I’ve been working on and waiting for this paper to get published. I co-authored it with some of my team mates in Pivotal/Tanzu Labs. It documents a practice that the Labs people have been doing, a developer toil survey. First, we develop the concept of “developer toil” in the paper. I think it’s a type of tech debt that isn’t noticed and optimized enough: all the work and waiting developers need to go through to finally start coding and running their software.
My co-worker Marc Zottner and I have an article out on seven types of modernization. It’s drawn from the book we’ve been working on (forever! too long!) on modernizing legacy apps, The Legacy Trap. Check it out!
Here’s a write-up from myself and JT of a new trend in the kubernetes/DevOps/app dev world: developer portals. With people building out the appdev layer on kubernetes (or “DevX”), many organizations are looking at how they support all the tools and internal community for developers. What’s interesting, and new, about projects like Backstage (now in the CNCF, so pretty closely tied to “we’re running our apps in kubernetes” strategies) is that backstage is looking to add tools right along side the usual “knowledge base” and project management stuff you get for internal dev portals, sites, “Confluence” stuff.
In this longer blog post, I go over how I’ve finally come to think about what DevSecOps is.A summary of what the post covers: 1. A secure software supply chain – This is a fancy way of saying “we know all the components that went into building and deploying this software and trust those components.” It also includes the actual CI/CD pipeline that you trust and that’s resistant to third parties including malicious code, as we’ve seen happen in recent years.