Query - CI/CD Stages and Tools Supported for integration
0
I am seeking clarification on the integration of Mendix Application Quality Monitor (AQM), Mendix Application Test Suite (ATS), and Mendix Automated Code Review (ACR) within the various stages of a DevOps CI/CD pipeline. Specifically, I would like to understand how these tools align with the different stages of the DevOps CI/CD pipeline, such as Product Backlog, SCM, Build, Unit Test, Code Review, Code Scan for Security (SAST), Publish, Release Management, Deployment, Testing, and Monitoring/Operate. Could you please provide insights into the appropriate integration of these tools within the DevOps CI/CD stages, considering their capabilities in areas such as SAST, DAST, code review, testing, and monitoring? Additionally, I would like to understand how third-party vendor tools can be integrated within the Mendix DevOps CI/CD pipeline. Try to put sequence of typically ci/cd integration step.. based on some assumption 1. Product Backlog(Stories with in Dev portal or JIRA Integration for 3rdparty vendor 2.SCM(TFS,GIT,SVN), 3. Build(npm, or maven or build tools supported and language supported to dev an application 4.Unit Test(Junit),(def application built only using java script or java) 4, Code review (ACR(Clever), 5. Code review & Scan for Security (SCA,SAST) -- sonarqube, ACR, for SAST (assumption) Sigrid, Semgrep 6. Publish the built packages( docker image or war or jar. not sure what pkgs supported ) into Docker repository (jfrog,Azure container registry 7. Release Management (Not sure) 8. Deployment (Public/private/on-premise - different solutoins cloudfoundry or kubernetes solution by providers) Does it provide automated template to provision the AKS OR EKS in AWS To provision the Env or Customer can leverage Terraform or ARM/Cloudformation kind of IAC code to bring up the infra, application onboarding features etc? 9. Post provision - Deploy application 10 Testing(Functional/Non Functional Testing - ATS (built in tool by Mendix) OR Sigrid & ACR also has capability to automated testing of performance, security . Not sure ATS, Sigrid & ACR how it is different or same by overlap some features 11. Monitoring /Operate - (What tools are supported for monitoring (Sigrid FOR Security maintenance aspect on live system?? ) or any toher tools used and what are the monitoring capabilities. built in to support hybrid cloud env or with in Mendix Cloud..