DEVOPS WEEKLY ISSUE #600 - 26th June 2022
Welcome to the 600th issue of this newsletter! That’s certainly a strange thing to write, nearly 12 years of sharing posts and tools on the evolving world of operations and devops.
StackHawk sponsors Devops Weekly
Calling all GraphQL enthusiasts! Join StackHawk Senior DevOps Engineer Zach Conger at HasuraCon on June 29 for a technical workshop on automating GraphQL APIs from security issues with automated testing. Registration is free!
https://sthwk.com/graphQL-security-testing
News
A new report on Devops and Cloud trends. Observations on eBPF and WASM, software supply chain security, low code, serverless and more.
https://www.infoq.com/articles/devops-and-cloud-trends-2022/
A post with tips for building out a devops team, considering skills, budgeting, organisational buy-in and more.
https://devops.com/untapping-the-potential-of-devops-part-4-tips-for-launching-a-devops-team/
An argument that devops (or at least certain approaches to improving collaboration between operations and developers) has failed.
https://leebriggs.co.uk/blog/2022/06/21/devops-is-a-failure
A post detailing the handy kubectl scale command line, which can be used to change the number of Kubernetes pod replicas.
https://www.containiq.com/post/kubectl-scale
A look at a Python DSL for drawing systems architecture diagrams, with built-in primitives for AWS, Azure, GCP, Kubernetes and more.
https://diagrams.mingrammer.com/
Tools
GitGat is a tool to help secure your GitHub configuration, using a set of Open Policy Agent policies that can make assertions against GitHub permissions.
https://github.com/scribe-public/gitgat
https://scribesecurity.com/blog/evaluate-your-source-control-security-posture-with-gitgat
Spin is an open source framework for building and running fast, secure, and composable cloud microservices with WebAssembly
https://github.com/fermyon/spin
https://spin.fermyon.dev/
Ratchet looks like a handy tool for improving the security of CI/CD workflows by automating the process of pinning and unpinning upstream versions. It’s like Bundler, Cargo, Go modules, NPM, Pip, or Yarn, but for CI/CD workflows.
https://github.com/sethvargo/ratchet
Keploy is an API testing platform that automatically generates test-cases and data-mocks from API calls.
https://github.com/keploy/keploy