DEVOPS WEEKLY ISSUE #657 - 30th July 2023
SBOM discussion and tooling, platform teams, integration tests for infrastructure as code, service level objectives and more this week. Plus another stalwart of the DevopsDays events coming up on its 9th anniversary in Chicago. Congrats to the organisers.
StackHawk sponsors Devops Weekly
Headed to Black Hat 2023? Stop by booth 2751 to learn how StackHawk’s DAST solutions could align with your security initiatives. Let us know if you’ll be there!
https://sthwk.com/Black-Hat-2023
News
Good advice to platform or operations teams supporting teams with different maturity level, including focusing on making the happy path easy, identifying the 80% use cases that are common and providing fast value.
https://medium.com/@hans.knechtions/supporting-teams-with-different-maturity-levels-c43f5b5080eb
A post on writing and running integration tests for CDK. A generally applicable topic for any cloud orchestration or infrastructure as code setup.
https://aws.amazon.com/blogs/devops/how-to-write-and-execute-integration-tests-for-aws-cdk-applications/
A recent podcast episode, along with a transcript, discussing the state of SBOM adoption and some of the interstate from the US government.
https://dabom.show/allan-friedman/
A look at Sloth and Pyrra, two tools for managing service level objectives with Kubernetes integration and accompanying dashboards.
https://medium.com/@dotdc/service-level-objectives-made-easy-with-sloth-and-pyrra-4adefe2572cf
A handy opinionated set of checklists for SRE. Covering new team members, responsibilities of an SRE leader, setting team goals and more.
https://github.com/bregman-arie/sre-checklist
Events
DevopsDays Chicago is coming up in just over a week, with the mix of in-depth talks, ignites and open space discussions. A great looking mix of talks on threat modelling, organisational politics, open telemetry and lots more.
https://chicago-tickets.devopsdays.org/2023/redeem?voucher=DEVOPS-WEEKLY
https://devopsdays.org/events/2023-chicago/welcome/
Tools
An interesting looking experimental project, bombshell is a shell for querying SBOM data, using the Common Expression Language.
https://github.com/chainguard-dev/bomshell