DEVOPS WEEKLY ISSUE #681 - 21st January 2024
A great excerpt from the new book Deming’s Journey to Profound Knowledge to kick things off this week, alongside posts on user centred IT, measuring developer productivity, environment provisioning, DSL geekery and more. Enjoy.
StackHawk sponsors Devops Weekly
[ICYMI] DAST is Dead! Long Live DAST! The Evolution of Dynamic API security Testing webinar is now available on YouTube. Watch on-demand here.
https://sthwk.com/long-live-dast-webinar
News
An epic post that’s well worth the long read. A look at each of the 14 points from Deming’s System of Profound Knowledge with modern cyber security examples.
https://itrevolution.com/articles/out-of-the-cyber-crisis-deming-in-the-world-of-cybersecurity/
The Developer Productivity and Happiness Framework is a useful set of documents formalising how to talk about and measure developer productivity and set goals to make improvements.
https://linkedin.github.io/dph-framework
A look at a new tool called DynamicEnv which rapidly spins up custom testing/dev environments for complex microservices architecture, streamlining workflow and boosting team agility.
https://medium.com/riskified-technology/revolutionizing-development-and-testing-with-dynamic-environment-a-solution-to-microservices-chaos-abad8a1865a7
Some good tips for being more user centred in IT departments, including multidisciplinary service teams. I do think how IT is treated from the outside has a lot to do with the problem as well though.
https://public.digital/2024/01/17/user-centred-it-why-best-practice-isnt-good-enough-in-information-technology
A post for other DSL geeks. Mainly discussing Polar, but I think this applies to other policy languages and domains too. Do you want your DSL to be Turing complete?
https://www.osohq.com/post/is-polar-turing-complete-and-why-i-hope-not
Tools
Vanna allows you to train a model on your database content, and then ask questions of an LLM which will return SQL queries to query it.
https://github.com/vanna-ai/vanna
Chalk is a new tool that captures metadata at build time, and can add a small ‘chalk mark’ with that information to any artefacts (like compiled binaries or container images).
https://github.com/crashappsec/chalk