Book Image

Accelerate DevOps with GitHub

By : Michael Kaufmann

Book Image

Accelerate DevOps with GitHub

By: Michael Kaufmann

Overview of this book

This practical guide to DevOps uses GitHub as the DevOps platform and shows how you can leverage the power of GitHub for collaboration, lean management, and secure and fast software delivery. The chapters provide simple solutions to common problems, thereby helping teams that are already on their DevOps journey to further advance into DevOps and speed up their software delivery performance. From finding the right metrics to measure your success to learning from other teams’ success stories without merely copying what they’ve done, this book has it all in one place. As you advance, you’ll find out how you can leverage the power of GitHub to accelerate your value delivery – by making work visible with GitHub Projects, measuring the right metrics with GitHub Insights, using solid and proven engineering practices with GitHub Actions and Advanced Security, and moving to event-based and loosely coupled software architecture. By the end of this GitHub book, you'll have understood what factors influence software delivery performance and how you can measure your capabilities, thus realizing where you stand in your journey and how you can move forward.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Share Your Thoughts

Part 1: Lean Management and Collaboration

Part 1: Lean Management and Collaboration

Free Chapter

Chapter 1: Metrics That Matter

Chapter 1: Metrics That Matter

Why accelerate?

Engineering velocity

High-performance companies

Measuring metrics that matter

The SPACE framework for developer productivity

Objectives and key results

Further reading

Chapter 2: Plan, Track, and Visualize Your Work

Chapter 2: Plan, Track, and Visualize Your Work

Unplanned work and rework

Visualizing your work

GitHub issues, labels, and milestones

GitHub Projects

Third-party integration

Further readings and references

Chapter 3: Teamwork and Collaborative Development

Chapter 3: Teamwork and Collaborative Development

Software development is a team sport

The heart of collaboration – the pull request

Hands-on – Creating a pull request

Proposing changes

Pull request reviews

Best practices for code reviews

Further readings and references

Chapter 4: Asynchronous Work: Collaborate from Anywhere

Chapter 4: Asynchronous Work: Collaborate from Anywhere

Comparing synchronous and asynchronous work

Distributed teams

Cross-team collaboration

Shift to asynchronous workflows

Teams and Slack integration

GitHub Discussions

Pages and wikis

Working from everywhere with GitHub Mobile

Further readings and references

Chapter 5: The Influence of Open and Inner Source on Software Delivery Performance

Chapter 5: The Influence of Open and Inner Source on Software Delivery Performance

History of free and open source software

The difference between open source and open development

Benefits of embracing open source for companies

Implementing an open source strategy

Open and inner source

The importance of insourcing

GitHub Sponsors

Further reading and references

Part 2: Engineering DevOps Practices

Part 2: Engineering DevOps Practices

Chapter 6: Automation with GitHub Actions

Chapter 6: Automation with GitHub Actions

Overview of GitHub Actions

Workflows, pipelines, and actions

The workflow syntax

Working with secrets

Hands-on – your first workflow

Hands-on – your first action

The GitHub marketplace

Further reading

Chapter 7: Running Your Workflows

Chapter 7: Running Your Workflows

Self-hosted runners

Managing access with runner groups

Scaling your self-hosted runners

Monitoring and troubleshooting

Further reading

Chapter 8: Managing Dependencies Using GitHub Packages

Chapter 8: Managing Dependencies Using GitHub Packages

GitHub Packages

Using npm packages with Actions

Using Docker with Packages

Apache Maven, Gradle, NuGet, and RubyGems packages

Further reading

Chapter 9: Deploying to Any Platform

Chapter 9: Deploying to Any Platform

Staged deployments

Automating your deployments

How to deploy to Azure App Service

How to deploy to AWS ECS

How to deploy to GKE

Infrastructure as code

Measuring success

Further reading

Chapter 10: Feature Flags and the Feature Lifecycle

Chapter 10: Feature Flags and the Feature Lifecycle

What are Feature Flags?

The lifecycle of features

The benefits of Feature Flags

Getting started with Feature Flags

Feature Flags and technical debt

Frameworks and products

Experimentation with Feature Flags

Further reading

Chapter 11: Trunk-Based Development

Chapter 11: Trunk-Based Development

Trunk-based development

Why you should avoid complex branching

Other git workflows

Accelerating with MyFlow

Further reading

Part 3: Release with Confidence

Part 3: Release with Confidence

Chapter 12: Shift Left Testing for Increased Quality

Chapter 12: Shift Left Testing for Increased Quality

Shift left testing with test automation

Eradicating flaky tests

Shift right – testing in production

Fault injection and chaos engineering

Tests and compliance

Test management in GitHub

Further reading

Chapter 13: Shift-Left Security and DevSecOps

Chapter 13: Shift-Left Security and DevSecOps

Shift-left security

Assume-breach, zero-trust, and security-first mindset

Attack simulations

Red team-blue team exercises

Attack scenarios

GitHub Codespaces

Further reading

Chapter 14: Securing Your Code

Chapter 14: Securing Your Code

Dependency management and Dependabot

Secret scanning

Writing your own CodeQL queries

Further reading

Chapter 15: Securing Your Deployments

Chapter 15: Securing Your Deployments

Container and infrastructure security scanning

Automate the infrastructure change process

Source code and infrastructure integrity

Dynamic application security testing

Security hardening your release pipeline

Further reading

Part 4: Software Architecture

Part 4: Software Architecture

Chapter 16: Loosely Coupled Architecture and Microservices

Chapter 16: Loosely Coupled Architecture and Microservices

Loosely coupled systems

Evolutionary design

Event-driven architecture

Further reading

Chapter 17: Empower Your Teams

Chapter 17: Empower Your Teams

The two-pizza team

Inverse Conway Maneuver

Delivery cadence

A mono- or multi-repo strategy

Further reading

Part 5: Lean Product Management

Part 5: Lean Product Management

Chapter 18: Lean Product Development and Lean Startup

Chapter 18: Lean Product Development and Lean Startup

Lean product development

Incorporating customer feedback

Enterprise portfolio management

Improving your product management skills

Business Model Canvas

Further reading

Chapter 19: Experimentation and A|B Testing

Chapter 19: Experimentation and A|B Testing

Conducting experiments with the scientific method

Effective A|B testing with GrowthBook and Flagger

Experimentation and OKR

Further reading

Part 6: GitHub for your Enterprise

Part 6: GitHub for your Enterprise

Chapter 20: GitHub – The Home for All Developers

Chapter 20: GitHub – The Home for All Developers

Hosting options and pricing

Hands-on – create your account on GitHub.com

Enterprise security

GitHub Learning Lab

Further reading

Chapter 21: Migrating to GitHub

Chapter 21: Migrating to GitHub

Picking the right migration strategy

Achieving compliance with low-fidelity migrations

Synchronizing requirements for a smooth transition

Migrating your code

Migrating from Azure DevOps or GitHub

Migrating your pipelines

Further reading

Chapter 22: Organizing Your Teams

Chapter 22: Organizing Your Teams

GitHub scopes and namespaces

Structuring GitHub teams

Role-based access

Outside collaborators

Further reading

Chapter 23: Transform Your Enterprise

Chapter 23: Transform Your Enterprise

Why many transformations fail

Starting with WHY?

Data-driven transformation

Further reading

Other Books You May Enjoy

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Source code and infrastructure integrity

In manufacturing, it's a normal practice to provide a bill of materials (BOM) for a production order. A BOM is a list of raw materials, subassemblies, intermediate assemblies, subcomponents, and parts that have been used to manufacture the end product.

The same thing exists for software: the software bill of materials (SBOM), but it is still less common.

The SBOM

If you have a close look at software supply chain attacks such as the event-stream incident (see Thomas Claburn, 2018), you'll find that they inject malicious code in a release, so the source code in GitHub did not match the files that were included in the npm package. An SBOM can help here with the forensic and it can be used to compare the hashes of different versions.

In the SolarWinds attack (see the Crowdstrike blog, 2021) dependencies were not tempered. Instead, there was an additional process running that manipulated the file system during the execution...