Digest #157: GitHub Actions Risks, FinOps Shift, Kubernetes Security, and Terraform Best Practices
Rethinking GitHub Actions, securing Grafana on Kubernetes, automating AWS vulnerability fixes, mastering Terraform state locking, and exploring powerful open-source DevOps tools.
Welcome to this week’s edition of the DevOps Bulletin!
Ever stumbled upon a bizarre root cause that left you scratching your head? Or questioned whether GitHub Actions is still the best CI/CD option? This week’s edition explores unexpected failures, lessons from building observability with GCP, and the secret weapon every DevOps engineer needs. There’s also a breakdown of the Flexera-NetApp FinOps acquisition, along with tutorials on securing Grafana, detecting honeypots in AWS, and mastering IAM policy checks.
On the open-source front, we’re highlighting some fascinating projects: a Bash-to-Go transpiler for faster and more secure scripts, Klarna’s internal threat modeling tool for system security, and a distributed key-value NoSQL database built on RocksDB with full Redis compatibility. Plus, an open-source Terraform pre-processor that helps you write less code without losing coverage and an Apache project redefining data lakehouse efficiency.
All this and more in this week’s DevOps Bulletin—don’t miss out!
Newsworthy Stories
Tutorials of the week
Projects of the week
Highlighting cool DevOps projects to keep an eye on:
Bunster transpiles Bash scripts into Go, compiling them into fast, portable binaries for better performance and security.
Gram is Klarna's internal threat modeling tool that helps engineers collaboratively create system dataflow diagrams with attached threats and controls.
DocumentDB is a native implementation of a document-oriented NoSQL database, enabling seamless CRUD operations on BSON data types within a PostgreSQL framework.
Apache Kvrocks is a distributed key-value NoSQL database that uses RocksDB as a storage engine and is compatible with Redis protocol.
Stacks is a Terraform code pre-processor. Its primary goal is to minimize your total Terraform codebase without giving up on coverage. To do more with less.
Apache Hudi is an open data lakehouse platform for efficient data ingestion, storage, indexing, and management across clouds.
Meme of the week
If you have feedback to share or are interested in sponsoring this newsletter, feel free to reach out via LinkedIn, or simply reply to this email.