Platform teams, CI/CD, supply chain security, Terraform hints and more this week. Hoping everyone is having a good start to 2023.
StackHawk sponsors Devops Weekly
StackHawk CSO and Co-Founder shared with Swapnil Bhartiya in a TFiR interview how the right tools can eliminate inefficient feedback loops among dev and security teams. Watch the chat:
A great set of 12 blog posts, exploring a wide range of challenges teams face as they try and build an internal development platform. From budget and team size, to cognitive load and user flexibility to multi-cloud. Lots to keep you busy.
A look at the prevalence of AWS credentials in packages published on PyPi. Some observations about why this happens too.
If you have a moment, please do complete the 2023 Open Standards Survey. An interesting topic, and the more data gathered the more interesting the final report should be.
One of the challenges with metaphors is they can break down around the edges. Describing how we consume software as a supply chain is useful in parts, but thinking of open source contributors as suppliers isn’t, as argued in this post.
A nice walkthrough how one team increased the observability of their CI and CD pipelines, laying out different options considered and diving into the implementation details of the chosen solution.
An interesting set of posts analysing booth messaging from AWS re:Invent and Kubecon last year. It’s certainly a novel way of looking at how vendors see the space at a moment in time.
GitHub has a lot of interesting data to explore, which can be useful to spelunk through when trying to understand usage of a library or adoption of a technology. This post explores using ClickHouse Playground and the GitHub Archive for quick adhoc queries.
A nice deep-dive post on HCL, the language used by Terraform. In this case looking at patterns for flexible loops, using the “any” type and a nice worked example.