Welcome to this week’s edition of the DevOps Bulletin!

Uber slashed CI costs by over 50% and cut build queue waits by 37% using smart ML-powered batching. We also uncover Figma’s eye-popping $300k/day AWS bill from their IPO filing, and a fresh “serverless scam” is circulating in CI/CD pipelines.

On the tutorial front, dive into Kubernetes security networking, IAM best practices via attack‑graph modeling, and how Airbnb’s Impulse tool is load‑testing at scale. ngrok shares how to deploy an API gateway without wrestling with firewalls.

Our open‑source spotlight shines on standout tools like Sirius, a GPU‑native SQL engine; ZeQLPlus, a fast SQLite terminal browser; Codex, a CLI coding agent; Apptainer, a secure container runtime.

All this and more in this week’s DevOps Bulletin—don’t miss out!

Newsworthy stories

• Slashing CI costs at Uber

• Design platform Figma spends $300,000 on AWS daily

• How did Soham Parekh get so many jobs?

• Retiring programmers create cloud headaches for mainframe users

• Load testing with Impulse at Airbnb

• How we ran a Unix-like OS on our home-built CPU with our home-built C compiler

• Why IAM demands an Attack Graph first approach

• The Serverless scam strikes again

Your API is ready for a Gateway (Sponsor)

API gateways do more than manage traffic—they secure, optimize, and customize it. The problem? They're overcomplicated.

Watch ngrok's on-demand workshop to explore simple ways to:

• Block bad actors

• Create custom responses

• Load balance across multiple services

Get it right early and avoid future headaches. Watch now.

Tutorials of the week

• Kubernetes security fundamentals: Networking

• MCP security checklist: a security guide

• Developing with GitHub Copilot agent mode and MCP

• Serving 200 million requests per day with a cgi-bin

• End-to-end email testing with SES and SQS

• Switching pip to uv in a Dockerized Flask / Django App

• Building AI agents that hunt like cloud adversaries

• Building production-ready MySQL infrastructure on GCP with OpenTofu/Terraform

Video of the week

Projects of the week

• Sirius is a GPU-native SQL engine that integrates with DuckDB via Substrait, delivering ~10 times faster analytics on GPUs at the exact hardware cost.

• ZeQLPlus is a terminal-based SQLite browser written in V. A tiny cross-platform binary for blazing-fast table listing, pagination, and ad-hoc SQL queries.

• Codex is a coding agent CLI that leverages OpenAI models to read, refactor, and run your repo in a sandbox, enabling chat-driven, fully automated development from the command line.

• A container to create disk images from bootc container inputs.

• Apptainer is an open-source container platform designed to be simple, fast, and secure.

• vet is a command-line tool that acts as a safety net for the standard but risky curl | bash pattern.

Meme of the week