So you want to build a DevSecOps pipeline, do you? The question is, how do you get started? There's no such thing as a "DevOps Pipeline in a Box". There are just too many variations.
I started talking about this with a few friends of mine and we decided to take a shot at build a couple simple pipelines in a step-by-step process. Over the next 6 weeks, we'll be rolling out two variations of how to build a DevSecOps pipeline. If things go the way we've planned, there will be more on the way.
Update, Editor's Note: The first episode in Mohamed's series is now available.
Release Date: The first workshop session will be available on January 16, 2019. Mohamed Labouardy will publish the first session in his 10 part series, CD/CD Serverless Solutions on AWS.
All workshops are delivered free, online. You just have to subscribe to DevSecOps Days in the box below. When you subscribe, you'll immediately receive a download of "Epic Failures in DevSecOps: Volume 1" as our thanks for joining our growing community. That's the full version of the book by the way, not an abridged version. That should keep you busy until the workshops start.
Each week, we'll add a new session to the series, giving you the time and resources needed to experiment and ask the authors questions. By the conclusion of the series, you should have a good handle on the components of a pipeline and how you might consider integrating them into your engineering environment.
These are full session, video recorded, hands-on workshops. The instructors will walk you through the concepts, the coding and tools needed to create your pipelines. Resources will be available on GitHub for you to download and experiment on your own.
If you are responsible for building and maintaining your team's DevOps and DevSecOps environments, we'd love for you to join us and give us input and feedback on the solutions created.
Senior Software Engineer/DevOps - 5x AWS Certified - Scrum Master Certified - Author of Hands-On Serverless Applications with Go - #Containers #Serverless #Gopher #Alexa #NLP #DistributedSystems #Android - Blogger & writer at Medium, DZone, Hackernoon & A Cloud Guru - Open Source Contributor (DialogFlow, Jenkins, Docker, Nexus, Telegraf ...) - Author of multiple Open Source projects (Komiser, Nexus CLI, Butler, Swaggymnia ...)
DevSecOps, Automation, Ninja Ninj-ery, Team Leadership and Mentoring, Ethical Hacking, Third Party Risk, Governance, Penetration Testing, Vulnerability Assessments, Red Team Engagements, Containerizing the world, Wifi/Radio Hacking, iOS, OSX, Mobile Security, Blowing up the Internet, Finance, Technical Architecture, Gaming, Interactive, Branded Entertainment, Product Management, Application Lifecycle Management (ALM), ITIL Best Practices
Education is a key component for expanding the DevSecOps community.
Our intent is two fold when rolling out this series of free workshops. First, it is to create variations of a basic DevSecOps pipeline and give enough instructions for you to follow along. Second, we want you to help extend that pipeline by participating in the discussions and offering ideas at the conclusion of each session.
What we learned from All Day DevOps is that teams like to talk through concepts together after watching a presentation, and then talk about how it relates to their in-house projects. By providing step-by-step instructions demonstrating how to build a solution, we want your team to walk through the solution and let us know how you can apply it to your projects, and how you would extend the pipeline.
This is a participatory series of videos where you and your team can directly influence the final outcome of the project. With enough input from the community, we can build multiple pipelines using various applications to best fit the community's needs.
If I were you, I'd ask the same question. We think people within the DevOps and DevSecOps industry deserve more exposure for the work they are doing. We're making our "soapbox" available to people we like to work with and who want to contribute to the growing community of DevSecOps practitioners.
We want to build a community who believes as we do and who wants to participate in the growth of that community. Workshops are the best way to show diversity of ideas and give participants the best chance to gain value from their participation.
We believe the best way to spread knowledge and build community is to provide free content and resources so people can learn and contribute at their own pace. By providing free, hands-on workshops, we can scale ideas to help educate the community. That's really it.
There are two costs associated with an effort like this: the creation of the content and the distribution of the content from a central platform.
Mohamed labouardy and DJ Schleen are volunteering their time and expertise to create the first iterations of these workshops. They would like to be known within the community for their ideas and contributions so that others can learn from their experience.
In addition to the workshops series, the "Epic Failures in DevSecOps" book series was kicked off in November with content contributions from Caroline Wong, Chetan Conikee, Chris Roberts, Aubrey Stearn, DJ Schleen, Edwin Kwan, Fabian Lim and Stefan Streichsbier. This is a free series of full length book publications available to subscribers of DevSecOpsDays.com.
We will continue with both of these, the workshops and the books, through 2019 and encourage you to take advantage of these free, community contributions.
A year ago, Sonatype asked me to create a community project that would act as a distribution and educational platform for the DevSecOps community. They were willing to pay for the creation and maintenance of the platform as a contribution to the growing community of DevSecOps enthusiasts.
The main objective of the project is to act as a central hub for DevSecOps knowledge, unencumbered by vendor influence. As such, Sonatype continues to provide support financially to the site and to the DevSecOps Days events produced around the world by local organizers.
There is no cost to participate in the workshops other than your contact information. WE. HATE. SPAM. Our promise to you: no sales pitches, no vendor spam, no hidden agendas.
You will receive a weekly update on new sessions in the workshop series and other content we add to the site, such as articles, podcasts and DevOps/DevSecOps event listings. Unsubscribe at any time with no questions asked. If the material isn't valuable to you, we won't take it personally.
Fill in your name and email, click the "Join" button and you'll be set to go. You'll immediately receive a copy of our new book "Epic Failures in DevSecOps" and be notified the minute the first session rolls out in January. We're looking forward to having you as part of our growing community.