Ci-Cd on Hi, I'm Muhammad Amal

Ci-Cd on Hi, I'm Muhammad Amal https://muhammadamal.my.id/tags/ci-cd/ Recent content in Ci-Cd on Hi, I'm Muhammad Amal Hugo en-us Wed, 16 Oct 2024 09:00:00 +0700 Secrets Scanning in 2024, TruffleHog and Gitleaks in CI https://muhammadamal.my.id/blog/secrets-scanning-trufflehog-gitleaks-ci-2024/ Wed, 16 Oct 2024 09:00:00 +0700 https://muhammadamal.my.id/blog/secrets-scanning-trufflehog-gitleaks-ci-2024/ A working setup for secrets scanning across TruffleHog and Gitleaks, with pre-receive enforcement and verifier-based prioritization. Wiring Trivy 0.45 Into a CI Pipeline That Actually Blocks Bad Builds https://muhammadamal.my.id/blog/trivy-container-scanning-pipeline/ Mon, 04 Sep 2023 09:00:00 +0700 https://muhammadamal.my.id/blog/trivy-container-scanning-pipeline/ Trivy 0.45 in CI: severity gating, ignore policies, DB caching, and the gotchas that bite teams shipping containers daily. Advanced GitHub Actions, Reusable Workflows, OIDC, and Matrix Patterns That Don't Become Spaghetti https://muhammadamal.my.id/blog/advanced-github-actions-reusable-workflows-oidc/ Fri, 23 Jun 2023 09:00:00 +0700 https://muhammadamal.my.id/blog/advanced-github-actions-reusable-workflows-oidc/ How to share CI logic across repos without copy-paste, authenticate to AWS and GCP without long-lived keys, and make matrix builds maintainable. Docker Compose for CI, Ephemeral Stacks per Test Run https://muhammadamal.my.id/blog/docker-compose-ci-ephemeral-stacks/ Mon, 25 Jul 2022 09:00:00 +0700 https://muhammadamal.my.id/blog/docker-compose-ci-ephemeral-stacks/ Compose in CI: ephemeral stacks per run, isolation, parallel safety, teardown, GH Actions. Containerizing a Rust Service, A Sub-25MB Production Image https://muhammadamal.my.id/blog/rust-docker-image-small-distroless/ Fri, 25 Mar 2022 09:00:00 +0700 https://muhammadamal.my.id/blog/rust-docker-image-small-distroless/ Sub-25 MB Rust image. cargo-chef, musl static linking, distroless, BuildKit cache. Full Dockerfile + CI. Deploying Docker Images from GitHub Actions to Staging https://muhammadamal.my.id/blog/github-actions-deploy-docker-staging/ Mon, 28 Feb 2022 09:00:00 +0700 https://muhammadamal.my.id/blog/github-actions-deploy-docker-staging/ GitHub Actions deploy to staging: build + push to GHCR + kubectl/SSH apply. OIDC over long-lived secrets. Working workflow. GitHub Actions Matrix Builds and Parallel Test Sharding https://muhammadamal.my.id/blog/github-actions-matrix-parallel-tests/ Fri, 25 Feb 2022 09:00:00 +0700 https://muhammadamal.my.id/blog/github-actions-matrix-parallel-tests/ Matrix builds in GitHub Actions. Multi-version, multi-OS, parallel test sharding, fail-fast trade-offs. GitHub Actions Caching, actions/cache + BuildKit Registry Cache https://muhammadamal.my.id/blog/github-actions-cache-buildkit/ Wed, 23 Feb 2022 09:00:00 +0700 https://muhammadamal.my.id/blog/github-actions-cache-buildkit/ GitHub Actions cache strategies. actions/cache@v3 keys, BuildKit registry cache for Docker, and the fixes that cut builds 6× faster. GitHub Actions for Go Monorepos, A 2022 Setup https://muhammadamal.my.id/blog/github-actions-go-monorepo/ Mon, 21 Feb 2022 09:00:00 +0700 https://muhammadamal.my.id/blog/github-actions-go-monorepo/ GitHub Actions for Go monorepos. Path filters, module cache, golangci-lint, race tests, sub-3-min CI.