Copy
At its annual user conference this week, GitHub unveiled a new workflow feature, called GitHub Actions, to configure workflowsView in browser »
The New Stack Update

ISSUE 139: Action Item

Talk Talk Talk

“You are what you measure.”

___
Dr. Nicole Forsgren, CEO and chief scientist of DevOps Research and Assessment (DORA).
Add It Up
Do you automate security testing in your software release cycle?

Limited automation and ineffectiveness are two problems facing the application security testing market.

As we wrote about previously, tooling does not address a majority of the security tests being conducted. The Cybersecurity Insiders 2018 Application Security Report provides more details, showing that only 43 percent of information security professionals’ organizations have automated security testing in their software release life cycle. Although most organizations have some DevOps processes in place, in reality, automated security testing is not deployed in a majority of CI/CD pipelines. Furthermore, even among organizations that have automated testing, the number of tests that are automated are still limited.

What's Happening

Cloud Foundry’s BOSH continues to serve many organizations as a missing Cloud Provider Interface (CPI) link for managing deployments throughout the production cycle across multicloud environments.

Dr. Nic Williams, CEO of Stark & Wayne, a cloud services consultancy, and Marco Voelz, a developer for software giant SAP, were on hand during Cloud Foundry Summit Europe in Basel last week to discuss during this podcast why BOSH continues to be at the heart of Cloud Foundry with Alex Williams, founder and editor-in-chief of The New Stack.

Using BOSH To Get The Stack Done

Action Item

GitHub is bringing the workflow into the code repository itself. At its annual user conference this week, GitHub unveiled a new workflow feature, called GitHub Actions, to configure workflows. "Actions allow developers to not just host code on the platform but also run it,” explained TechCrunch’s Frederic Lardinois. Think of it as a built-in IFTTT (if this, then that) “to automate development workflows, whether that is sending notifications or building a full continuous integration and delivery pipeline."

Those of you thinking that this would be a good way to facilitate a CI/CD workflow, you are correct. TNS sponsor Pulumi assembled a quick demo to show how to deploy a Rails app to a public cloud service using Actions. But that is only the beginning of the possibilities. “They’re containers all the way down, so you could quite literally do pretty much anything — the possibilities are endless!” enthused Microsoft’s Jessica Frazell (Microsoft is purchasing GitHub, a deal that should be complete by the end of the year). “You could use them to minify and concatenate CSS and JavaScript, send you information when people create issues in your repo, and more ... the sky really is the limit.”

NetApp Goes Cloud Native with StackPointCloud Acquisition

With last month’s acquisition of StackPointCloud, storage services and systems provider NetApp will be in the unique position of offering multicloud Kubernetes support for stateful applications.

How CQRS Works with Spring Tools

Command Query Responsibility Segregation (CQRS) pattern is a popular and practical way to implement microservices. This contributed article from TNS sponsor Pivotal describes CQRS and why it might be useful to you for microservices deployments and management. It also outlines in a very hands-on and comprehensive way different ways of using CQRS with Spring tools.

Node.js Removes Version Dependencies for Native Modules

Thanks to a collaborative open source effort across multiple companies, Node.js developers will no longer have to recompile their “native” modules each time Node is upgraded, which is the current headache-inducing practice.

Party On

At Node+JS Interactive, QxMD Software Engineer Cabell Maddux demonstrated how to deploy a #nodejs app (requiring a 2-node cluster) simultaneously on three different cloud providers (#GCP, #Azure, #AWS) in less than 40 minutes.

Raymond Feng, one of the originators of the popular LoopBack framework for scalable Node deployments, stopped by Node+JS Interactive, to discuss the latest update (v.4) of that software package.

At Node+JS Interactive, Container Solutions’ Lian Li showed how easy it is to do machine learning directly from the browser.

Jay Sitapara is our winner of an Arduino starter kit! His name was selected randomly from a list of respondents to our recent serverless survey. Sitapara is a Technology Consultant at Simform where he provides consultation to enterprises and startups in defining and developing their end-to-end cloud-based products. He has helped enterprises in developing SaaS products for global implementation and led major technology initiatives by incorporating Serverless technology.  

The results of the survey will available next week in our newest ebook, The New Stack's "Guide to Serverless Technologies." Watch for it on our site.

On The Road
All Things Open // OCT. 21-23, 2018 // RALEIGH, NORTH CAROLINA @ RALEIGH CONVENTION CENTER

OCTOBER 21-23, 2018 // RALEIGH, NORTH CAROLINA @ RALEIGH CONVENTION CENTER

All Things Open
All Things Open is a world-class open source conference. Attracting thousands, the conference is a developer’s conference that is welcoming to everybody. New to programming or not, All Things Open is not to missed. Five free passes available with promo code TNSfree. Once all free passes are claimed 20% off registration with code TNS20. Register now!
Free Microservices Ebook
In this new era of cloud native development and deployment, hyperagile architectures are based on collections of components, called microservices, that run for the most part on containers in orchestration engines such as Kubernetes. With these new architectures come new ways to create software-defined businesses that run on automated infrastructure and support platforms that developers and operations teams use to continually develop and manage applications at scale. In this ebook, we’ll provide a high-level overview of what organizations should consider as they create, deploy and manage microservices for cloud native applications.
Download The Ebook
We are grateful for the support of our ebook sponsors:
 




Copyright © 2018 The New Stack, All rights reserved.


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list