Distributed systems design, new programming languages, software supply chain maturity models, eBPF, on-call compensation. A range of different topics this week.
StackHawk sponsors Devops Weekly
Upcoming Webinar: Deeper API Security Test Coverage. Learn how to configure API security testing using existing resources like Postman Collections, Cypress Test Scripts, and other DevTools to test your API endpoints. No API specs required!
The Open Source Software (OSS) Secure Supply Chain (SSC) Framework provides a useful maturity model for consuming open source software securely.
Designing distributed systems involves lots of aspects. This handy mindmap of system design concerns could be handy.
A good example of the complexities inherent in modern software supply chains. A small number of packages built with a dangerous compiler flag cause a potentially huge impact downstream.
A post on establishing a culture of performance, by implementing continuous load testing. Good discussion of tools and people challenges, as well as the safety concerns of automating load testing.
eBPF is starting to power more and more interesting technologies. This post is a a quick eBPF primer and set of links to learn more.
A look at connecting Hashicorp Vault and Google CloudSQL using a custom Vault plugin.
CloudNativeCon US is coming up in Detroit in October, and this year there will be a dedicated Cloud Native Policy Day for all things Open Policy Agent. October 25th. Expect talks from end users and core maintainers.
Unison is a new programming language, with what looks like some interesting ideas.
Another language, Malloy, this time intended as a modern replacement for SQL, introducing a semantic modelling layer atop the data. It also compiles to SQL to make early adoption easier.
A handy free tool to help better surface on-call compensation information. Integrates with Pagerduty and Slack.