DevOps Enhancements: My Summer on Broadcom’s NetMaster Team
This summer at Broadcom, I had the opportunity to join the NetMaster team—a group responsible for a powerful network monitoring tool that tracks mainframe connections. Heading into the summer-long role, I wasn’t sure what to expect, as the NetMaster team works on a wide variety of projects. I was excited to dive in, learn new skills and technologies, and contribute wherever I could.
Vault as a Service: Secure Credential Management in Jenkins
My first project involved integrating all of NetMaster’s Jenkins pipelines with Vault, a secure tool for storing credentials. Instead of managing secrets in spreadsheets or hardcoding them into repositories, Vault allows centralized and secure access to credentials during CI/CD pipeline execution.
Previously, our team stored all credentials directly in Jenkins using its built-in credential store. Transitioning to Vault added a valuable extra layer of security—and aligned our workflows with a Broadcom-wide initiative to improve code security across teams.
This integration helped me gain hands-on experience with Jenkins and taught me how powerful and flexible it can be. Our team was one of the first to complete this migration, which allowed me to offer insights and support to other teams as they started their own transitions. Along the way, I also identified some limitations with Vault’s current implementation, and our feedback is now helping shape future improvements.
While getting the first few pipelines working took some trial and error, the process quickly became more straightforward. During this work, we also realized that Vault could store more than just pipeline credentials—such as server SSL certificates. I researched how to do this, and that functionality will be integrated into our workflow in the future. Once these additional secrets are migrated, our codebase will be more secure, less prone to exploitation, and fully compliant with Broadcom policies and regulations.
Overall, this project introduced me to DevOps, Jenkins, and Vault, and taught me just how critical security is in modern software development. I also gained experience with configuration files and learned how credentials can be dynamically read from Vault during execution.
Custom E2E Test Pipelines for Network Insights
In our Network Insights Jenkins build pipeline, we have end-to-end (E2E) test stages for both Chrome and Firefox to verify that everything works as expected. But what if a developer only needs to run tests on one browser?
To solve this, I created a parameterized Jenkins pipeline that lets developers choose which browser tests to run—Chrome, Firefox, or both.
Key Features:
-
Build with Parameters: Developers select the browser from a dropdown menu and enter the deployment URL of the instance to test.
-
Error Checking: If the developer doesn’t specify a deployment URL, the job fails with a clear error message.
-
Build Metadata: On successful builds, the Jenkins job page shows which browser and deployment instance were used.
-
This new pipeline is especially useful for testing WatchTower deployments, enabling integration testing before release. Running E2E tests against deployed environments helps catch issues early and improves confidence in new features.
Example of the build with parameters page
Example of Jenkins Job if deploy URL is missing
Example of Jenkins job page on a build success
This project also introduced me to Allure test reports, which made troubleshooting much easier. It deepened my understanding of Jenkins parameters and demonstrated how they can be used to make pipelines smarter and more flexible.
Automating Endevor Notifications and Git Branch Syncing
My third project tackled a more complex challenge involving Endevor, Broadcom’s version control system for the mainframe.
The Problem:
-
Developers can move elements between stages in Endevor without submitting a GitHub pull request (PR), which poses a risk to QA.
-
When new sandboxes (workspaces) are created in Endevor, corresponding GitHub branches aren’t automatically synced—requiring manual intervention from a mapping admin.
My Solution:
To address both issues, I created an automated system using:
-
Zowe CLI + Endevor Plugin: To access and manage Endevor elements and stages
-
GitHub API: To list branches and check for sandbox-branch mapping
-
Endevor Bridge for Git + Zowe CLI: To map sandboxes to GitHub branches
-
Python: To tie it all together, making API calls and parsing responses
The script checks for unmapped sandboxes, creates corresponding branches, and maps them automatically. For notifications, I built a system that checks if an element has moved into the QA2 stage on a given day. If so, it sends a message to our team’s Google Chat, formatted using Card v2, to keep everyone informed.
Example chat message sent
To keep this system running regularly, I scheduled it with Jenkins to execute three times a day—ensuring timely updates regardless of time zones.
The Result:
-
The team is now instantly notified when an element reaches QA2—even if no PR was submitted.
-
GitHub branches are automatically synced with Endevor sandboxes, reducing manual work.
-
This setup improves transparency, accountability, and streamlines our development process in both Git and VS Code.
Takeaways from My Journey
My time with Broadcom’s NetMaster team this summer was an incredibly rewarding experience. Before this, I had never worked with mainframes—and now I understand how powerful and relevant they still are today. I learned how modern tools like Python can interact with traditional systems and how DevOps practices shape the development lifecycle.
Over the summer, I gained new skills, sharpened old ones, and tackled real-world challenges that stretched my problem-solving abilities. More importantly, I learned to think creatively and to question what’s possible.
None of this would’ve been possible without the amazing support of my mentor Chantz Wain, my manager Michael Bauer, and the entire NetMaster team. They pushed me to grow, encouraged me to explore new ideas, and created a space where I felt valued and challenged.
Thanks so much for this opportunity, Broadcom.