Not going to lie. The GitHub Action cron job that builds the website automatically for me has not worked for weeks. I moved some sites to various services, and DevOps’ish returned to Netlify because of the branch build command granularity. I use Hugo and future dated articles are built when the -F flag is passed. This is very helpful in ensuring the newsletter is done just how I like it.

But, since returning to Netlify, the cron job to build the site at the right time of day has been busted. I finally had to go back in the commit history and copy/pasta all that and replace everything I was doing. It should work. This shows that no matter what, if you know you can look it up, your brain won’t prioritize memorizing it. But, COME ON!!!

Free Copy of Honeycomb’s O’Reilly Book: Observability Engineering

Looking to make the switch from monitoring to observability? Download your free copy of Honeycomb’s O’Reilly book: Observability Engineering to help you get started. Debrief the chapters with the authors themselves during our Authors’ Cut Series.

Jobs

Now Hiring: Developer Advocacy Manager
Camunda is the leader in process orchestration software. Our software helps orchestrate complex business processes that span people, systems, and devices. With Camunda, business users collaborate with developers to model and automate end-to-end processes using BPMN-powered flowcharts that run with the speed, scale, and resiliency required to compete in today’s digital-first world.

As the Developer Advocacy Manager, you’ll be the direct people manager for a team of 4 Developer Advocates, responsible for career growth, performance evaluations, setting of priorities, and overall strategic guidance. You’ll also be responsible for strategic planning for the Developer Advocacy function, including quarterly OKRs and annual goals as well as documentation of team responsibilities, goals, and success metrics.

Note: The hiring manager is on a hard earned vacation.

Events

Editor’s note: If your event would suit the DevOps’ish audience, please let me know!

Deserted Island DevOps 2022

SEPTEMBER 14-15, Live on Twitch from Mackinac Island, Michigan

This year we’re expanding our schedule to two days of streaming, and bringing our speakers together to deliver their talks. What does that mean to you? More great talks, with better production values, and new talk types! We’re excited to welcome you back to our Deserted Island this September 14th and 15th!

ArgoCon

SEPTEMBER 19 – 21, 2022

ArgoCon is designed to foster collaboration, discussion, and knowledge sharing on the Argo Project, which consists of four projects: Argo CD, Argo Workflows, Argo Rollouts, and Argo Events. This event is aimed at audiences that are new to Argo as well as providing depth to those currently using Argo within their organization. Connect with others that are passionate about Argo and interact with project maintainers. Learn from practitioners about pitfalls to avoid and best practices on how to adopt Argo in your cloud native environment. Get inspired by and provide input to Argo leads on project roadmaps.

eBPF Summit

SEPTEMBER 28 - 29, 2022

eBPF Summit is a virtual event, targeted at DevOps, SecOps, platform architects, security engineers, and developers. Register to save the date and stay updated on event information.

KubeCon + CloudNativeCon Detroit 2022

OCTOBER 24 – 28, 2022

The Cloud Native Computing Foundation’s flagship conference gathers adopters and technologists from leading open source and cloud native communities in Detroit, Michigan from October 24 – 28, 2022. Join containerd, CoreDNS, Envoy, etcd, Fluentd, Harbor, Helm, Jaeger, Kubernetes, Linkerd, Open Policy Agent, Prometheus, Rook, TiKV, TUF, Vitess, Argo, Buildpacks, Cilium, CloudEvents, CNI, Contour, Cortex, CRI-O, Crossplane, dapr, Dragonfly, Emissary Ingress, Falco, Flagger, Flux, gRPC, KEDA, KubeEdge, Litmus, Longhorn, NATS, Notary, OpenTelemetry, Operator Framework, SPIFFE, SPIRE, and Thanos as the community gathers for five days to further the education and advancement of cloud native computing. Use code KCNAIPV22MEET for a discount at registration.

People

The women calling out Apple’s handling of misconduct claims
Patrick McGee, Ars Technica
I expect better out of Apple. But, at the same time, I’m not surprised.

Tech layoffs continue across the board: Here’s the latest
Fast Company
“The layoffs in the sector are happening for a variety reasons. But it’s clear that the market is in an entirely different place than it was in 2021, when dealmaking was happening at a rapid pace, and investors were jumping head first into funding rounds with sky-high valuations.”

Google CEO Sundar Pichai says productivity is “not where it needs to be”
, Ars Technica
Pichai changes Google’s promotion incentives, wants “more customer focus.” What a novel idea.

Pelosi meeting with TSMC in Taiwan
Jeanne Whalen and Ellen Nakashima , The Washington Post
“TSMC is building a chip factory in Arizona – and considering constructing several on the site – in a project seen as key to U.S. national security” The sad thing is, war in Taiwan seems almost inevitable.

Twitter slams Elon Musk’s response to its lawsuit
Dan Primack and Sara Fischer, Axios
Twitter is going to take that man’s money.

Process

Update: Nutanix Objects Violates MinIO’s Open Source License
Garima Kapoor, MinIO Blog
Nutanix’s Apache 2 License has been revoked. MinIO ain’t playing, Nutanix.

Amazon and iRobot sign an agreement for Amazon to acquire iRobot
Amazon Staff
+2 Amazon devices in my house.

School Kid Uploads Ransomware Scripts to PyPI Repository as ‘Fun’ Project
Jai Vijayan, Dark Reading
“The malware packages had names that were common typosquats of a legitimate widely used Python library. One was downloaded hundreds of times.”

Deception at a scale
Vicente Díaz, VirusTotal Blog
How Malware Abuses Trust

Tools

Kubernetes Removals and Major Changes In 1.25
Kat Cosgrove, Frederico Muñoz, and Debabrata Panigrahi; Kubernetes
“As Kubernetes grows and matures, features may be deprecated, removed, or replaced with improvements for the health of the project. Kubernetes v1.25 includes several major changes and one major removal.”

Go 1.19 Release Notes
The Go Programming Language
And yes, Kubernetes is already upgrading to this version.

How the 1Password CLI Makes DNS Management Easier
Jack Platten, 1Password
I might actually try and get this up and working. “Now I can run dnscontrol push –creds “!op inject -i creds.json” to inject my credentials into my template file, return it on stdout and make the changes to my domains, all without my credentials ever touching the disk. And it works on all my computers, as long as I have both the DNSControl executable as well as the 1Password command-line tool installed.”

Welcoming the AWS Customer Incident Response Team
Kyle Dickinson, AWS Security Blog
Open source security tooling for your AWS accounts.

Fedora Linux to Support Raspberry Pi 4 in Next Release
Ian Evenden, Tom’s Hardware
It would appear to be the year of Fedora.

Kubernetes Pi Cluster relase v1.4 ricsanfre, Raspberry Pi Kubernetes Cluster Project
With the addition of an EFK stack!

Adopting Sigstore Incrementally
Hayden Blauzvern, sigstore
Developers that maintain their own signing keys but want to migrate to Sigstore can first switch to using Cosign to generate a signature over an artifact. Cosign supports importing an existing RSA, ECDSA, or ED25519 PEM-encoded PKCS#1 or PKCS#8 key with cosign import-key-pair --key key.pem, and can sign and verify with cosign sign-blob --key cosign.key artifact-path, and cosign verify-blob --key cosign.pub artifact-path.

Linus Torvalds uses an Arm-powered M2 MacBook Air to release latest Linux kernel
Andrew Cunningham, Ars Technica
“It’s something I’ve been waiting for for a loong [sic] time, and it’s finally reality, thanks to the Asahi team,” Torvalds writes. “We’ve had arm64 hardware around running Linux for a long time, but none of it has really been usable as a development platform until now.”

Docker and the OCI container ecosystem
Jordan Webb, LWN
A container is somewhat like a lightweight virtual machine; it shares a kernel with the host, but in most other ways it appears to be an independent machine to the software running inside of it. The Linux kernel itself has no concept of containers; instead, they are created by using a combination of several kernel features:

  • Bind mounts and overlayfs may be used to construct the root filesystem of the container.
  • Control groups may be used to partition CPU, memory, and I/O resources for the host kernel.
  • Namespaces are used to create an isolated view of the system for processes running inside the container.

Direct host system calls from KVM
Jonathan Corbet, LWN
“As a general rule, virtualization mechanisms are designed to provide strong isolation between a host and the guest systems that it runs. The guests are not trusted, and their ability to access or influence anything outside of their virtual machines must be tightly controlled. So a patch series allowing guests to execute arbitrary system calls in the host context might be expected to be the cause of significantly elevated eyebrows across the net. Andrei Vagin has posted such a series with the expected results.”

hktalent/scan4all: vuls Scan
⭐️ 2.5K
“15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty”

SummitRoute/aws_breaking_changes
⭐️ 576
“List of changes announced for AWS that may break existing code”

the-markup/vehicle-data-collection
⭐️ 23
‘This contains the data for our story “Who Is Collecting Data from Your Car?”.’

DevOps’ish Post of the Week

Christian Hernandez on Twitter: “Okay, been working at this for a bit; but I’m excited to announce that I’ll be #streaming about #GitOps again! Join @jjasghar and I on August 15th at 1pm Eastern as we kickoff the series: GitOps The Planet”)

Got a newsletter worthy post?

Have a story for the newsletter? Getting exposure via this newsletter is a pull request away. Tips is the very first option, click “Get Started”, and send in your shiny, new thing.

Notes

Notes from this week’s issue can be found on GitHub