Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Keeping-Up-WithUpstream.pdf
Search
Nicolas Byl
September 06, 2019
Technology
0
160
Keeping-Up-WithUpstream.pdf
Nicolas Byl
September 06, 2019
Tweet
Share
More Decks by Nicolas Byl
See All by Nicolas Byl
Platform Engineering ❤️ Developer Experience
nbyl
0
2
Die Flucht aus der Prototypen-Hölle
nbyl
0
43
Lean Prototyping for Industrial-IoT Projects
nbyl
0
42
DevSecOps - Vom Unikum zur gut geölten Maschine
nbyl
0
98
Securing your software supply chain
nbyl
0
360
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
120
Securing the "other" supply chain
nbyl
0
270
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
180
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
130
Other Decks in Technology
See All in Technology
extension 現場で使えるXcodeショートカット一覧
ktombow
0
220
AWS 잘하는 개발자 되기 - AWS 시작하기: 클라우드 개념부터 IAM까지
kimjaewook
0
110
自作LLM Native GORM Pluginで実現する AI Agentバックテスト基盤構築
po3rin
2
270
PLaMoの事後学習を支える技術 / PFN LLMセミナー
pfn
PRO
9
3.9k
「Verify with Wallet API」を アプリに導入するために
hinakko
1
250
定期的な価値提供だけじゃない、スクラムが導くチームの共創化 / 20251004 Naoki Takahashi
shift_evolve
PRO
3
330
データエンジニアがこの先生きのこるには...?
10xinc
0
450
OpenAI gpt-oss ファインチューニング入門
kmotohas
2
1k
pprof vs runtime/trace (FlightRecorder)
task4233
0
170
GC25 Recap+: Advancing Go Garbage Collection with Green Tea
logica0419
1
430
実装で解き明かす並行処理の歴史
zozotech
PRO
1
540
【Oracle Cloud ウェビナー】クラウド導入に「専用クラウド」という選択肢、Oracle AlloyとOCI Dedicated Region とは
oracle4engineer
PRO
3
120
Featured
See All Featured
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
114
20k
Building a Modern Day E-commerce SEO Strategy
aleyda
43
7.7k
Embracing the Ebb and Flow
colly
88
4.8k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
19
1.2k
Navigating Team Friction
lara
189
15k
Faster Mobile Websites
deanohume
310
31k
Optimising Largest Contentful Paint
csswizardry
37
3.4k
Being A Developer After 40
akosma
91
590k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
23
1.5k
Six Lessons from altMBA
skipperchong
28
4k
Site-Speed That Sticks
csswizardry
11
880
Why Our Code Smells
bkeepers
PRO
339
57k
Transcript
1 Nicolas Byl
2 This talk may contain fictional elements… 2 https://pxhere.com/de/photo/738184
3 Part 1 Marley’s Ghost 3 https://pxhere.com/de/photo/237
4 A few days ago, in our café… 4 https://pxhere.com/de/photo/39
5 Part 2 The ghost of DevSecOps past 5 https://pxhere.com/de/photo/237
6 At the backlog grooming… 6 https://pxhere.com/de/photo/1434201
7 “Our development environment is a production environment” 1 Management
and ownership needed for Build Server, Source Control, … Is there a pre-Dev environment? 2 3 7 7 https://pxhere.com/de/photo/1033572
8 Gathering metrics to support DevSecOps feedback loops 1 Understand
and customize metrics Action is required 2 3 8 8 https://pxhere.com/de/photo/893775
9 Part 2 The ghost of DevSecOps present 9 https://pxhere.com/de/photo/237
10 In the middle of the night… 1 0 https://pxhere.com/de/photo/1391800
11 Source Code Analysis FindBugs, SonarQube, SAST, DAST 1 Dependency
Analysis Maven, NPM, Pythin, Perl, … Operating Systems DEB, RPM, … Docker Images Anchore, clair, Aqua, snyk 2 3 4 11 1 1 https://pxhere.com/de/photo/6643025
12 Source Code Analysis FindBugs, SonarQube, SAST, DAST 1 Dependency
Analysis Maven, NPM, Pythin, Perl, … Operating Systems DEB, RPM, … Docker Images Anchore, clair, Aqua, snyk 2 3 4 12 1 2 https://pxhere.com/de/photo/893775
13 How do you notify independent teams of needed actions?
1 Separate signals from noise Consolidate update sources (GitHub / GitLab, Docker Hub, binary repositories, mailing lists, …) Internal vs. external dependencies 2 3 4 13 1 3 https://pxhere.com/de/photo/1565823
14 Prepare for failure… 1 4 https://pxhere.com/de/photo/1073983
15 GitOps as single source of truth (source code, delivery
code, infrastructure code) 1 Consider dynamic environments, record data for later analysis What was running at time X? Consider version pinning (library versions, Docker Image SHA sum) 2 3 4 15 1 5 https://pxhere.com/de/photo/137541
16 Part 3 The ghost of DevSecOps future 1 6
https://pxhere.com/de/photo/237
17 At dawn… 1 7 https://pxhere.com/de/photo/39
Avoid Tree-Ring-Projects Don’tnotify aboutupdates, provide them Keep an eye on
the current security statistics 18 https://pxhere.com/de/photo/1209019
Don’t reinvent the wheel There is a reason for spezialisation
Solve common problems with spezialized teams 19 https://pxhere.com/de/photo/1235822
Make artifacts and the whole delivery process verifiable Preserve integrity
of your binaries Use Docker Notary, Grafeas, in-toto, … 20 https://pxhere.com/de/photo/910704
Policy trumps checklists Build your policy into your runtime platform
Beware of cultural and political implications 21 https://pxhere.com/de/photo/1455413
22 Keep the ghosts away! 2 2 https://pxhere.com/de/photo/791236
23
[email protected]
23 http://www.twitter.com/NicolasByl