1 minute read

Several posts this week on the Terraform licence change, covering the spectrum of opinions. Plus posts on attestation framework, actions from incident management, monitoring CoreDNS and more.

StackHawk sponsors Devops Weekly

[Aug. 31 @ 10 AM PT] StackHawk Office Hours: GitHub Insights. Unify developer tooling with StackHawk and GitHub—Automate security testing in familiar developer workflows to increase productivity and collaboration.
https://sthwk.com/office-hours-aug

News

A three part series on incident management, and in particular the different actions we might decide to take following an incident.
https://medium.com/@jpaulreed/a-spectrum-of-actions-part-i-d768c56ed5f7
https://medium.com/@jpaulreed/a-spectrum-of-actions-part-ii-a4cad1acd952
https://medium.com/@jpaulreed/a-spectrum-of-actions-part-iii-f242b5d25d90

Terraform, and other Hashicorp tools, are changing their licence terms, adopting the BSL and moving away from the open source MPL licence.
https://www.hashicorp.com/blog/hashicorp-adopts-business-source-license

With the changes to Terraform’s licence, lots of folks are thinking about what this means for them? This post takes the view of a CTO and breaks down a few areas of interest.
https://www.scalefactory.com/blog/2023/08/16/what-saas-ctos-need-to-know-about-the-terraform-licence-change/

Some in the Terraform community are looking at what they can do, with a proposal for a fork under a new open source foundation if the change goes through.
https://opentf.org/
https://blog.gruntwork.io/the-future-of-terraform-must-be-open-ab0b9ba65bca

Running CoreDNS? This set of posts is a good review of the metrics you should be caring about, and how to monitor them.
https://www.datadoghq.com/blog/coredns-metrics/
https://www.datadoghq.com/blog/coredns-monitoring-tools/

Cold start times are still a topic of discussion for serverless applications. This post discusses using AWS Lambda and API Gateway to debug problems, using a Node application example.
https://www.technoblather.ca/aws-lambda-nodejs-debug-apigw-cold-start-timeout/

Tools

Amplification is an opinionated platform for building Node.js apps. It’s intended to remove a lot of repeated work on application infrastructure, generating APIs, tools for data modelling and more.
https://github.com/amplication/amplication
https://amplication.com/

TACOS is a framework for attesting to the development practices of open source projects. It’s intended to solve some of the requirements in the NIST Secure Software Development Framework (SSDF).
https://tacosframework.dev
https://github.com/tacosframework/TACOS-spec

Updated:

You May Also Enjoy

DEVOPS WEEKLY ISSUE #694 - 21st April 2024

less than 1 minute read

A theme of architecture this week, with posts on the development of large systems, infrastructure evolution at scale, internal developer toolchains and more.

DEVOPS WEEKLY ISSUE #693 - 14th April 2024

2 minute read

I’ve been crazy busy this week and travelling today, and with it being the start of a new quarter I thought a highlights issue, with some of the top posts fr...