DEVOPS WEEKLY ISSUE #533 - 14th March 2021
The rich future of operations careers, secrets leakage, making encryption easier to apply to software releases and a few posts on Kubernetes tooling.
StackHawk sponsors Devops Weekly
Join Snyk and StackHawk on March 18 as they walk through how to use Software Composition Analysis (SCA) and Dynamic Application Security Testing (DAST) in CI/CD to ship more secure applications.
http://sthwk.com/stackhawk-snyk-webinar
News
Infrastructure and operations. Two words that folks typically consider as a moment in time, rather than as something more fundamental. A good post on the changes in infrastructure, and in how we operate it, and why change is always part of a career in operations.
https://thenewstack.io/the-future-of-ops-careers/
A look at the scale of secrets and sensitive data leaking into source code repositories, and where it’s most commonly found across different types of files.
https://blog.gitguardian.com/top-10-file-extensions/
The reason I’m a fan of Open Policy Agent is just how general purpose it is. Here’s a great example. Using OPA itself to lint OPA rego policies.
https://blog.styra.com/blog/linting-rego-with-rego
A detailed overview of different open source chaos engineering tools for Kubernetes.
https://blog.flant.com/chaos-engineering-in-kubernetes-open-source-tools/
Sigstore is a new project aiming to lower the barrier to entry to using signing to ensure the integrity of software releases. At the prototype stage but interesting to track progress.
https://sigstore.dev
https://next.redhat.com/2021/03/09/introducing-sigstore-software-signing-for-the-masses/
An argument for using Mage (a Go build tool) in place for Make, along with a basic introduction to Mage.
https://carolynvanslyck.com/blog/2021/01/mage-is-my-favorite-make/
Lots of practical tips for running Vault on Kubernetes. High availability, end-to-end encryption and more.
https://expel.io/blog/production-readiness-hashicorp-vault-kubernetes/
Tools
Dolt is a SQL database that you can fork, clone, branch, merge, push and pull just like a git repository. Connect to Dolt just like any MySQL database to run queries or update the data using SQL commands.
https://github.com/dolthub/dolt
PacBot is is a platform for continuous compliance monitoring, compliance reporting and security automation for the cloud. Custom rules in Java, as well as a plugin model for ingesting other data sources.
https://tmobile.github.io/pacbot/
Mackintosh is a framework for mocking microservices, with support for performance testing, asynchronous communications, multiple-services and more.
https://up9.com/open-source-microservice-mocking-introducing-mockintosh
https://mockintosh.io