DEVOPS WEEKLY ISSUE #512 - 18th October 2020

1 minute read

Devops adoption KPIs and maturity models. New Hashicorp tools in Waypoint and Boundary. Discussion of versioning and security due-diligence. A range of different topics this week.

Env0 sponsors Devops Weekly

Check out a real world example of governed self-service environment deployment in the cloud using Terraform.
http://env0.com/devops-self-serve-video

About env0: use Terraform to let your team manage their own environments in AWS, Azure and Google. Governed by your policies and with complete visibility & cost management.

News

Measurement is one of the pillars of devops, but what KPIs should you measure to access your adoption of devops practices? This post has some suggestions and discussion.
https://codersociety.com/blog/articles/devops-success-in-organization

Versioning software is one of those problems that on the surface appears simple and quickly goes downhill from there. This post explores some of the nuances of the semantic versioning approach.
https://whileydave.com/2020/09/24/the-semantics-of-semantic-versioning/

Not quite an experience report, but some observations about the new Hashicorp workflow tool Waypoint.
https://copyconstruct.medium.com/waypoint-3f00b11da4a

An interesting post on the barriers to entry for new technologies in large organisations coming from security due-diligence.
https://blog.rickasaurus.com/2020/08/31/The-Infosec-Apocalypse.html

A balanced post on maturity models for devops. Discusses pros and cons and some of the areas such models should generally cover.
https://devopsonlinesummit.com/devops-maturity-model-what-is-a-better-alternative/

Kubernetes is built to be extended, and this presentation covers some of the most common integration points, including custom resources.
https://speakerdeck.com/gianarb/cloud-native-ambassador-day-extending-kubernetes

There are several best practices when it comes to writing Dockerfiles. This post describes a few of them and shows how to check for issues using Open Policy Agent.
https://cloudberry.engineering/article/dockerfile-security-best-practices/

Tools

Boundary provides a secure way to access hosts and critical systems without having to manage credentials or expose your network. It’s a modern alternative to juggling SSH keys and managing bastion hosts.
https://www.boundaryproject.io/
https://github.com/hashicorp/boundary

Waypoint is a new developer workflow tool that allows for defining build, deploy, and release lifecycle as code, and supports a plugin model with plugins for Docker, Kuberenetes, AWS, Azure, GCP, Netlify and more.
https://www.waypointproject.io/
https://github.com/hashicorp/waypoint

Use cert-manager in Kubernetes to automatically issues certificates for for your Puppet infrastructure.
https://github.com/camptocamp/puppetca-issuer

Updated: