GitHub announced several noteworthy news items at its Satellite developer conference last week, notably:
- It has acquired Dependabot which will give GitHub the ability to monitor and automatically open pull requests for dependencies with known security vulnerabilities.
- GitHub has partnered with WhiteSource, an open-source security company, to help developers more easily detect open-source vulnerabilities in their GitHub repos.
- GitHub Enterprise has been updated with a slew of new features such as enterprise accounts, a new account type that connects organizations; two new user roles, Triage and Maintain, that teams can use to grow and scale securely, addressing their access control needs; the ability for cloud administrators to now access audit log events using a new GraphQL API; security vulnerability alerts, token scanning, and more.
- GitLab 11.11 has been released. It features multi-assignment for merge requests, the ability to automatically push an alert to Slack and/or Mattermost when an event occurs, alerting your team when a deployment occurs, support for Windows Container Executor for GitLab Runners, enabling Docker containers on Windows, and more.
- HashiCorp released Terraform 0.12 which is focused on improvements to the Terraform language. The aim: to make configurations for more complex situations more readable, and improve the usability of re-usable modules.
- Our team enjoyed this blog, Using Infoblox As A Dynamic Inventory In Red Hat Ansible Tower, in which Victor da Costa shares how dynamic inventory can replace headaches associated with tracking Configuration Items (CIs) — whether you’re using a CMDB or spreadsheet.
- A fun read our DevOps team also enjoyed was the NY Times self-published case study on how it built a Slack bot to keep track of Reddit conversations around New York Times articles.
- A new feature that makes the use of encrypted Amazon EBS (Elastic Block Store) volumes even easier was rejoiced by our DevOps consulting team who can now specify if they want new EBS volumes to be created in encrypted form and if so, if they want to use their own key or a default AWS key.
- Our AWS consulting services team was excited to see that starting August 1st AWS Config rules will switch to a pay-per-use pricing model, which means a lower bill for almost all existing AWS Config rules customers. AWS Config helps operators maintain AWS configuration compliance.
- Amazon announced preview availability of Amazon CloudWatch Container Insights, which allows operators to monitor, isolate, and diagnose their containerized applications and microservices environments.
- In separate CloudWatch news, Amazon has announced that CloudWatch Logs now support percentiles in metric filters, allowing operators to turn log data into numerical CloudWatch metrics that can be graphed.
- Join AWS and Flux7 as they present a one day workshop on how Serverless Technology is impacting business now (and what you need to get started). Serverless technology on AWS is enabling companies by building modern applications with increased agility and lower total cost of ownership. Find additional information and register here.
- For additional reading on building modern applications with a strong cloud foundation, check out our blog on the benefits of pairing a Landing Zone with CI/CD. Spoiler alert: together they multiply the business’s ability to grow efficiency, productivity, security and time to market.
Written by Flux7 Labs
Flux7 is the only Sherpa on the DevOps journey that assesses, designs, and teaches while implementing a holistic solution for its enterprise customers, thus giving its clients the skills needed to manage and expand on the technology moving forward. Not a reseller or an MSP, Flux7 recommendations are 100% focused on customer requirements and creating the most efficient infrastructure possible that automates operations, streamlines and enhances development, and supports specific business goals.
from Flux7 DevOps Blog