Tools in SHIP-HATS | Singapore Government Developer Portal
Have feedback? Please


Commercially Off the Shelf (COTS) tools are available on SHIP-HATS with right security and compliance settings. Here are curated links to documentation and tutorials to first learn the tools offered under SHIP-HATS. Note this is not specific to SHIP-HATS but a pre-cursor so you can use these tools within SHIP-HATS effectively.

Development Tools

Jira: Project management tool that is used to view, track and manage projects and the progress of your team’s tasks or bugs for a sprint displayed in an agile board. Overview | Tutorials

Confluence: Shared space for collaboration to view, access and manage all tasks and problems for the entire team enforces the idea of the shared responsibility. Knowledge sharing and environment also encourage experimentation. Overview | Tutorials

Bitbucket: Version control tool for software engineering team to collaborate on source code and integrate with software development tools to automate the release pipeline. Overview | Tutorials

Build Tool

Bamboo: Tool for Continuous Integration that allows constant merging and testing of code, which leads to early defect detection and saves time on fixing merge issues. Development teams also able receive rapid feedback on their work. Overview

QA & Security Tools

Nexus Repository Manager: Tool for artifact management to ensure that the development, build and production environments deploy consistent artifacts; Reduce errors due to differences in build artifacts. Version control for the release artifacts for better control and easier rollback. Overview

Nexus IQ: Tool for scanning application binaries and open source libraries for all popular formats, including NPM, Nuget, Maven, Bowser and more. Continuously monitors and alerts users of open-source vulnerabilities Overview

pCloudy Test Farm: Tool to execute automated tests on browsers (desktop, mobile) and mobile apps. Automation is triggered from Bamboo using Robot Framework. Overview

SonarQube: Automatic code review tool to detect bugs, vulnerabilities, and code smell. 15 base languages include C#, Java, CSS, VB.NET, JavaScript, XML, TypeScript, Python, Flex, Kotlin, PHP, Go, Ruby, HTML, Scala. Overview

Fortify WebInspect: Dynamic Application Security Testing (DAST) tool that identifies vulnerabilities in web applications and APIs while they are running in production. Overview & Free Trial

Fortify SCA: Static Application Security Testing (SAST) tool that identifies security vulnerabilities in software source code. Developers find and fix security defects in real-time during the coding process, with integrations to IDEs. Overview

Prisma Cloud Compute Edition (formerly TwistLock): A cloud native container vulnerability scanner that protects custom container images, configured by subscribers. Tutorials

Release Tools Release: Tool for release orchestration for continuous delivery. It enables teams across an organization to model and monitor releases, automate tasks within IT infrastructure, and cut release times by optimising release processes. Overview Deploy: Tool for Automating App Deployment. As software lifecycles continue to accelerate and deployment environments become numerous, error-free application deployments have become too complex to manage. Organizations need to automate and standardize. Overview

Was this article useful?

Last updated 05 July 2021