. Nadella added, “We want to remove the barriers that too often exist today and provide real choice and connection.” 

The new operating system will feature support for Android apps purchased from Amazon’s app store. In a swipe at Apple, the company also revamped the Microsoft Store, allowing developers to use their own payment systems when charging for apps. This lets developers keep 100% of the revenue. 

“Windows has always stood for sovereignty for creators and agency for consumers,” said Nadella, who highlighted its multi-marketplace support as a key differentiator from Apple in an interview with the Wall Street Journal today. “Operating systems and devices should mould themselves to our needs and not the other way around.” 

Openness didn’t seem to be the central theme in at least one Windows 11 feature announcement, though. 

In a move sure to worry other collaboration and video conferencing application providers, Microsoft has integrated Teams more closely into the operating system. This integration creates an interface that places contacts into the start bar and makes it easier to enter Teams video calls.

One welcome feature the company revealed in preview versions of Windows 11 is a universal mute button. This allows you to mute all video calling systems, so you can rest assured your mic isn’t hot. 

Windows 11 will also feature some user interface (UI) changes. Users will arrange their application windows into pre-configured layouts. The operating system will retain these layouts when you switch between external monitors and laptop displays. This feature, called Snap Layouts, is one of several enhancements designed to make the keyboard-free experience more intuitive when using Windows in a tablet format. 

The new UI will also include new visual cues for resizing windows and a start menu that’s centred on the screen rather than off to the side. Windows 11 will also feature a redesigned on-screen keyboard with swipe-to-type features and emojis. 

Other new features integrated directly into the start menu will include Windows Widgets, which will be tabs of content, including news tailored to users’ content viewing habits. One intriguing feature will be the ability to tip content creators through the widget platform. 

Alongside other cosmetic changes, like rounded corners, the system will also feature some under-the-hood changes. Updates will be 40% smaller and will happen in the background, so people can keep working through them. 

On the gaming side, Microsoft will bring across a few features from the Xbox platform. Games that support HDR for better contrast and more vibrant colours will now benefit from that feature on Windows 11. The operating system will also offer Direct Storage, which will use the graphical processing unit (GPU) to load data without burdening the CPU. The company will also integrate the Xbox Game Pass system directly into the desktop operating system. 

There was a notable lack of talk about privacy during the launch, which is a theme Apple has continually promoted in its products. Instead, Microsoft seems to differentiate itself from Apple by emphasizing its platform’s openness and willingness to relinquish control. 

Microsoft’s support for Android apps might also give it some traction over Google’s Chromebook platform, which has enjoyed meteoric sales in recent months. 

“Throughout its history Windows has been a democratizing force for the world”, Nadella said in the announcement wrap. Microsoft settled with the DoJ on monopoly charges in 2001 for giving preferential treatment to its Internet Explorer browser. In the same year, It also called open source software “a cancer,” though it apologized for the statement in 2020. 

Microsoft has since built support for Linux directly into the operating system. An analysis of leaked Windows 11 code suggests it might be able to run graphical Linux apps on the Windows desktop. 

Over two-thirds of companies still run software with WannaCry flaw


Danny Bradbury

13 May, 2021

Four years after the global WannaCry and NotPetya ransomware attacks, two-thirds of companies still haven’t patched the vulnerabilities that caused them, according to cloud network detection and response company ExtraHop.

The company investigated data from its Reveal(x) security platform in the first quarter of 2021 to determine which protocols its customers were running. It found that 88% of them were still running at least one device using SMBv1, which was a pivotal attack vector for the EternalBlue exploit used in the two ransomware attacks. 

Although a single device could mean a company is maintaining it just for use by an attack team, a more worrying statistic was that 67% of companies are running over 10 SMBv1-enabled devices. Over two-thirds (37%) were running more than 50, and 31% of companies checked had over 100 SMBv1 devices on their networks.

The report also highlighted heavy use of two other protocols in Windows servers. The first, called Local Loop Multicast Name Resolution (LLMNR), is an alternative to DNS for resolving basic names within a private network. It has a similar problem to Windows’ old NetBIOS naming service, in that it communicates with all clients on the network rather than a specific server. 

That enables an attacker to listen for and reply to access requests, creating a race condition to harvest the client’s hashed credentials if it establishes a conversation quickly enough. It can then decrypt those credentials, giving an attacker access to a client’s network account, or use them in a pass-the-hash attack.

The other protocol, New Technology LAN Manager (NTLM) v1, is a decades-old network authentication mechanism that has long been obsolete. Nevertheless, over a third (34%) of companies have over 10 devices using it, ExtraHop said. Almost one in five (19%) had over 100 devices using the protocol, despite Microsoft advising people to stop using it altogether in favor of the more secure Kerberos system.

The report also found that few companies had embraced using TLS encryption over HTTP (HTTPS), which browser vendors have aggressively enforced. It found that 81% of enterprise environments were still using HTTP to send access credentials in plain text.

ExtraHop said it analyzed over four petabytes of traffic each day in its investigation of online protocol usage.

Head of Homeland Security had his email hacked in SolarWinds attack


Danny Bradbury

30 Mar, 2021

According to a new report, suspected Russian hackers accessed email accounts belonging to the Trump administration’s head of the Department of Homeland Security (DHS).

The Associated Press reported that hackers also gained access to emails belonging to members of the department’s cyber security staff that had the job of hunting foreign cyber threats.

The emails belonged to then-acting secretary Chad Wolf, and hackers compromised them during the months-long SolarWinds attack. It’s unknown what information, if any, was stolen.

Senator Rob Portman of Ohio, top Republican on the Senate’s Homeland Security and Governmental Affairs Committee, said the SolarWinds hack “was a victory for our foreign adversaries and a failure for DHS. We are talking about DHS’s crown jewels,” AP reported.

In addition to Wolf’s email, hackers also obtained officials’ schedules at the Energy Department, including then-Secretary Dan Brouillette. But, in this instance, schedules were not confidential.

A DHS spokesperson said in a statement to the media that “a small number of employees’ accounts were targeted.”

“Upon learning about the campaign, the Department took immediate steps to respond to the incident, including leveraging response teams from CISA and private sector partners, to continue executing its mission,” said the spokesperson, reported The Hill.

“The Department no longer sees indicators of compromise on our networks and remains focused on further securing our networks against future attacks, integrating lessons learned from this incident. However, this widespread intrusion campaign has again shown that our strategic adversaries are sophisticated, persistent, and have increasing capabilities.”

In interviews with AP, anonymous officials said the response to the hacking campaign was hampered by its outdated technology and there were struggles to discover how many servers ran the SolarWinds software.

In one example, the Federal Aviation Administration (FAA) said the hack didn’t affect it, only to admit a few days later that it was conducting investigations a few days later.

Other victims of the SolarWinds hack include the Commerce and Treasury Departments, National Finance Centre, the State Department, the National Institutes of Health, the Energy Department, and the National Nuclear Security Administration.

The AP reported the Biden administration isn’t planning to step up government internet surveillance but will instead focus on better private sector partnerships and enhanced information sharing.

VMware buys Mesh7 in cloud security push


Danny Bradbury

19 Mar, 2021

VMware is expanding its security capabilities with the acquisition of cloud-native security company Mesh7.

The acquisition, the terms of which have not yet been disclosed, will better enable VMware to monitor cloud application traffic between virtual machines, the company said. 

Many products, such as intrusion prevention systems and firewalls, secure traffic travelling across a network, but increasingly, companies are using virtual machines or containers and sending requests between them using application programming interfaces (APIs).

Organisations need visibility into those APIs to see how the software that uses them is behaving. Mesh7 offers a product that monitors those APIs and calls, called the API Service Mesh, which includes functions including an API firewall and API gateway.

The API Service Mesh can tell when Kubernetes applications are being accessed externally and can monitor API security within applications that are distributed across lots of locations and machines. This makes it ideal for DevSecOps, which is a version of the cloud-focused DevOps development discipline that automates development and deployment.

VMware, with its heritage in virtual machines, was interested in Mesh7’s cloud-native API monitoring capabilities. Another thing that made the company an attractive acquisition target was API Service Mesh’s reliance on Envoy, which is an open source proxy system built for cloud-native applications originally created at ride-sharing company Lyft.

Envoy enables cloud-native application traffic to run over its communications bus, making it easier for DevOps pros to see what large distributed applications are doing and identify any performance issues or other operational problems. VMware uses Envoy in its own Tanzu Service Mesh that automates networking and security in distributed applications.

“VMware is seeing increased demand for a fully integrated API + service mesh product with Envoy as the foundation. The exact same Envoy architecture used in the initial service mesh use case can also control how one application can talk to another application via APIs,” said Tom Gillis, SVP and GM of VMware’s security business unit, in a blog post announcing the acquisition.

API security is becoming an increasing problem for developers and operations teams alike as companies move increasingly to API calls. Akamai has said that 83% of web traffic consists of API calls, and 40% of web applications’ attack surface is API-based. Salt Security recently revealed that 90% of businesses experienced API security vulnerabilities in 2020.

Automate your software builds with Jenkins


Danny Bradbury

3 Mar, 2021

Software developers can work well alone, if they’re in control of all their software assets and tests. Things get trickier, however, when they have to work as part of a team on a fast-moving project with lots of releases. A group of developers can contribute their code to the same source repository, like Git, but they then have to run all the necessary tests to ensure things are working smoothly. Assuming the tests pass, they must build those source files into executable binaries, and then deploy them. That’s a daunting task that takes a lot of time and organisation on larger software projects.

This is what Jenkins is for. It’s an open-source tool that co-ordinates those stages into a pipeline. This makes it a useful tool for DevOps, a development and deployment approach that automates the various stages of building software, creating an efficient conveyor belt system. Teams that get DevOps right with tools like Jenkins can move from version roll-outs every few months to every few days (or even hours), confident that all their tests have been passed.

Jenkins used to be called Hudson, but its development team renamed it after Oracle forked the project and claimed the original name. It’s free,  and runs on operating systems including Windows, Mac, and Linux, and it can also run as a Docker image.

You can get Jenkins as a downloadable from the Jenkins.io website, but you’ll need to run the Java runtime environment to support it. Alternatively, you can install it as a Docker container by following the instructions on the official Jenkins site, which is what we’ll do here. Docker takes a little extra work to set up, but the advantage here is twofold: it solves some dependency problems you might run into with Java, and it also enables you to easily recreate your Jenkins install on any server by copying your Docker file and the Docker run command to run it, which we put into a shell script for increased convenience. Jenkins’ Docker instructions also install a souped-up user interface called Blue Ocean. If you don’t use the Jenkins Docker instructions you can also install Blue Ocean separately as a plugin.

First, we must create a Python program for Jenkins to work with. We created a simple file called test-myapp.py, stored on our Linux system in /home/$USER/python/myapp. It includes a basic test using the Python PyTest utility:

#test_capitalization

def capitalize_word(word):

    return word.capitalize()

 def test_capitalize_word():

    assert capitalize_word(‘python’) == ‘Python’

Create a Github repository for it using git init. Commit the file to your repo using git add ., and then git commit -m “first commit”.

Now it’s time to start Jenkins using the docker run command in the Jenkins teams’ Docker instructions. Once Jenkins is running, you can access it at localhost:8080. It will initially show you a screen with a directory path to a file containing your secure first-time access password. Copy the contents of the file to get logged into the administration screen, and from there it will set up the basic plugins you need to work with the software. Then, you can create a new user account for yourself.

 

If you’re not already in the Blue Ocean interface, click on that option in the left sidebar. It will ask you to create a project. Call it myapp and then select Git as the project type in the Blue Ocean interface.

Blue Ocean will now ask you to create a pipeline. Click yes. We’re going to write this pipeline ourselves in a ‘Jenkinsfile’, which we’ll store in our myapp folder.

A Jenkinsfile is a test file describing your pipeline. It contains instructions for the stages of each build. It looks like this:

pipeline {

    agent any

     stages {

        stage(‘Build’) {

            steps {

                <steps for this stage go here>

            }

        }

        stage(‘Test’) {

            steps {

                <steps for this stage go here>

            }

        }

        stage(‘Deploy’) {

            steps {

                <steps for this stage go here>

            }

        }

    }

}

Each stage reflects a step in the build pipeline and we can have as many as we like. Let’s flesh out this template.

Python programs don’t need building and deploying in the same way that, say, C++ programs do, because they’re interpreted. Nevertheless, Jenkins is useful in other ways. We can test our code automatically, and we can also check its formatting to ensure that it’s easy for other developers to read.

To do this, we need to compile the Python program into bytecode, which is an intermediate stage that happens when you run Python programs. We’ll call that our build stage. Here’s the Jenkinsfile for that step:

pipeline {

    agent none

    stages {

        stage(‘Build’) {

            agent {

                docker {

                    image ‘python:2-alpine’

                }

            }

            steps {

                sh ‘python -m py_compile test_myapp.py’

                stash(name: ‘compiled-results’, includes: ‘*.py*’)

            }

        }

    }

}

The agent is the external program that runs this stage. We don’t define a global one, but we do define one for the individual stage. In this case, because we’re using Docker, it’s a lightweight Alpine container with a Python implementation.

For our step, we run a shell command that compiles our python file.

Save this in your project folder as ‘Jenkinsfile’ and then commit it using git add . and git commit -m “add Jenkinsfile”.

Back in the UI, ignore Blue Ocean’s prompt to create a pipeline. Once it spots the Jenkinsfile in your repo, it’ll build it from that automatically. Go into the Jenkins dashboard by clicking the exit icon next to the Logout option on the top right, or clicking the Jenkins name on the top left of the screen, to get to the main Jenkins screen. Look for your new project in the dashboard and on the left, select Scan Multibranch Pipeline Now.

Wait for a few seconds and Jenkins will scan your Git repo and run the build. Go back into the Blue Ocean interface, and all being well you’ll see a sunny icon underneath the HEALTH entry that shows the build succeeded. Click on myapp, then Branch indexing, and it’ll give you a picture of your pipeline and a detailed log.

Now we will add a test stage. Update your code to look like this:

pipeline {

    agent none

    stages {

        stage(‘Build’) {

            agent {

                docker {

                    image ‘python:2-alpine’

                }

            }

            steps {

                sh ‘python -m py_compile test_myapp.py’

                stash(name: ‘compiled-results’, includes: ‘*.py*’)

            }

        }

        stage(‘Test’) {

            agent {

                docker {

                    image ‘qnib/pytest’

                }

            }

            steps {

                sh ‘py.test –verbose –junit-xml test-results/results.xml test_myapp.py’

            }

            post {

                always {

                    junit ‘test-results/results.xml’

                }

            }

    }

    }

}

We’re using another Docker container to run a simple PyTest (which we included in the code of our myapp.py file). Save this file and update your repo with another git add a . and git commit -m “add test stage to Jenkinsfile”. Then, scan the multibranch pipeline as before. When you drop into Blue Ocean, you’ll hopefully see success once again. Note that Docker stores everything it runs in its own volume, along with the results. Although you can work some command line magic to access those files directly, you don’t need to; Jenkins shows you those assets in its UI. Click on the latest stage to open the build details, and find the entry that says py.test –verbose –junit-xml test-results/results.xml testmyapp.py. Clicking on that shows you the results of your test:

Everything passed! Now we’re going to bring it home with the final stage in our demo pipeline: checking the code formatting. There are specific rules for formatting Python code as outlined in the language’s PEP-8 specifications. We’ll update our Jenkins file to use a tool called PyLint that will check our code. Here’s the full Jenkinsfile for all three stages of our pipeline:

pipeline {

    agent none

    stages {

        stage(‘Build’) {

            agent {

                docker {

                    image ‘python:2-alpine’

                }

            }

            steps {

                sh ‘python -m py_compile test_myapp.py’

                stash(name: ‘compiled-results’, includes: ‘*.py*’)

            }

        }

        stage(‘Test’) {

            agent {

                docker {

                    image ‘qnib/pytest’

                }

            }

            steps {

                sh ‘py.test –verbose –junit-xml test-results/results.xml test_myapp.py’

            }

            post {

                always {

                    junit ‘test-results/results.xml’

                }

            }

    }

        stage(‘Lint’) { 

            agent {

            docker {

                    image ‘eeacms/pylint’

        }

        }

            environment { 

                VOLUME = ‘$(pwd)/test_myapp.py’

                IMAGE = ‘eeacms/pylint’

            }

            steps {

            withEnv([‘PYLINTHOME=.’]) {

                    sh “pylint ${VOLUME}”

        }

        }

    }

    }

}

Follow the same steps as before: save the file, commit it to your Git repo so that Jenkins sees it, and then rescan the multi-branch pipeline. Then go into Blue Ocean and look at the result. Oh no!

The pipeline stage failed! That’s because our code is badly formatted, and PyLint tells us why. We’ll update our test_myapp.py file to make the code compliant:

“””

Program to capitalize input

“””

#test_capitalization

def capitalize_word(word):

    “”” Capitalize a word”””

    return word.capitalize()

 def test_capitalize_word():

    “””Test to ensure it capitalizes a word correctly”””

    assert capitalize_word(‘python’) == ‘Python’

Now, save, commit to your repo, and rescan. Blue Ocean shows that we fixed it (note that in our demo it took us a couple of runs at the Python code to get the formatting right).

You could run all these steps manually yourself, but the beauty of Jenkins is that it automates them all for faster development. That makes the tool invaluable for developers working on a fast cadence as part of a team, but even a single freelance dev, or a hobbyist working on open-source projects, can use this to refine their practice.