1. Artifacts/Maven repo setup
2. Docker Registry setup
• Dependency Scanning. • Container Scanning. • Static Application Security Testing (SAST) • Dynamic Application Security Testing (DAST). • License Compliance - FOSS.
4. Multi-Project Pipeline
5. Deployment to Kubernetes(GKE, AKS, EKS)
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object SpotBugs is a program to find bugs in Java programs. It looks for instances of “bug patterns” — code instances that are likely to be errors.