Agile + DevOps East 2023 - Tools & Automation
Wednesday, November 8
High Octane DevOps: Supercharged CI/CD Pipelines
To reinvent the wheel is to attempt to duplicate, most likely with inferior results and technical debts. Within a large-scale organization the true cost of CI/CD is the toil involved when effort is repeated to create the same or similar pipeline functionality. What Prashant and March discovered during a CI/CD journey is that the key to creating powerful and efficient CI/CD or automation testing pipelines is in not writing pipeline logic at all. The formula that was unlocked is in focusing on the atomic level of the reusable code within pipeline stages. By harnessing the power of creating...
Implementing DevOps Automation: Best Practices and Common Mistakes
Most organizations adopting the cloud have adopted DevOps automation to some degree or another. The primary reason is that continued manual maintenance isn't possible with the same staffing level and increased demand. In short, DevOps automation and cloud consumption are much more than just technology change. They require a fundamental rethinking of how we do things. It's common for DevOps team members to be negatively impacted by the changes others have made. It's common for team members to cause problems by making changes manually instead of through code. Derek has seen managers grow...
DevSecOps in a Bottle—The Care and Feeding of Pocket Pipelines
PreviewDevSecOps techniques give us the power of receiving rapid feedback and the ability to incorporate new information on an ongoing basis. However, challenges arise when the development pipeline must be established without connection to external networks. There are excellent reasons for doing this, including reducing security risks to systems and proprietary data, but a little more consideration is required to provide our teams on pocket networks the same benefits of an end-to-end DevSecOps pipeline implementation for our container application. We will draw on our practical experience...
Thursday, November 9
CI/CD with Github Actions
In this session, attendees will learn about building, testing, and deploying applications using Github Actions. We will explore diverse ways to trigger builds and test different types of applications. After this session, you'll be able to build, test, and deploy your software from GitHub using GitHub Actions. You will understand GitHub Actions Runners; YAML workflow syntax including workflow triggers, variables, job dependencies, conditionals, matrix builds, outputs; environments; secrets; and deployments including container registries & Azure. By the end of this session, attendees...
Pipelineless Security
It's 2023 and security still needs to earn some respect if they want to slide their Sec between Dev and Ops. Their tooling slows down deployment pipelines, typically finding more false positives than real bugs, usually in code written years ago, and often harming development velocity. To their credit, security teams will occasionally make concessions, like pulling long-running rules out of static analysis engines, but that means that the bugs those tools would otherwise find get caught months later in bug bounties, penetration tests, or security incidents. Bug reports for code you didn't...