Trunk based development, observability cost and cognitive load, advances in web assembly and some interesting policy and security tools posts this week. Enjoy.
StackHawk sponsors Devops Weekly
Is your AppSec team copy and pasting lines of YAML every time a new app is ready for security testing? Try this instead: utilize environment variables and modularize configurations to share common elements across different applications.
A solid argument for adopting trunk based development, focused on speed, efficiency, stability, collaboration and more.
Something I see lots of teams starting to consider. An approach to observability that measures everything, and uses common SaaS tools, introduces a huge cognitive burden on operators, as well as a huge financial cost.
A provocative post on the need for more transparency when it comes to cloud service availability, and the impact that has on reliability for dependent services.
A request to not use GPT for security recommendations. There is some nuance here, mainly around the training data and prompts used.
A good introduction to the Kyverno policy engine for Kubernetes, and looking at CEL, the Common Expression Language.
An interesting comparison between search engines OpenSearch and Solr, comparing customizability, ops friendliness, community, governance and more.
Legitify is a handy tool for assessing the configuration of a GitHub or GitLab organisation, checking things like SSO, insecure webhooks, permissions and more.