InfoQ Homepage DevOps Content on InfoQ
-
Software Supply Chain Security Project in-toto Accepted into CNCF Incubator
The CNCF Technical Oversight Committee (TOC) has accepted the in-toto project as a CNCF incubating project. The in-toto project aims to cryptographically protect the entire software build and delivery process - the “supply chain” - from malicious actors.
-
Google Previews the Exactly-Once Delivery Feature for Its Pub/Sub Service
Recently, Google announced the preview of the exactly-once delivery feature for its Pub/Sub Service. Pub/Sub guarantees that subscriptions do not receive duplicate deliveries of messages when enabling the feature.
-
Uber's Engineering Manages to Cut 70k CPUs by Tuning Go GC
In an effort to help the company become profitable, Uber’s engineering department has focused their efforts on making their infrastructure more efficient. As an outcome of this effort, they managed to develop a semi-automated GO Garbage Collection tuning mechanism which in turn saved 70K CPU cores across 30 mission critical services.
-
Site Reliability Engineers and the Specialist Mindset
A site reliability engineer (SRE) can be a generalist or specialist. Recently, the team at Blameless elaborated on the advantages of a specialized SRE team. The specialist nature of the SRE role can be highlighted from the recruitment process. Depending on the individual skillset, organizations can engage an SRE in a number of specialist roles.
-
Dynatrace Application Security Gates Catalyze Secure Automated Releases
Dynatrace recently announced the availability of “security gates” on its software intelligence platform. Organizations can now use Dynatrace Application Security gates to check security vulnerabilities early in the software development lifecycle and trigger required remediation actions.
-
Java News Roundup: JDK 19 and Jakarta EE 10 Updates, Ansynch and Buffered Logging by Amazon Corretto
This week's Java roundup for March 7th, 2022, features news from OpenJDK, JDK 19, Jakarta EE 10, updates to Spring Cloud subprojects, Amazon Corretto providing asynchronous and buffered logging for OpenJDK 17, Quarkus 2.7.4.Final, Hibernate ORM 6.0.0.CR2, Apache Groovy 3.0.10 and 2.5.16, Apache Camel 3.14.2, JReleaser early-access, JobRunr 4.0.10, JDKMon 17.0.23 and FailSafe 3.2.3.
-
HashiCorp Moves HCP Packer into GA with New Security Workflows
HashiCorp has moved HCP Packer into full general availability. HCP Packer is their cloud hosted offering of Packer, a machine-image building tool. The release adds a number of new features including improved security workflows, custom metadata, and integration of compliance checks with Terraform Cloud workflows.
-
Securing the Open-Source Software Supply Chain
Recent findings by security researchers at SonarSource showed multiple security vulnerabilities in popular package managers, including Pip, Yarn, Composer, and others. Package managers, though, are not the only weak link in the open source security chain. InfoQ has spoken with Sonatype CTO Brian Fox.
-
Easy Google Cloud Solution Architecture Designs with the Architecture Diagramming Tool
Recently, Google released an Architecture Diagramming Tool allowing the creation of architectural diagram of solution architecture with the available Google Cloud Platform (GCP) services.
-
Reduce the Environmental Impact of AWS Workloads with the New Customer Carbon Footprint Tool
AWS recently released a new customer carbon footprint tool to allow its customers to calculate the environmental impact of their workloads.
-
QCon Software Development Conferences: Seven Tracks Not to Miss
Why are micro-frontends important? How should you optimise your organisational architecture for speed and flow? How to make microservices successful? Have you ever wondered how well-known tech companies can seamlessly deliver an exceptional user experience while supporting millions of users and billions of transactions? Looking for new processes and best software practices?
-
AWS Delivers a New Unified Service Health Dashboard
Recently, AWS updated its Service Health Dashboard with an improved Interface, better responsiveness, and integration with Personal Health Dashboard – all combined in a new Health Dashboard.
-
HashiCorp Consul-Terraform-Sync Adds Task Creation API and New Integrations
HashiCorp has released version 0.5 of Consul-Terraform-Sync. CTS enables automating common networking tasks by creating Terraform modules that can be run as services are added or removed from Consul. This release adds new secure API endpoints to facilitate modifying existing tasks, new ecosystem integrations, and support for triggering Terraform workflows on Consul key-value changes.
-
NubesGen Brings Git Push to Azure Infrastructure
With a new command-line interface (CLI) available in its v0.8.0 release, NubesGen can now automatically find its configuration, and set up a GitOps workflow for deploying Infrastructure as Code into Azure, allowing developers to easily get up and running with cloud infrastructure for their projects. InfoQ interviewed Julien Dubois, project leader of NubesGen, on the product and where it’s headed.
-
Improve Access Control of Google Cloud SQL with IAM Conditions and Tags
Recently, Google announced the general availability (GA) of IAM Conditions and Tags for Cloud SQL, a fully-managed relational database service for MySQL, PostgreSQL, and SQL Server.