DEVOPS WEEKLY ISSUE #534 - 21st March 2021

1 minute read

I was lucky enough to be around the nascent devops community early on, hence the long running nature of this newsletter. Another ever-present has been the State of Devops report, which is now open for the 10th year. Please do take the time to complete as the insights are always interesting.

env0 sponsors Devops Weekly

Prevent cloud misconfigurations by shifting security left in your IaC deployments!
https://www.env0.com/blog/better-together-checkov-and-env0

About env0: use Infrastructure as Code to let your team manage their own environments across clouds. Governed by your policies and with complete visibility & cost management.

News

The State of Devops report is in its 10th year. This year’s survey is now open, focusing this year on how teams and work are organized, interaction between teams, feedback loops, self-service and more.
https://puppet.com/blog/take-the-2021-state-of-devops-survey-be-part-of-our-10-year-history/
https://survey-d.dynata.com/survey/selfserve/53b/2103608?list=3#?

A post arguing for software bill of materials standards and implementations. Lots of context to the problem and to how similar risks are mitigated in other areas.
https://drrispens.medium.com/why-the-world-needs-a-software-bill-of-materials-now-5a565df65dff

gRPC is a general-purpose RPC layer. Addressing a range of different types of services means it’s configurable. And configuration is often a source of errors. This post explains why, along with some examples to learn from.
https://www.evanjones.ca/grpc-is-tricky.html

A 3 part series covering a wide range of production troubleshooting stori; performance problems, database migration, proxies, caching and more.
https://blog.flant.com/troubleshooting-web-apps-issues-6-recent-cases-from-our-sres/
https://blog.flant.com/recent-troubleshooting-cases-from-our-sres-part-2/
https://blog.flant.com/recent-troubleshooting-cases-from-our-sres-part-3/

Are you tired of bumping the image tag manually every time you make a change in Kubernetes? This post covers how to automate deployments and updates using Argo CD.
https://blog.argoproj.io/closing-ci-cd-loop-using-argoproj-a78a50a98fe8

An interesting interview on the importance and challenges of application security.
https://www.microsoft.com/security/blog/2021/03/11/the-biggest-challenges-and-important-role-of-application-security/

Standards benefit from multiple implementations. This post on runj describes a new OCI runtime implementation targeting FreeBSD and it’s Jails capability.
https://samuel.karp.dev/blog/2021/03/runj-a-new-oci-runtime-for-freebsd-jails/

Updated: