DEVOPS WEEKLY
ISSUE #536 - 4th April 2021

Distributed operating systems, high performance teams and continuous delivery, logging, caching, security. Good range of content this week I reckon.


StackHawk sponsors Devops Weekly
============================

You can utilize Swagger Docs in security testing to drive more thorough and accurate vulnerability scans of your APIs. Learn how:

http://sthwk.com/api-testing-with-swagger


News
====

A pitch for a Distributed Operating System Interface (DOSi) and that operating systems should be reimagined to support higher level workloads that are managed in a distributed environment.

https://nivenly.com/lib/2021-04-02-operating-system-interface/


How do you fulfill the promise of continuous deployment? A presentation on the importance of high performance teams and how to build and measure progress.

https://speakerdeck.com/charity/cd


A nice explanation of how to trigger a GitHub Action from a webhook, using the repository dispatch configuration and API.

https://mainawycliffe.dev/blog/github-actions-trigger-via-webhooks


A post on what you should be logging, at least from a security point of view. A good overview of the Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) taxonomy from MITRE.

https://www.ncsc.gov.uk/blog-post/what-exactly-should-we-be-logging


A look at how one security team started building security into the development process by integrating various code scanning tools.

https://www.afterpaytechblog.com/software-security-at-rocketship-pace/


How to use a multilayer cache to improve cache hit rate on long tail content.

https://www.cdn77.com/blog/tackle-long-tail-with-multilayer-cache


What’s the argument for adopting a service mesh? This post explores the question, and some of the advantages and challenges.

https://containerjournal.com/features/when-is-service-mesh-worth-it/


What's New in Salt 3003 Aluminium: Beacons, Cloud, Development, Salt Extensions, Performance and caching, Juniper minion, FIPS mode and more.

https://salt.tips/whats-new-in-salt-aluminium-release/


Tools
=====

The first sigstore tool I’ve come across. Cosign allows for signing a container image and storing the signature in the registry, and finding and verifying signatures for a container image.

https://github.com/sigstore/cosign


If you received this email directly then you're already signed up, thanks! If however someone forwarded this email to you and you'd like to get it each week then you can subscribe at http://devopsweekly.com

--

You opted in for Devops Weekly at http://devopsweekly.com

You can always unsubscribe by visiting https://devopsweekly.us2.list-manage.com/unsubscribe?u=b6635e37e35fa5eff0c2a947a&id=a63f24d068&e=[UNIQID]&c=79bddb1440

If you have other queries you can contact the list maintainer at gareth@morethanseven.net

Our mailing address is 43 Gwydir Street, Cambridge, UK, CB1 2LG