1 minute read

KubeCon EU a couple of weeks ago means there are several Kubermnetes relates posts this week, along with posts on developer platforms, devops attack surface, SBOMs and more.

StackHawk sponsors Devops Weekly

gRPC security scanning is in open beta. Scan each microservice and improve engineering best practices with StackHawk’s support for scanning gRPC services. Sign up to join the first gRPC security testing beta available in the market!
https://sthwk.com/gRPC

News

KubeCon EU wrapped last week, and the following post has a nice summary of the keynotes, community events and some of the track talks.
https://loft.sh/blog/kubecon-amsterdam-wrapup/

Lots of talk of internal developer platforms recently, so the following site looks useful. It’s curating links and content, including organising the component parts of developer platforms.
https://internaldeveloperplatform.org/

A devops threat matrix, looking at risks across access control, data persistence, credentials, exfiltration and more. A useful tool for discussing the attack surface of a modern application stack.
https://www.microsoft.com/en-us/security/blog/2023/04/06/devops-threat-matrix/

A look at the perils of comparing system diagrams, showing how complexity can hide in the level of detail, especially between different architecture approaches.
https://theburningmonk.com/2020/11/even-simple-serverless-applications-have-complex-architecture-diagrams-so-what/

A post on alternatives to Dockerfile for container builds. While it talks about some of the disadvantages, it doesn’t address the advantages of Dockerfiles and why they are (still) so popular.
https://www.chainguard.dev/unchained/move-over-dockerfiles-the-new-way-to-craft-containers

A nice, short, primer on software bill of materials covering the most common formats and some current growing pains of the ecosystem.
https://anonymoushash.vmbrasseur.com/2023/04/24/software-bill-of-materials-sbom

Tools

Sync Linear is a tool to synchronize Linear tickets and GitHub issues. Handy if you’re using Linear internally but have open source projects on GitHub.
https://synclinear.com/
https://github.com/calcom/synclinear.com

Updated:

You May Also Enjoy

DEVOPS WEEKLY ISSUE #694 - 21st April 2024

less than 1 minute read

A theme of architecture this week, with posts on the development of large systems, infrastructure evolution at scale, internal developer toolchains and more.

DEVOPS WEEKLY ISSUE #693 - 14th April 2024

2 minute read

I’ve been crazy busy this week and travelling today, and with it being the start of a new quarter I thought a highlights issue, with some of the top posts fr...