SlideShare uma empresa Scribd logo

OSSF 2018 - Brandon Jung of GitLab - Is Your DevOps 'Tool Tax' Weighing You Down? How Can a Single Application Across the Lifecycle Help

FINOS
FINOS

The document discusses how a single application that handles the entire software development lifecycle can help alleviate the "DevOps tool tax" caused by managing and integrating multiple point solutions. It provides an overview of GitLab's Auto DevOps feature which automates the build, test, security, deployment, and monitoring pipelines in a single system. By consolidating tools and processes, Auto DevOps helps reduce integration complexity and accelerate development cycles.

Tecnologia
1 de 37
Baixar para ler offline
Is your DevOps ‘tool tax’ weighing you down? How can a single application across the lifecycle help Brandon Jung VP Alliances, GitLab
Open source business models https://medium.com/open-consensus/3-oss-business-model-progressions-dafd5837f2d
Values that make a difference Collaboration Transparency
Values that make a difference From idea to production: 200% faster
Aspiration: Shift-left “Consumers want to interact with us in new, different ways. Shifting left enables us to fix problems earlier and be competitive in creating digital experiences quickly… It’s table stakes.” Michael, Director of Product Integrations S&P 500 Telecommunications, Mass Media Listen to live broadcast
Problem: Tool tax “Our feedback cycle took two weeks before we consolidated. It would have taken us 10 plus people to manage multiple tools.” Michael, Director of Product Integrations S&P 500 Telecommunications, Mass Media Listen to live broadcast
Solution: Fast results “We now do 1000s of deployments per week to our front-end with GitLab. Our GitLab team is 2 people and they support 1000 users. The feedback life cycle went from 2 weeks to seconds.” Michael, Director of Product Integrations S&P 500 Telecommunications, Mass Media Listen to live broadcast
Why is this relevant?
Accelerating Release Cycle Time is Critical What you initially thought the goal was What the initial optimal solution was Optimal solution moved to Cycle time compression may be the most underestimated force in determining winners & losers in tech. — Marc Andreessen
Full SDLC completed 2016 DEVDEV CREATE PLAN »
From Dev to DevOps DEV » Manage Secure DEV OPS PLAN RELEASE PACKAGE
The Toolchain Crisis Leads to the DevOps Tool Tax Different teams are using unique set of tools and integrations
Integration complexity of toolchains slows down teams: Integration Tax Portfolio mgmt Issue tracking Version control Code review Continuous integration Security testing Container registry CD/Release automation Configuration Management Monitoring https://about.gitlab.com/sdlc/#interfaces
#GitLabLive Traditional DevOps toolchain: Developer Tax
#GitLabLive What could it be like?
Incident Management: Data Tax
Triggered alert Recommended runbook Ops flow: Incident Management
Ops flow: Incident Management People Incident manager, assignees and responders
Ops flow: Incident Management Chat, video, and status page Join the incident Slack channel and Zoom call, update your public status page
Ops flow: Incident Management Timeline Status page, comments and Slack messages, responder updates
Ops flow: Incident Management
Ops flow: Incident Management
Timeline Post updates and stay on top of important events Troubleshoot with interactive runbooks Plot graphs, run database queries, run terminal commands Ops flow: Incident Management
Follow-up issues Fixing merge requests Link to related issues and merge requestsTimeline Import events and get a clinical overview Postmortem Collaborative editing with templates Ops flow: Incident Management
Ops flow: Incident Management Overview metrics Discover root causes Understand incidents impact over time
Data is the lifeblood of software: Data Tax Portfolio mgmt Issue tracking Version control Code review Continuous integration Security testing Container registry CD/Release automation Configuration Management Monitoring https://about.gitlab.com/sdlc/#interfaces Dashboard???
DevOps ‘tool tax’ Summary Integration/Support Tax + Developer tax + Data tax DevOps tool tax
Cloud-based, end-to-end innovation, development and production platform for financial services. Enable clients to accelerate technology Uses unique “transparent source” model: access to ALL code Moving to GitLab (SCM and CI) allowed them to "freeze" base code while ensuring all new code met quality, security, and documentation standards.
Values that make a difference Convention over Configuration
Opinionated DevOps: commit your code, GitLab does the rest CREATE MONITORVERIFY PACKAGE RELEASE CONFIGURE Merge Build Code Quality Test SECURE Container Registry Review App Deploy SAST Dependency Container License DAST Infra Config Scale Response System Custom Perf Testing + +
Auto DevOps: a brief overview Auto Build Auto Test Auto Code Quality Auto SAST Auto Dependency Scanning Auto License Management Auto Container Scanning Auto Review App Auto DAST Auto Deploy Auto Browser Perf Testing Auto Monitoring If there is a Dockerfile, it will use docker build to create a Docker image. Otherwise, it will use Herokuish and Heroku buildpacks to automatically detect and build the application into a Docker image.
Auto DevOps: a brief overview Based on the Herokuish and Heroku buildpacks Auto DevOps runs appropriate tests and code quality scans. Auto Build Auto Test Auto Code Quality Auto SAST Auto Dependency Scanning Auto License Management Auto Container Scanning Auto Review App Auto DAST Auto Deploy Auto Browser Perf Testing Auto Monitoring
Auto DevOps: a brief overview Multiple security scans are built into Auto DevOps: Static Application Security Testing (SAST) runs static analysis on the current code and checks for potential security issues. Dependency Scanning runs analysis on project dependencies and checks for potential security issues. Vulnerability Static Analysis for containers runs static analysis on the Docker image and checks for potential security issues. Dynamic Application Security Testing (DAST) performs an analysis on the current code and checks for potential security issues. Auto Build Auto Test Auto Code Quality Auto SAST Auto Dependency Scanning Auto License Management Auto Container Scanning Auto Review App Auto DAST Auto Deploy Auto Browser Perf Testing Auto Monitoring
Auto DevOps: a brief overview Review Apps are temporary application environments based on the branch's code so reviewers can actually see and interact with code changes as part of the review process. Auto Review Apps creates a Review App for each branch in to the Kubernetes cluster. Deploys the application to a production environment in the Kubernetes cluster. Auto Build Auto Test Auto Code Quality Auto SAST Auto Dependency Scanning Auto License Management Auto Container Scanning Auto Review App Auto DAST Auto Deploy Auto Browser Perf Testing Auto Monitoring
Auto DevOps: a brief overview Auto Build Auto Test Auto Code Quality Auto SAST Auto Dependency Scanning Auto License Management Auto Container Scanning Auto Review App Auto DAST Auto Deploy Auto Browser Perf Testing Auto Monitoring Auto Monitoring makes it possible to monitor your application's server and response metrics right out of the box. Powered by Prometheus.
Thank you! Stay in touch: @brandoncjung bjung @gitlab.com
Everyone can contribute about.gitlab.com info@gitlab.com

Recomendados

Continuous Performance Testing and Monitoring in Agile Development
Continuous Performance Testing and Monitoring in Agile DevelopmentContinuous Performance Testing and Monitoring in Agile Development
Continuous Performance Testing and Monitoring in Agile Development
Dynatrace
 
Iac evolutions
Iac evolutionsIac evolutions
Iac evolutions
Prancer Io
 
From 0 to DevOps in 80 Days [Webinar Replay]
From 0 to DevOps in 80 Days [Webinar Replay]From 0 to DevOps in 80 Days [Webinar Replay]
From 0 to DevOps in 80 Days [Webinar Replay]
Dynatrace
 
Optimize your CI/CD with GitLab and AWS
Optimize your CI/CD with GitLab and AWSOptimize your CI/CD with GitLab and AWS
Optimize your CI/CD with GitLab and AWS
DevOps.com
 
Starting Your DevOps Journey – Practical Tips for Ops
Starting Your DevOps Journey – Practical Tips for OpsStarting Your DevOps Journey – Practical Tips for Ops
Starting Your DevOps Journey – Practical Tips for Ops
Dynatrace
 
Enable DevSecOps using Jira Software
Enable DevSecOps using Jira Software Enable DevSecOps using Jira Software
Enable DevSecOps using Jira Software
Atlassian
 
Monitoring with Artificial Intelligence [Webinar]
Monitoring with Artificial Intelligence [Webinar]Monitoring with Artificial Intelligence [Webinar]
Monitoring with Artificial Intelligence [Webinar]
Dynatrace
 
DevOps Transformation at Dynatrace and with Dynatrace
DevOps Transformation at Dynatrace and with DynatraceDevOps Transformation at Dynatrace and with Dynatrace
DevOps Transformation at Dynatrace and with Dynatrace
Andreas Grabner
 

Recomendados

Continuous Performance Testing and Monitoring in Agile Development
Continuous Performance Testing and Monitoring in Agile DevelopmentContinuous Performance Testing and Monitoring in Agile Development
Continuous Performance Testing and Monitoring in Agile Development
Dynatrace
 
Iac evolutions
Iac evolutionsIac evolutions
Iac evolutions
Prancer Io
 
From 0 to DevOps in 80 Days [Webinar Replay]
From 0 to DevOps in 80 Days [Webinar Replay]From 0 to DevOps in 80 Days [Webinar Replay]
From 0 to DevOps in 80 Days [Webinar Replay]
Dynatrace
 
Optimize your CI/CD with GitLab and AWS
Optimize your CI/CD with GitLab and AWSOptimize your CI/CD with GitLab and AWS
Optimize your CI/CD with GitLab and AWS
DevOps.com
 
Starting Your DevOps Journey – Practical Tips for Ops
Starting Your DevOps Journey – Practical Tips for OpsStarting Your DevOps Journey – Practical Tips for Ops
Starting Your DevOps Journey – Practical Tips for Ops
Dynatrace
 
Enable DevSecOps using Jira Software
Enable DevSecOps using Jira Software Enable DevSecOps using Jira Software
Enable DevSecOps using Jira Software
Atlassian
 
Monitoring with Artificial Intelligence [Webinar]
Monitoring with Artificial Intelligence [Webinar]Monitoring with Artificial Intelligence [Webinar]
Monitoring with Artificial Intelligence [Webinar]
Dynatrace
 
DevOps Transformation at Dynatrace and with Dynatrace
DevOps Transformation at Dynatrace and with DynatraceDevOps Transformation at Dynatrace and with Dynatrace
DevOps Transformation at Dynatrace and with Dynatrace
Andreas Grabner
 
Tools to Slay the Fire Breathing Monoliths in Your Enterprise
Tools to Slay the Fire Breathing Monoliths in Your EnterpriseTools to Slay the Fire Breathing Monoliths in Your Enterprise
Tools to Slay the Fire Breathing Monoliths in Your Enterprise
VMware Tanzu
 
Enterprise DevOps Series: Using VS Code & Zowe
Enterprise DevOps Series: Using VS Code & ZoweEnterprise DevOps Series: Using VS Code & Zowe
Enterprise DevOps Series: Using VS Code & Zowe
DevOps.com
 
Leverage DevOps & Agile Development to Transform Your Application Testing Pro...
Leverage DevOps & Agile Development to Transform Your Application Testing Pro...Leverage DevOps & Agile Development to Transform Your Application Testing Pro...
Leverage DevOps & Agile Development to Transform Your Application Testing Pro...
Deborah Schalm
 
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA ProgramAppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
Denim Group
 
ATAGTR2017 Wearable App Testing
ATAGTR2017 Wearable App TestingATAGTR2017 Wearable App Testing
ATAGTR2017 Wearable App Testing
Agile Testing Alliance
 
Operationalize all the network things
Operationalize all the network thingsOperationalize all the network things
Operationalize all the network things
Lori MacVittie
 
Driving Service Ownership with Distributed Tracing
Driving Service Ownership with Distributed TracingDriving Service Ownership with Distributed Tracing
Driving Service Ownership with Distributed Tracing
DevOps.com
 
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
Agile Testing Alliance
 
To Scale Test Automation for DevOps, Avoid These Anti-Patterns
To Scale Test Automation for DevOps, Avoid These Anti-PatternsTo Scale Test Automation for DevOps, Avoid These Anti-Patterns
To Scale Test Automation for DevOps, Avoid These Anti-Patterns
DevOps.com
 
Explain DevOps To Me Like I’m Five: DevOps for Managers
Explain DevOps To Me Like I’m Five: DevOps for ManagersExplain DevOps To Me Like I’m Five: DevOps for Managers
Explain DevOps To Me Like I’m Five: DevOps for Managers
Gene Gotimer
 
Best Practices for Driving Software Quality through a Federated Application S...
Best Practices for Driving Software Quality through a Federated Application S...Best Practices for Driving Software Quality through a Federated Application S...
Best Practices for Driving Software Quality through a Federated Application S...
DevOps.com
 
2016 - DevOps Meets APIs - Model once. Benefit everywhere.
2016 - DevOps Meets APIs - Model once. Benefit everywhere.2016 - DevOps Meets APIs - Model once. Benefit everywhere.
2016 - DevOps Meets APIs - Model once. Benefit everywhere.
devopsdaysaustin
 
Fact2009 How To Operationalize Your Strategies
Fact2009 How To Operationalize Your StrategiesFact2009 How To Operationalize Your Strategies
Fact2009 How To Operationalize Your Strategies
syosko
 
Azure DevOps
Azure DevOpsAzure DevOps
Azure DevOps
Juan Fabian
 
Testing a Microservices Architecture
Testing a Microservices ArchitectureTesting a Microservices Architecture
Testing a Microservices Architecture
Parasoft
 
DevOps Underground - Microservices Monitoring
DevOps Underground - Microservices MonitoringDevOps Underground - Microservices Monitoring
DevOps Underground - Microservices Monitoring
kloia
 
Security Implications for a DevOps Transformation
Security Implications for a DevOps TransformationSecurity Implications for a DevOps Transformation
Security Implications for a DevOps Transformation
Deborah Schalm
 
Microsoft DevOps Solution - DevOps
Microsoft DevOps Solution - DevOps Microsoft DevOps Solution - DevOps
Microsoft DevOps Solution - DevOps
Chetan Gordhan
 
Raju ponnam CV
Raju ponnam CVRaju ponnam CV
Raju ponnam CV
raju p
 
Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009
Klocwork
 
Keys to continuous testing for faster delivery euro star webinar
Keys to continuous testing for faster delivery euro star webinar Keys to continuous testing for faster delivery euro star webinar
Keys to continuous testing for faster delivery euro star webinar
TEST Huddle
 
2018 Pivotal DevOps Day_Pivotal 소개 및 세션 아젠다 소개
2018 Pivotal DevOps Day_Pivotal 소개 및 세션 아젠다 소개2018 Pivotal DevOps Day_Pivotal 소개 및 세션 아젠다 소개
2018 Pivotal DevOps Day_Pivotal 소개 및 세션 아젠다 소개
VMware Tanzu Korea
 

Mais conteúdo relacionado

Mais procurados

Tools to Slay the Fire Breathing Monoliths in Your Enterprise
Tools to Slay the Fire Breathing Monoliths in Your EnterpriseTools to Slay the Fire Breathing Monoliths in Your Enterprise
Tools to Slay the Fire Breathing Monoliths in Your Enterprise
VMware Tanzu
 
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA ProgramAppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
Denim Group
 
To Scale Test Automation for DevOps, Avoid These Anti-Patterns
To Scale Test Automation for DevOps, Avoid These Anti-PatternsTo Scale Test Automation for DevOps, Avoid These Anti-Patterns
To Scale Test Automation for DevOps, Avoid These Anti-Patterns
DevOps.com
 
Best Practices for Driving Software Quality through a Federated Application S...
Best Practices for Driving Software Quality through a Federated Application S...Best Practices for Driving Software Quality through a Federated Application S...
Best Practices for Driving Software Quality through a Federated Application S...
DevOps.com
 
Security Implications for a DevOps Transformation
Security Implications for a DevOps TransformationSecurity Implications for a DevOps Transformation
Security Implications for a DevOps Transformation
Deborah Schalm
 
Raju ponnam CV
Raju ponnam CVRaju ponnam CV
Raju ponnam CV
raju p
 

Mais procurados (20)

Tools to Slay the Fire Breathing Monoliths in Your Enterprise
Tools to Slay the Fire Breathing Monoliths in Your EnterpriseTools to Slay the Fire Breathing Monoliths in Your Enterprise
Tools to Slay the Fire Breathing Monoliths in Your Enterprise
 
Enterprise DevOps Series: Using VS Code & Zowe
Enterprise DevOps Series: Using VS Code & ZoweEnterprise DevOps Series: Using VS Code & Zowe
Enterprise DevOps Series: Using VS Code & Zowe
 
Leverage DevOps & Agile Development to Transform Your Application Testing Pro...
Leverage DevOps & Agile Development to Transform Your Application Testing Pro...Leverage DevOps & Agile Development to Transform Your Application Testing Pro...
Leverage DevOps & Agile Development to Transform Your Application Testing Pro...
 
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA ProgramAppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
AppSec Fast and Slow: Your DevSecOps CI/CD Pipeline Isn’t an SSA Program
 
ATAGTR2017 Wearable App Testing
ATAGTR2017 Wearable App TestingATAGTR2017 Wearable App Testing
ATAGTR2017 Wearable App Testing
 
Operationalize all the network things
Operationalize all the network thingsOperationalize all the network things
Operationalize all the network things
 
Driving Service Ownership with Distributed Tracing
Driving Service Ownership with Distributed TracingDriving Service Ownership with Distributed Tracing
Driving Service Ownership with Distributed Tracing
 
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
 
To Scale Test Automation for DevOps, Avoid These Anti-Patterns
To Scale Test Automation for DevOps, Avoid These Anti-PatternsTo Scale Test Automation for DevOps, Avoid These Anti-Patterns
To Scale Test Automation for DevOps, Avoid These Anti-Patterns
 
Explain DevOps To Me Like I’m Five: DevOps for Managers
Explain DevOps To Me Like I’m Five: DevOps for ManagersExplain DevOps To Me Like I’m Five: DevOps for Managers
Explain DevOps To Me Like I’m Five: DevOps for Managers
 
Best Practices for Driving Software Quality through a Federated Application S...
Best Practices for Driving Software Quality through a Federated Application S...Best Practices for Driving Software Quality through a Federated Application S...
Best Practices for Driving Software Quality through a Federated Application S...
 
2016 - DevOps Meets APIs - Model once. Benefit everywhere.
2016 - DevOps Meets APIs - Model once. Benefit everywhere.2016 - DevOps Meets APIs - Model once. Benefit everywhere.
2016 - DevOps Meets APIs - Model once. Benefit everywhere.
 
Fact2009 How To Operationalize Your Strategies
Fact2009 How To Operationalize Your StrategiesFact2009 How To Operationalize Your Strategies
Fact2009 How To Operationalize Your Strategies
 
Azure DevOps
Azure DevOpsAzure DevOps
Azure DevOps
 
Testing a Microservices Architecture
Testing a Microservices ArchitectureTesting a Microservices Architecture
Testing a Microservices Architecture
 
DevOps Underground - Microservices Monitoring
DevOps Underground - Microservices MonitoringDevOps Underground - Microservices Monitoring
DevOps Underground - Microservices Monitoring
 
Security Implications for a DevOps Transformation
Security Implications for a DevOps TransformationSecurity Implications for a DevOps Transformation
Security Implications for a DevOps Transformation
 
Microsoft DevOps Solution - DevOps
Microsoft DevOps Solution - DevOps Microsoft DevOps Solution - DevOps
Microsoft DevOps Solution - DevOps
 
Raju ponnam CV
Raju ponnam CVRaju ponnam CV
Raju ponnam CV
 
Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009
 

Semelhante a OSSF 2018 - Brandon Jung of GitLab - Is Your DevOps 'Tool Tax' Weighing You Down? How Can a Single Application Across the Lifecycle Help

Keys to continuous testing for faster delivery euro star webinar
Keys to continuous testing for faster delivery euro star webinar Keys to continuous testing for faster delivery euro star webinar
Keys to continuous testing for faster delivery euro star webinar
TEST Huddle
 
Sukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud ManagementSukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak
 
Reduce Time to Value: Focus First on Configuration Management Debt
Reduce Time to Value: Focus First on Configuration Management DebtReduce Time to Value: Focus First on Configuration Management Debt
Reduce Time to Value: Focus First on Configuration Management Debt
Chris Sterling
 

Semelhante a OSSF 2018 - Brandon Jung of GitLab - Is Your DevOps 'Tool Tax' Weighing You Down? How Can a Single Application Across the Lifecycle Help (20)

Keys to continuous testing for faster delivery euro star webinar
Keys to continuous testing for faster delivery euro star webinar Keys to continuous testing for faster delivery euro star webinar
Keys to continuous testing for faster delivery euro star webinar
 
2018 Pivotal DevOps Day_Pivotal 소개 및 세션 아젠다 소개
2018 Pivotal DevOps Day_Pivotal 소개 및 세션 아젠다 소개2018 Pivotal DevOps Day_Pivotal 소개 및 세션 아젠다 소개
2018 Pivotal DevOps Day_Pivotal 소개 및 세션 아젠다 소개
 
2018 Pivotal DevOps Day_마이크로서비스 전환 방법론과 사례
2018 Pivotal DevOps Day_마이크로서비스 전환 방법론과 사례2018 Pivotal DevOps Day_마이크로서비스 전환 방법론과 사례
2018 Pivotal DevOps Day_마이크로서비스 전환 방법론과 사례
 
The Bespoke Software Product Factory (2007)
The Bespoke Software Product Factory (2007)The Bespoke Software Product Factory (2007)
The Bespoke Software Product Factory (2007)
 
Platform governance, gestire un ecosistema di microservizi a livello enterprise
Platform governance, gestire un ecosistema di microservizi a livello enterprisePlatform governance, gestire un ecosistema di microservizi a livello enterprise
Platform governance, gestire un ecosistema di microservizi a livello enterprise
 
Twelve factor-app
Twelve factor-appTwelve factor-app
Twelve factor-app
 
Sukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud ManagementSukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak-Agile-DevOps-Cloud Management
 
Software as a Service - Concepts and Implementation
Software as a Service - Concepts and ImplementationSoftware as a Service - Concepts and Implementation
Software as a Service - Concepts and Implementation
 
The Magic Of Application Lifecycle Management In Vs Public
The Magic Of Application Lifecycle Management In Vs PublicThe Magic Of Application Lifecycle Management In Vs Public
The Magic Of Application Lifecycle Management In Vs Public
 
Lunch and Learn and Sneakers
Lunch and Learn and SneakersLunch and Learn and Sneakers
Lunch and Learn and Sneakers
 
Encontrando la Aguja en el Rendimiento de Aplicaciones
Encontrando la Aguja en el Rendimiento de AplicacionesEncontrando la Aguja en el Rendimiento de Aplicaciones
Encontrando la Aguja en el Rendimiento de Aplicaciones
 
Future of QA
Future of QAFuture of QA
Future of QA
 
Futureofqa
FutureofqaFutureofqa
Futureofqa
 
CA Service Virtualization
CA Service VirtualizationCA Service Virtualization
CA Service Virtualization
 
Agility and Control from AWS [FutureStack16]
Agility and Control from AWS [FutureStack16]Agility and Control from AWS [FutureStack16]
Agility and Control from AWS [FutureStack16]
 
DevOps
DevOps DevOps
DevOps
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWS
 
Dev ops and safety critical systems
Dev ops and safety critical systemsDev ops and safety critical systems
Dev ops and safety critical systems
 
Reduce Time to Value: Focus First on Configuration Management Debt
Reduce Time to Value: Focus First on Configuration Management DebtReduce Time to Value: Focus First on Configuration Management Debt
Reduce Time to Value: Focus First on Configuration Management Debt
 
Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?
 

Mais de FINOS

OSSF 2018 - Steve Helvie of the Open Compute Network - Rethinking Infrastruct...
OSSF 2018 - Steve Helvie of the Open Compute Network - Rethinking Infrastruct...OSSF 2018 - Steve Helvie of the Open Compute Network - Rethinking Infrastruct...
OSSF 2018 - Steve Helvie of the Open Compute Network - Rethinking Infrastruct...
FINOS
 
OSSF 2018 - Stefan Just of Codescoop - OSCAR - a new approach to Software Com...
OSSF 2018 - Stefan Just of Codescoop - OSCAR - a new approach to Software Com...OSSF 2018 - Stefan Just of Codescoop - OSCAR - a new approach to Software Com...
OSSF 2018 - Stefan Just of Codescoop - OSCAR - a new approach to Software Com...
FINOS
 
OSSF 2018 - Matt Barrett of Adaptive - Open sourcing a bank's software: exact...
OSSF 2018 - Matt Barrett of Adaptive - Open sourcing a bank's software: exact...OSSF 2018 - Matt Barrett of Adaptive - Open sourcing a bank's software: exact...
OSSF 2018 - Matt Barrett of Adaptive - Open sourcing a bank's software: exact...
FINOS
 
OSSF 2018 - Overcoming Compliance Barriers to Open Source Collaboration Infra...
OSSF 2018 - Overcoming Compliance Barriers to Open Source Collaboration Infra...OSSF 2018 - Overcoming Compliance Barriers to Open Source Collaboration Infra...
OSSF 2018 - Overcoming Compliance Barriers to Open Source Collaboration Infra...
FINOS
 
OSSF 2018 - Jeff Luszcz of Flexera - Day 2 - Open Source Culture, Standards, ...
OSSF 2018 - Jeff Luszcz of Flexera - Day 2 - Open Source Culture, Standards, ...OSSF 2018 - Jeff Luszcz of Flexera - Day 2 - Open Source Culture, Standards, ...
OSSF 2018 - Jeff Luszcz of Flexera - Day 2 - Open Source Culture, Standards, ...
FINOS
 
OSSF 2018 - Jeff Luszcz of Flexera - Common Open Source Intake Issues and How...
OSSF 2018 - Jeff Luszcz of Flexera - Common Open Source Intake Issues and How...OSSF 2018 - Jeff Luszcz of Flexera - Common Open Source Intake Issues and How...
OSSF 2018 - Jeff Luszcz of Flexera - Common Open Source Intake Issues and How...
FINOS
 
OSSF 2018 - Greg Olson of Open Source Sense - Building Mission- and Business-...
OSSF 2018 - Greg Olson of Open Source Sense - Building Mission- and Business-...OSSF 2018 - Greg Olson of Open Source Sense - Building Mission- and Business-...
OSSF 2018 - Greg Olson of Open Source Sense - Building Mission- and Business-...
FINOS
 
OSSF 2018 - David Kappos of Cravath, Swaine & Moore - Accounting for Patents ...
OSSF 2018 - David Kappos of Cravath, Swaine & Moore - Accounting for Patents ...OSSF 2018 - David Kappos of Cravath, Swaine & Moore - Accounting for Patents ...
OSSF 2018 - David Kappos of Cravath, Swaine & Moore - Accounting for Patents ...
FINOS
 
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
FINOS
 
OSSF 2018 - Daniel Izquierdo of Bitergia / InnerSource Commons - Starting wit...
OSSF 2018 - Daniel Izquierdo of Bitergia / InnerSource Commons - Starting wit...OSSF 2018 - Daniel Izquierdo of Bitergia / InnerSource Commons - Starting wit...
OSSF 2018 - Daniel Izquierdo of Bitergia / InnerSource Commons - Starting wit...
FINOS
 
OSSF 2018 - Danese Cooper of NearForm - Getting the most out of Open Source i...
OSSF 2018 - Danese Cooper of NearForm - Getting the most out of Open Source i...OSSF 2018 - Danese Cooper of NearForm - Getting the most out of Open Source i...
OSSF 2018 - Danese Cooper of NearForm - Getting the most out of Open Source i...
FINOS
 
OSSF 2018 - Colin Charles of GrokOpen - Community vs. enterprise how not to ...
OSSF 2018 - Colin Charles of GrokOpen - Community vs. enterprise how not to ...OSSF 2018 - Colin Charles of GrokOpen - Community vs. enterprise how not to ...
OSSF 2018 - Colin Charles of GrokOpen - Community vs. enterprise how not to ...
FINOS
 
OSSF 2018 - Andrew Katz of Moorcrofts - OpenChain: a Tested Framework for Ope...
OSSF 2018 - Andrew Katz of Moorcrofts - OpenChain: a Tested Framework for Ope...OSSF 2018 - Andrew Katz of Moorcrofts - OpenChain: a Tested Framework for Ope...
OSSF 2018 - Andrew Katz of Moorcrofts - OpenChain: a Tested Framework for Ope...
FINOS
 

Mais de FINOS (20)

2019-03 - An introduction to FINOS
2019-03 - An introduction to FINOS2019-03 - An introduction to FINOS
2019-03 - An introduction to FINOS
 
OSSF 2018 - Peter Crocker of Cumulus Networks - TCO and technical advantages ...
OSSF 2018 - Peter Crocker of Cumulus Networks - TCO and technical advantages ...OSSF 2018 - Peter Crocker of Cumulus Networks - TCO and technical advantages ...
OSSF 2018 - Peter Crocker of Cumulus Networks - TCO and technical advantages ...
 
OSSF 2018 - Steve Helvie of the Open Compute Network - Rethinking Infrastruct...
OSSF 2018 - Steve Helvie of the Open Compute Network - Rethinking Infrastruct...OSSF 2018 - Steve Helvie of the Open Compute Network - Rethinking Infrastruct...
OSSF 2018 - Steve Helvie of the Open Compute Network - Rethinking Infrastruct...
 
OSSF 2018 - Stefan Just of Codescoop - OSCAR - a new approach to Software Com...
OSSF 2018 - Stefan Just of Codescoop - OSCAR - a new approach to Software Com...OSSF 2018 - Stefan Just of Codescoop - OSCAR - a new approach to Software Com...
OSSF 2018 - Stefan Just of Codescoop - OSCAR - a new approach to Software Com...
 
OSSF 2018 - Nick Kolba of OpenFin - FDC3 and the Legacy of Web Intents
OSSF 2018 - Nick Kolba of OpenFin - FDC3 and the Legacy of Web IntentsOSSF 2018 - Nick Kolba of OpenFin - FDC3 and the Legacy of Web Intents
OSSF 2018 - Nick Kolba of OpenFin - FDC3 and the Legacy of Web Intents
 
OSSF 2018 - Matt Barrett of Adaptive - Open sourcing a bank's software: exact...
OSSF 2018 - Matt Barrett of Adaptive - Open sourcing a bank's software: exact...OSSF 2018 - Matt Barrett of Adaptive - Open sourcing a bank's software: exact...
OSSF 2018 - Matt Barrett of Adaptive - Open sourcing a bank's software: exact...
 
OSSF 2018 - Overcoming Compliance Barriers to Open Source Collaboration Infra...
OSSF 2018 - Overcoming Compliance Barriers to Open Source Collaboration Infra...OSSF 2018 - Overcoming Compliance Barriers to Open Source Collaboration Infra...
OSSF 2018 - Overcoming Compliance Barriers to Open Source Collaboration Infra...
 
OSSF 2018 - Jilayne Lovejoy - Training: Intro to Open Source
OSSF 2018 - Jilayne Lovejoy - Training: Intro to Open SourceOSSF 2018 - Jilayne Lovejoy - Training: Intro to Open Source
OSSF 2018 - Jilayne Lovejoy - Training: Intro to Open Source
 
OSSF 2018 - Jeff Luszcz of Flexera - Day 2 - Open Source Culture, Standards, ...
OSSF 2018 - Jeff Luszcz of Flexera - Day 2 - Open Source Culture, Standards, ...OSSF 2018 - Jeff Luszcz of Flexera - Day 2 - Open Source Culture, Standards, ...
OSSF 2018 - Jeff Luszcz of Flexera - Day 2 - Open Source Culture, Standards, ...
 
OSSF 2018 - Jeff Luszcz of Flexera - Common Open Source Intake Issues and How...
OSSF 2018 - Jeff Luszcz of Flexera - Common Open Source Intake Issues and How...OSSF 2018 - Jeff Luszcz of Flexera - Common Open Source Intake Issues and How...
OSSF 2018 - Jeff Luszcz of Flexera - Common Open Source Intake Issues and How...
 
OSSF 2018 - Jared Broad of QuantConnect - Motivations and Business Goals for ...
OSSF 2018 - Jared Broad of QuantConnect - Motivations and Business Goals for ...OSSF 2018 - Jared Broad of QuantConnect - Motivations and Business Goals for ...
OSSF 2018 - Jared Broad of QuantConnect - Motivations and Business Goals for ...
 
OSSF 2018 - Jamie Jones of GitHub - Pull what where? Contributing to Open Sou...
OSSF 2018 - Jamie Jones of GitHub - Pull what where? Contributing to Open Sou...OSSF 2018 - Jamie Jones of GitHub - Pull what where? Contributing to Open Sou...
OSSF 2018 - Jamie Jones of GitHub - Pull what where? Contributing to Open Sou...
 
OSSF 2018 - Greg Olson of Open Source Sense - Building Mission- and Business-...
OSSF 2018 - Greg Olson of Open Source Sense - Building Mission- and Business-...OSSF 2018 - Greg Olson of Open Source Sense - Building Mission- and Business-...
OSSF 2018 - Greg Olson of Open Source Sense - Building Mission- and Business-...
 
OSSF 2018 - Dawn Foster of Pivotal - Open Source Collaboration: Finding the R...
OSSF 2018 - Dawn Foster of Pivotal - Open Source Collaboration: Finding the R...OSSF 2018 - Dawn Foster of Pivotal - Open Source Collaboration: Finding the R...
OSSF 2018 - Dawn Foster of Pivotal - Open Source Collaboration: Finding the R...
 
OSSF 2018 - David Kappos of Cravath, Swaine & Moore - Accounting for Patents ...
OSSF 2018 - David Kappos of Cravath, Swaine & Moore - Accounting for Patents ...OSSF 2018 - David Kappos of Cravath, Swaine & Moore - Accounting for Patents ...
OSSF 2018 - David Kappos of Cravath, Swaine & Moore - Accounting for Patents ...
 
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
 
OSSF 2018 - Daniel Izquierdo of Bitergia / InnerSource Commons - Starting wit...
OSSF 2018 - Daniel Izquierdo of Bitergia / InnerSource Commons - Starting wit...OSSF 2018 - Daniel Izquierdo of Bitergia / InnerSource Commons - Starting wit...
OSSF 2018 - Daniel Izquierdo of Bitergia / InnerSource Commons - Starting wit...
 
OSSF 2018 - Danese Cooper of NearForm - Getting the most out of Open Source i...
OSSF 2018 - Danese Cooper of NearForm - Getting the most out of Open Source i...OSSF 2018 - Danese Cooper of NearForm - Getting the most out of Open Source i...
OSSF 2018 - Danese Cooper of NearForm - Getting the most out of Open Source i...
 
OSSF 2018 - Colin Charles of GrokOpen - Community vs. enterprise how not to ...
OSSF 2018 - Colin Charles of GrokOpen - Community vs. enterprise how not to ...OSSF 2018 - Colin Charles of GrokOpen - Community vs. enterprise how not to ...
OSSF 2018 - Colin Charles of GrokOpen - Community vs. enterprise how not to ...
 
OSSF 2018 - Andrew Katz of Moorcrofts - OpenChain: a Tested Framework for Ope...
OSSF 2018 - Andrew Katz of Moorcrofts - OpenChain: a Tested Framework for Ope...OSSF 2018 - Andrew Katz of Moorcrofts - OpenChain: a Tested Framework for Ope...
OSSF 2018 - Andrew Katz of Moorcrofts - OpenChain: a Tested Framework for Ope...
 

Último

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 

Último (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 

OSSF 2018 - Brandon Jung of GitLab - Is Your DevOps 'Tool Tax' Weighing You Down? How Can a Single Application Across the Lifecycle Help

  • 1. Is your DevOps ‘tool tax’ weighing you down? How can a single application across the lifecycle help Brandon Jung VP Alliances, GitLab
  • 2. Open source business models https://medium.com/open-consensus/3-oss-business-model-progressions-dafd5837f2d
  • 3. Values that make a difference Collaboration Transparency
  • 4. Values that make a difference From idea to production: 200% faster
  • 5. Aspiration: Shift-left “Consumers want to interact with us in new, different ways. Shifting left enables us to fix problems earlier and be competitive in creating digital experiences quickly… It’s table stakes.” Michael, Director of Product Integrations S&P 500 Telecommunications, Mass Media Listen to live broadcast
  • 6. Problem: Tool tax “Our feedback cycle took two weeks before we consolidated. It would have taken us 10 plus people to manage multiple tools.” Michael, Director of Product Integrations S&P 500 Telecommunications, Mass Media Listen to live broadcast
  • 7. Solution: Fast results “We now do 1000s of deployments per week to our front-end with GitLab. Our GitLab team is 2 people and they support 1000 users. The feedback life cycle went from 2 weeks to seconds.” Michael, Director of Product Integrations S&P 500 Telecommunications, Mass Media Listen to live broadcast
  • 8. Why is this relevant?
  • 9. Accelerating Release Cycle Time is Critical What you initially thought the goal was What the initial optimal solution was Optimal solution moved to Cycle time compression may be the most underestimated force in determining winners & losers in tech. — Marc Andreessen
  • 10. Full SDLC completed 2016 DEVDEV CREATE PLAN »
  • 11. From Dev to DevOps DEV » Manage Secure DEV OPS PLAN RELEASE PACKAGE
  • 12. The Toolchain Crisis Leads to the DevOps Tool Tax Different teams are using unique set of tools and integrations
  • 13. Integration complexity of toolchains slows down teams: Integration Tax Portfolio mgmt Issue tracking Version control Code review Continuous integration Security testing Container registry CD/Release automation Configuration Management Monitoring https://about.gitlab.com/sdlc/#interfaces
  • 18. Ops flow: Incident Management People Incident manager, assignees and responders
  • 19. Ops flow: Incident Management Chat, video, and status page Join the incident Slack channel and Zoom call, update your public status page
  • 20. Ops flow: Incident Management Timeline Status page, comments and Slack messages, responder updates
  • 21. Ops flow: Incident Management
  • 22. Ops flow: Incident Management
  • 23. Timeline Post updates and stay on top of important events Troubleshoot with interactive runbooks Plot graphs, run database queries, run terminal commands Ops flow: Incident Management
  • 24. Follow-up issues Fixing merge requests Link to related issues and merge requestsTimeline Import events and get a clinical overview Postmortem Collaborative editing with templates Ops flow: Incident Management
  • 25. Ops flow: Incident Management Overview metrics Discover root causes Understand incidents impact over time
  • 26. Data is the lifeblood of software: Data Tax Portfolio mgmt Issue tracking Version control Code review Continuous integration Security testing Container registry CD/Release automation Configuration Management Monitoring https://about.gitlab.com/sdlc/#interfaces Dashboard???
  • 27. DevOps ‘tool tax’ Summary Integration/Support Tax + Developer tax + Data tax DevOps tool tax
  • 28. Cloud-based, end-to-end innovation, development and production platform for financial services. Enable clients to accelerate technology Uses unique “transparent source” model: access to ALL code Moving to GitLab (SCM and CI) allowed them to "freeze" base code while ensuring all new code met quality, security, and documentation standards.
  • 29. Values that make a difference Convention over Configuration
  • 30. Opinionated DevOps: commit your code, GitLab does the rest CREATE MONITORVERIFY PACKAGE RELEASE CONFIGURE Merge Build Code Quality Test SECURE Container Registry Review App Deploy SAST Dependency Container License DAST Infra Config Scale Response System Custom Perf Testing + +
  • 31. Auto DevOps: a brief overview Auto Build Auto Test Auto Code Quality Auto SAST Auto Dependency Scanning Auto License Management Auto Container Scanning Auto Review App Auto DAST Auto Deploy Auto Browser Perf Testing Auto Monitoring If there is a Dockerfile, it will use docker build to create a Docker image. Otherwise, it will use Herokuish and Heroku buildpacks to automatically detect and build the application into a Docker image.
  • 32. Auto DevOps: a brief overview Based on the Herokuish and Heroku buildpacks Auto DevOps runs appropriate tests and code quality scans. Auto Build Auto Test Auto Code Quality Auto SAST Auto Dependency Scanning Auto License Management Auto Container Scanning Auto Review App Auto DAST Auto Deploy Auto Browser Perf Testing Auto Monitoring
  • 33. Auto DevOps: a brief overview Multiple security scans are built into Auto DevOps: Static Application Security Testing (SAST) runs static analysis on the current code and checks for potential security issues. Dependency Scanning runs analysis on project dependencies and checks for potential security issues. Vulnerability Static Analysis for containers runs static analysis on the Docker image and checks for potential security issues. Dynamic Application Security Testing (DAST) performs an analysis on the current code and checks for potential security issues. Auto Build Auto Test Auto Code Quality Auto SAST Auto Dependency Scanning Auto License Management Auto Container Scanning Auto Review App Auto DAST Auto Deploy Auto Browser Perf Testing Auto Monitoring
  • 34. Auto DevOps: a brief overview Review Apps are temporary application environments based on the branch's code so reviewers can actually see and interact with code changes as part of the review process. Auto Review Apps creates a Review App for each branch in to the Kubernetes cluster. Deploys the application to a production environment in the Kubernetes cluster. Auto Build Auto Test Auto Code Quality Auto SAST Auto Dependency Scanning Auto License Management Auto Container Scanning Auto Review App Auto DAST Auto Deploy Auto Browser Perf Testing Auto Monitoring
  • 35. Auto DevOps: a brief overview Auto Build Auto Test Auto Code Quality Auto SAST Auto Dependency Scanning Auto License Management Auto Container Scanning Auto Review App Auto DAST Auto Deploy Auto Browser Perf Testing Auto Monitoring Auto Monitoring makes it possible to monitor your application's server and response metrics right out of the box. Powered by Prometheus.
  • 36. Thank you! Stay in touch: @brandoncjung bjung @gitlab.com