1 minute read

Incident management, operating ElasticSearch clusters and Argo, tools for API linting and a scattering of other topics this week for your enjoyment.

StackHawk sponsors Devops Weekly

Don’t let the idea of “shifting left” spook you! Join AppSec leaders from StackHawk and Snyk for tricks and treats on how to shift security left the right way. Register here
https://sthwk.com/shift-left-right-way

News

Having a formal lead role for incident management is a common pattern. This post explains what that role should do, and why it’s important.
https://argoday.medium.com/incident-command-guide-9872b51d7c94

A good set of lessons for running Argo Workflows, from operating advice and tips for writing workflows.
https://hodgkins.io/argo-workflow-proven-patterns-from-production

An interesting look at common Dockerfile issues, based on real-world data.
https://depot.dev/blog/dockerfile-linting-issues

A look at the state of the WebAssembly community. Details on language usage, interest in upcoming functionality, use cases and more interesting survey take aways.
https://blog.scottlogic.com/2023/10/18/the-state-of-webassembly-2023.html

A post for anyone operating ElasticSearch clusters, in particular focused on managing cluster state. Some tips for designing clusters for easier management too.
https://sematext.com/blog/elasticsearch-scaling-cluster-state/

Events

SeaGL (the Seattle GNU/Linux Conference) is a free grassroots technical summit dedicated to spreading awareness and knowledge about free / libre / open source software, hardware, and culture. It’s coming up next week, on November 3rd and 4th at the University of Washington and online.
https://seagl.org/

Tools

One advantage of adopting OpenAPI is the ability to build tools on top. Zally is an API linter that catches various issues based on the Zalando REST API guidelines.
https://github.com/zalando/zally
https://opensource.zalando.com/zally/
https://opensource.zalando.com/restful-api-guidelines/

VictoriaMetrics is a monitoring tool and time series database. It’s compatible with both the Prometheus querying API and the Graphite API, which makes it possible to use as a drop-in backend replacement.
https://github.com/VictoriaMetrics/VictoriaMetrics

A useful project to catalogue software packages that are known to be malicious, starting with npm, rubygems, pypi and crates.io.
https://github.com/ossf/malicious-packages

Updated:

You May Also Enjoy

DEVOPS WEEKLY ISSUE #694 - 21st April 2024

less than 1 minute read

A theme of architecture this week, with posts on the development of large systems, infrastructure evolution at scale, internal developer toolchains and more.

DEVOPS WEEKLY ISSUE #693 - 14th April 2024

2 minute read

I’ve been crazy busy this week and travelling today, and with it being the start of a new quarter I thought a highlights issue, with some of the top posts fr...