A packed issue this week, with posts on supply chain security, AWS management, software development metrics, OpenTelemetry and more. Plus several interesting tools from a WebAssembly PaaS to a great JVM release tool.
StackHawk sponsors Devops Weekly
Looking to add security testing to your pipeline? Learn how StackHawk makes it easy to automate application security with our new guide for testing in CI/CD.
A post on implementing the DORA metrics, with some discussion of suggested improvements based on difficulty with measurement at scale.
Software built processes have always posed a risk of attack, this post makes clear that this is happening in the real world with some examples.
Another supply chain security post, this one looking at the part played by package manager lock files and how to use them.
A detailed introduction looking at OpenTelemetry collectors and exporters.
Some tips for anyone wanting a more organised Git history.
A primer on using Go for writing AWS CDK. Lots of examples and explanations of the programming model.
Mining software development stats seems to be a hot topic at the moment. This post is looking at dealing with technical debt, using quotas and metrics to drive continuous improvement.
A post for anyone using AWS DynamoDB, specifically looking at how to migrate large tables between separate AWS accounts.
Hippo is a PaaS for webassembly applications. Experimental at this stage, but providing a simple push-based deployment mechanism and good documentation to get started.
Jreleaser makes packaging and releasing JVM applications easier. Good defaults and flexible configuration, easily generate GitHub releases, update a homebrew tap and lots more.
Kwatch is a handy Kubernetes application that watches for crashes in the cluster, and posts information about them to Slack, Discord, Pagerduty and more.