Feedbacks are very important in DevOps. As metrics provide feedbacks, they are essential to the success of DevOps. But they must be appropriate, and it’s not an easy task. DORA (DevOps Research and Assessment) assessed teams to understand how they develop, deliver and operate software (“Accelerate State of DevOps Report”).
The report identifies 4 DevOps performance metrics that can best help the organisation to achieve its goals.The performance of these metrics is measured on 4 levels.
The selected metrics:
A success criteria for the team is to ”Ship code frequently without causing a customer outage”. The DevOps Scoreboard tries to help to achieve this goal. This concept has been introduced by Payal Chakravartyin 2014 (https://devops.com/devops-scorecard).
9 metrics easy to collect are defined:
1 — Deployment frequency: How often is code deployed and arrives to the customers?
2 — Change volume: For each deployment how many user stories and new lines of code are shipped?
3 — Lead time (from development to deploy): How long does it take on an average to get the code from development complete through a…
In this series of stories, I introduce multiple concepts of DevOps in simple and clear ways. This one is the the Configuration Management.
Testers must be able to quickly verify test results. The time required to configure test environments must therefore be short, hence the importance of Configuration Management.
Configuration Management (CM) is the automation of the configuration management process of environments. …
Motivation is a key behavior in an organization. It’s very important to identify the value motivating people. The Moving Motivator game is a way to open a discussion about the intrinsic motivations and to understand how changes can affect these motivations.
It also allows to identify the differences between people, and to make understand the other aren’t as us, what leads to misjudging them.
It’s useful too when a member is promoted to resolve feelings of disappointment of others.
If you are interested by knowing if a specific change would motivate the team or not, you can use this game…
We know how testing software under development is important. We know we should automate these tests. The question we are trying to answer here is: “Should everything be 100% automated?” The quick answer is: In general, no.
Automation has pitfalls identified by Huttermann (2012):
Developing and maintaining an automation system costs time and money.
The test is an activity (a verb), it has a meaning, while the test case is an artifact (a noun). …
According to Gartner, 80% of an application’s code is provided by dependencies. However, the vulnerabilities of these dependencies are rarely monitored.
OWASP’s Dependency Check tool (https://www.owasp.org/index.php/OWASP_Dependency_Check) can automatically list and check whether an application dependency has a vulnerability.
To do this, this tool uses the NIST National Vulnerability Database (NVD) website. This database publishes vulnerabilities in the form of CVEs (Common Vulnerabilities and Exposures). CVEs are associated with CPEs (Common Platform Enumeration), which correspond to a software.
Dependency Check supports several environments, which are listed on the https://jeremylong.github.io/DependencyCheck/analyzers/ page. Even vulnerabilities not yet publicly disclosed can be included in this…
In this story, I introduce a vision of what is Doc-as-Code and the role of documentation in Agile context.
The second principle of the Agile Manifesto: “Working software over comprehensive documentation”.
It doesn’t mean no more need documentation. It means: “Do not sacrifice software quality to produce documentation.”
The main goal of the team is to produce the software. It means that people arriving later in the team can maintain and change the software.
Producing and maintaining documentation is so time consuming. Why not consider documentation as code?
So consider documentation as a requirement: it’s a part of the source…
I introduce the Mina blockchain. It uses the MINA token. Thanks to several characteristics of this protocol, Mina creates a private gateway between the real world and crypto.
Mina is developed by O(1) Labs. The Mina Foundation, a non-profit organization, is the steward of the Mina Protocol.
Mina uses zk-SNARKS (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge). It allows developers to create a new generation blockchain-based applications, called Snapps. They claim to be the world’s lightest blockchain. So it’s easy to sync to the network and to verify the network.
Let’s see the main characteristics and benefits of the Mina Protocol.
In this series of stories, I introduce multiple concepts of DevOps in simple and clear ways. This one is FinOps.
FinOps is an approach to managing and operating cloud spending that involves breaking down silos between engineering, finance and procurement.
Culture change in cloud financial management
Optimize cloud consumption
Cloud funding issues:
In this series of stories, I introduce multiple concepts of DevOps in simple and clear ways. This one is the CIA Triad.
With the connection of systems to the Internet, the threats to these systems have increased significantly, especially if the system is on a Cloud. The multiplication of open sources in the information systems also increases the risks.
Security concerns many areas:
Security objectives are represented in the CIA Triad, in which are represented: