Merry Christmast to those celebrating today. Just a few posts today, looking at architecture diagrams, kubectl plugins, avoiding merge conflicts in configuration files and more.

StackHawk sponsors Devops Weekly

Try automated security testing in CI/CD without connecting your own app or configuring an environment. Test a sample app in CI using GitHub Actions and follow guidance to triage and fix findings. Go on and give it a try!
https://sthwk.com/tutorial

News

A look at the security state of Azure DevOps pipeline extensions from the Azure Marketplace. Several concrete recommendations for publishers and consumers.
https://jessehouwing.net/security-state-of-the-azure-devops-marketplace/

The C4 model is a diagramming tool for describing software architecture. This post is a nice hand-on introduction with some useful examples to help get started.
https://medium.com/pragmatic-programmers/using-the-c4-model-to-design-applications-c2e0944018ad

A nice list of handy kubectl plugins with usage details.
https://home.robusta.dev/blog/top-kubectl-plugin-list

A series of posts on the evolution of a platform, moving to the cloud, adopting site reliability engineering practices and modern observability.
https://medium.com/@chussenot/making-a-technical-platform-aeb9338f47ad
https://medium.com/@chussenot/making-a-technical-platform-84933794feef

Some tips on avoiding merge conflicts with CloudFormation and OpenAPI specifications. Partly AWS specific, but some generally applicable advice too.
https://aws.amazon.com/blogs/devops/organize-your-aws-serverless-code-to-prevent-merge-conflicts/

A quick tip for setting flags as environment variables for Terraform, including for specific commands. A nice pattern for others to adopt.
https://surajincloud.com/terraform-cli-args-define-once-use-again-and-again-90356d1de787

A nice tutorial for a local Lambda development environment for Python, using SAM.
https://dev.to/skabba/mastering-local-aws-lambda-development-18mg