DevOps

This hardening effort was directly triggered by the recent Trivy supply chain compromise, which impacted some repositories in my workplace. That prompted a full review of my own repository controls. If you want more information about the incident and the response, the following two links are worth reading first: Incident analysis: Trivy Compromised a Second Time (StepSecurity) Official disclosure and remediation guidance: Aqua Security discussion #10425 The aim of my actions to my repository was not to chase perfect security. It was to put in place some practical controls that are easy to maintain and that reduce real risk in day-to-day development. ...

What is SRE? SRE stands for Site Reliability Engineering. That’s just a lot of words. What does it mean though? Site Reliability engineering is what IT operations would be if it was run by software engineers. That’s an interesting take. But it was not helpful in clarifying anything about SRE just yet. Let’s try probing more. How did we go from Development to SRE? You know the part where people deploy software and then ensure things run fine in production. ...