DEVOPS WEEKLY ISSUE #573 - 19th December 2021
APIs and integration, the return of Sysadvent, SLOs and a little Log4Shell this week. Hope folks still dealing with the ongoing vulnerability situation are getting some downtime after the last week.
StackHawk sponsors Devops Weekly
The recording of StackHawk’s step-by-step workshop on how to automate security testing with GitHub Actions is live! Watch now:
https://sthwk.com/github-actions-workshop
News
Sysadvent is back! With more than two weeks of posts on chaos engineering, home labs, refactoring Terraform code and more.
https://sysadvent.blogspot.com
SLOs are a powerful idea, but can be hard to implement well. This post explains why and what you can do about it.
https://medium.com/lightstephq/what-made-slos-so-messy-and-what-we-can-do-about-it-89be415a80b3
CLI tools that output structured data provide a useful integration opportunity. This post has good advice on designing JSON APIs for CLI tools.
https://blog.kellybrazil.com/2021/12/03/tips-on-adding-json-output-to-your-cli-app/
An interesting post on the shape of APIs, looking specifically at the Crossplane Resource Graph, GraphQL, the influence of language ecosystems on API choices and more.
https://blog.upbound.io/the-crossplane-resource-graph
A good long list of book recommendations for anyone building software or building teams that build software.
https://blog.pragmaticengineer.com/holiday-tech-book-recommendations/
Egress controls are often overlooked. They are often missed at the start of an infrastructure build out, and then considered expensive to add later. The recent Log4Shell vulnerability shows the importance of egress controls though.
https://www.davehall.com.au/blog/2021/12/13/close-the-gate-why-you-need-egress-controls-in-your-security-groups/
An 8 part series on observability for AWS lambda applications, covering tracing, logging, metrics and more for Python applications.
https://dev.to/pawelpiwosz/series/15135
Jobs
Heap Named as a Glassdoor’s #1 Best Place to Work! We’re building the analytics engine that helps 6,000 companies make smarter decisions.
If you’re ENTHUSIASTIC about scaling Engineering Ops via Cloud Engineering Ops; COLLABORATIVE in selecting and incorporating the best DevOps tooling to support scale; and DRIVEN toward infrastructure-as-code and production-release made easy; continue because there’s more:
If we’ve piqued your interest, find out more below and apply here:
https://heap.io/careers/jobs?gh_jid=3475999
You can read a recent blog post on our Engineering Blog too https://heap.io/blog/virtual-events
Tools
KDL (Cuddle) is a new node-based serialization format and a configuration language with some interesting properties. Still new, but libraries exist in several languages.
https://kdl.dev/
https://github.com/kdl-org/kdl