Everyone can contribute! Learn DevOps and Cloud Native in our cafe ☕

Carlos Panato started with a short introduction into Software Supply Chain Security and which problem Chainguard aims to solve. The demo follows a great story line on deploying a container image with GitLab CI/CD, verify the image manually, showing Chainguard on the CLI to pull image policies, create custom policies, observe and enforce, sign using cosign inside CI/CD. The following discussion touched topic such as SBOM, key signing, and also cluster runtime security with eBPF. Read More…

---

Date published: May 10, 2022

Niclas Mietz started with an introduction to Dagger and a Hello World example with CUE. We’ve discussed Dagger actions, packages and the interaction with buildkitd to run actions in containers, first impressions, ideas to contribute and future potential. Niclas also did a live demo with a GitLab project deployed to Netlify with Dagger, using CI/CD. Insights We’ve learned about: Dagger Run Dagger actions in containers Describe actions in CUE lang Action steps come as packages, example Buildkitd is required as daemon, any container compatible runtime Many actions and CI/CD integrations are work in progress, e. Read More…

---

Date published: April 12, 2022

Anaïs Urlichs did a deep dive into the OSS tools from Aqua Security: Trivy, tfsec, Starboard, Tracee and more. We have discussed usage scenarios, custom policies, the integration touch points between the tools, and how to contribute. Insights We’ve learned about: Overview of Aqua Security OSS projects Trivy Container and IaC security scanning Getting started Differences to tfsec Custom policies Trivy exporter for Prometheus Starboard Vulnerability scanning in Kubernetes clusters Custom policies for Trivy Starboard operator, with Prometheus metrics Starboard integrations: Polaris, Conftest Aqua Enterprise insights into runtime protection Tracee Runtime security and forensics using eBPF - story of tracee Differences to Falco discussion How to contribute: Join Slack and explore the projects Q&A: Starboard reports dashboard, alerting, OOTB support in Aqua Enterprise, open-sourcing the tools to keep the pace of development, and reduce server load. Read More…

---

Date published: March 8, 2022

Niclas Mietz explained Blockchain from the fundamentals to deploying a program on Solana as an example. We’ve discussed Ethereum, web3 principles and more ideas about blockchain development, CI/CD, Ops (storage, backup, observability). Insights We’ve learned about: Identities, smart contracts, proof of work vs. proof of stake Blockchain getting started - Solana on localhost, quickstart works also with Gitpod Deploy a program, following the resources on awesome-solana Develop own programs in Rust, C++, etc. Read More…

---

Date published: February 8, 2022

Michael Friedrich and Niclas Mietz started with a presentation about how Observability evolved and where we are heading with metrics, traces, logs, OpenTelemetry and CI/CD Observability. Insights We’ve learned about Metrics, traces, logs Profiling as 4th pillar Tracing history, and OpenTelemtry Use cases with CI/CD Observability and Quality Gates Where to start with instrumenting apps and applying workflows News The next meetup is about Blockchain and web3 in February 2022. Read More…

---

Date published: January 19, 2022