What is the Code phase in the DevSecOps process?
This phase deals with the writing and management of the source code. The developers write the source code in the selected programming language (using development frameworks) in their favorite IDE (Integrated Development Environment) or text editors. In the case of a small/independent project, the project is processed into a deployable/usable form in IDE itself. However, when multiple developers are working on a big project, the code from all contributors needs to be collected in one place (Code Repository) before the build phase.
The following components are there in this phase:
IDE or Text Editor
Version Control System
People involved: Developers
What is a Version Control System?
A version control system (VCS) is used for tracking, sharing, managing the software source code. A VCS provided the users a way to host a code repository, pull the existing code, make changes to it, push the code back to the repository.
Examples: Git, Mercurial
External sources
What is version control? https://www.atlassian.com/git/tutorials/what-is-version-control
What is Git? https://git-scm.com/book/en/v2/Getting-Started-What-is-Git%3F
A step to step guide to Git: https://opensource.com/article/18/1/step-step-guide-git
What is mercurial? https://www.mercurial-scm.org/
Git vs Mercurial: https://www.perforce.com/blog/vcs/git-vs-mercurial-how-are-they-different
https://www.atlassian.com/blog/software-teams/mercurial-vs-git-why-mercurial
Why is it important in DevSecOps?
The source code is the heart and soul of the project as it literally defined what the project will perform and how will it work. In a complex project, multiple people work simultaneously on different releases, bug fixes, features, etc. Hence, it is an important task to make sure that no security issues are introduced in this phase.
What will you learn in this section?
The user will learn to perform the following tasks with CLI and GUI tools
Creating a Code Repository
Cloning existing Code repository
Making Code commits and pushing code
Maintaining different branches
Undoing Commits and rollbacks
Tools Covered
GitLab
Git CLI client
Git Cola (GUI client)
Labs Covered
Git: Learn Basics with Git CLI
Kali CLI and GitLab instance are provided. The user has to follow the manual and perform different activities related to Git VCS using the Git CLI tool.
Objective: Follow the manual and learn how to use Git with Git CLI!
Git: Learn Basics with Git Cola
Kali CLI and GitLab instance are provided. The user has to follow the manual and perform different activities related to Git VCS using the Git Cola tool.
Objective: Follow the manual and learn how to use Git with Git Cola!