Europace is a network-centric organization within a network of organizations (Hypoport). It uses the self-organization framework Holacracy as its operating system---loosely coupled, autonomous teams are working together for a common purpose. But with autonomy also comes a trend towards self-sufficiency. In the years after starting with self-organization we experienced a lot of “reinventing the wheel” instead of company-wide collaboration. In order to find a way out of this dilemma we looked at the open source world, especially on how collaboration works in such a distributed world. What we found was The Apache Way.
Next, a group of people interested and experienced in Open Source founded a community of practise at Europace. Together, we run experiments for applying the patterns of The Apache Way at our teams. As a result of those experiments these patterns can nowadays be found everywhere at Europace, especially when it comes to collaboration between teams. But we did not stop there, we kept on running experiments in order to improve the InnerSource experience at Europace. In this talk you will learn which experiments we run, how we did it and what we discovered on our journey so far.
Open Source Licensing: Types, Strategies and ComplianceAll Things Open
Presented by: Jeff Luszcz, ZebraCatZebra
Presented at All Things Open 2020
Abstract: Open Source powers the world, but you need to do more than use it.
In this talk we will provide background on the most common types of open source licenses, business models, security issues and the processes required to help you remain secure and in compliance. We will discuss best practices, scanning tools, remediation, customer and partner expectations around OSS compliance and how to manage OSS during events such as a product release or M&A.
Analyse de la composition logicielle à l’aide d’outils open sourceOpen Source Experience
Un des principes les plus répandus dans l'ingénierie est celui de "ne pas réinventer la roue" ; il est d'autant plus important et courant dans le domaine de l'informatique. Aujourd'hui, de plus en plus de projets se trouvent avec des
dépendances Open Source, mais avec la facilité d'utiliser une librairie maintenue par toute une communauté vient aussi
la responsabilité de s'assurer que cette librairie ne contient pas de failles de sécurité connues, et qu'elle est
compatible avec le reste du projet en termes de licences. Ainsi, cela nous mène à devoir faire une analyse SCA (Software
Composition Analysis), qui consiste principalement en deux parties : la production d'une SBOM (Software Bill Of
Materials) afin de détailler l'arbre des dépendances et les informations de licences de chaque logiciel utilisé dans le
projet, et aussi la production d'un rapport de vulnérabilités de ces dépendances, afin d'avertir les utilisateurs en ce
qui concerne les CVEs publiés pour un logiciel donné.
Chez AdaCore, nous avons décidé de faire cela avec deux projets Open Source : ScanCode Toolkit et VulnerableCode. Après
avoir examiné les leaders du marché, en recherchant une solution "plug-and-play" qui nécessiterait peu de maintenance,
nous avons trouvé que les équivalents Open Source sont, dans notre cas, plus adaptés et plus flexibles.
Dans cette présentation, je partagerai les résultats de cette analyse, et j'expliquerai comment nous mettons en œuvre
ces solutions en pratique.
The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...Schlomo Schapiro
What is the role of GitOps in IT strategy? This talk gives an overview and puts GitOps into the context of current challenges in IT strategy.
Main aspects are continuous delivery, policy as code, automated governance, compliant-by-default work environments, acceptable means of compliance and a comprehensive automation of all development and operations related processes with the goal of true hands-off operations.
The result places GitOps as a major building block of any modern IT strategy. GitOps helps building essential key IT capabilities. It creates the motivation to truly “fix the basics” via sustainable solutions to enable creating higher level automation solutions. With GitOps engineers can focus much more on business value and spend less effort on boring IT topics.
https://schlomo.schapiro.org/p/publications.html
Gerrit is the review software used in the TYPO3 ecosphere.
These slides were used to introduce the participants of the workshop into the Gerrit workflow and the concept of software reviews.
Workshop at the TYPO3 Developer Days Munich, 2012
http://t3dd12.typo3.org
Open Source Licensing: Types, Strategies and ComplianceAll Things Open
Presented by: Jeff Luszcz, ZebraCatZebra
Presented at All Things Open 2020
Abstract: Open Source powers the world, but you need to do more than use it.
In this talk we will provide background on the most common types of open source licenses, business models, security issues and the processes required to help you remain secure and in compliance. We will discuss best practices, scanning tools, remediation, customer and partner expectations around OSS compliance and how to manage OSS during events such as a product release or M&A.
Analyse de la composition logicielle à l’aide d’outils open sourceOpen Source Experience
Un des principes les plus répandus dans l'ingénierie est celui de "ne pas réinventer la roue" ; il est d'autant plus important et courant dans le domaine de l'informatique. Aujourd'hui, de plus en plus de projets se trouvent avec des
dépendances Open Source, mais avec la facilité d'utiliser une librairie maintenue par toute une communauté vient aussi
la responsabilité de s'assurer que cette librairie ne contient pas de failles de sécurité connues, et qu'elle est
compatible avec le reste du projet en termes de licences. Ainsi, cela nous mène à devoir faire une analyse SCA (Software
Composition Analysis), qui consiste principalement en deux parties : la production d'une SBOM (Software Bill Of
Materials) afin de détailler l'arbre des dépendances et les informations de licences de chaque logiciel utilisé dans le
projet, et aussi la production d'un rapport de vulnérabilités de ces dépendances, afin d'avertir les utilisateurs en ce
qui concerne les CVEs publiés pour un logiciel donné.
Chez AdaCore, nous avons décidé de faire cela avec deux projets Open Source : ScanCode Toolkit et VulnerableCode. Après
avoir examiné les leaders du marché, en recherchant une solution "plug-and-play" qui nécessiterait peu de maintenance,
nous avons trouvé que les équivalents Open Source sont, dans notre cas, plus adaptés et plus flexibles.
Dans cette présentation, je partagerai les résultats de cette analyse, et j'expliquerai comment nous mettons en œuvre
ces solutions en pratique.
The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...Schlomo Schapiro
What is the role of GitOps in IT strategy? This talk gives an overview and puts GitOps into the context of current challenges in IT strategy.
Main aspects are continuous delivery, policy as code, automated governance, compliant-by-default work environments, acceptable means of compliance and a comprehensive automation of all development and operations related processes with the goal of true hands-off operations.
The result places GitOps as a major building block of any modern IT strategy. GitOps helps building essential key IT capabilities. It creates the motivation to truly “fix the basics” via sustainable solutions to enable creating higher level automation solutions. With GitOps engineers can focus much more on business value and spend less effort on boring IT topics.
https://schlomo.schapiro.org/p/publications.html
Gerrit is the review software used in the TYPO3 ecosphere.
These slides were used to introduce the participants of the workshop into the Gerrit workflow and the concept of software reviews.
Workshop at the TYPO3 Developer Days Munich, 2012
http://t3dd12.typo3.org
Guidelines for Working with Contract Developers in Evergreenloriayre
Slides from presentation on Application Development from Evergreen International Conference 2012. Jed Moffitt also participated in the presentation but he had no slides so these are just the slides from Lori Ayre's portion. Handouts included a sample Development Plan and contract (http://www.slideshare.net/loriayre/development-contract-sample)
WebRTC Live Q&A Session #4 - WebRTC in WebKit and the story around Apple and ...Amir Zmora
A live Q&A session about WebRTC in general and an update about Apple's work on WebRTC. Session included internal information from a meeting between Apple engineers and the people behind the WebRTC-in-WebKit initiative.
Session by Alex Gouailard, Dan Burnett and Amir Zmora
The “Hacktober Fest” has been announced and we would like you all to become a part of this amazing event, that celebrates open source contributions worldwide. During the entire month of October 2020, all you have to do is contribute to any open source projects and open at least 4 pull requests. You don’t need to be an expert in programming or coding to take part in this fest. Upon successfully completing 4 pull requests, you will win an amazing Hacktoberfest T-shirt and awesome stickers.
DSC UIET has organized the Hacktoberfest 2020 session to familiarize all the students of UIET with "Hacktoberfest" and how to ace it.
Attacking and defending GraphQL applications: a hands-on approachDavide Cioccia
DevSecCon Seatlle 2019 - Workshop
The workshop is meant for developers, architects and security folks. During the workshop we will learn how to setup a GraphQL project, define a schema, create Query, Mutation and Subscription for a "fake" social network. We will learn what are the main security issues to consider when developing a GraphQL application:
Introspection: information disclosure
/graphql as a single point of failure (DoS attacks)
IDOR
Broken Access control
Injections
Once we get familiar with the issues, we will explain how to avoid it and/or fix it.
Open Source Compliance at Orange, OW2online, June 2020OW2
Presentation by Nicolas Toussaint, Software Architect, Orange.
Abstract: Orange and Orange Business Services have turned to full open source solutions to tackle the complex problem of respecting the open source legal compliance constraints.
This talk presents the journey undertaken the past few years to build and improve the existing tooling and processes to make compliance validation possible, as well as allow overseeing progresses.
Slides from OpenSource101.com Talk (https://opensource101.com/sessions/wtf-is-gitops-why-should-you-care/)
If you’re interested in learning more about Cloud Native Computing or are already in the Kubernetes community you may have heard the term GitOps. It’s become a bit of a buzzword, but it’s so much more! The benefits of GitOps are real – they bring you security, reliability, velocity and more! And the project that started it all was Flux – a CNCF Incubating project developed and later donated by Weaveworks (the GitOps company who coined the term).
Pinky will share from personal experience why GitOps has been an essential part of achieving a best-in-class delivery and platform team. Pinky will give a brief overview of definitions, CNCF-based principles, and Flux’s capabilities: multi-tenancy, multi-cluster, (multi-everything!), for apps and infra, and more.
Pinky will cover a little of Flux’s microservices architecture and how the various components deliver this robust, secure, and trusted open source solution. Through the components of the Flux project, users today are enjoying compatibility with Helm, Jenkins, Terraform, Prometheus, and more as well as with cloud providers such as AWS, Azure, Google Cloud, and more.
Join us for this informative session and get all of your GitOps questions answered by an end user in the community!
Speaker: Priyanka (aka “Pinky”) is a Developer Experience Engineer at Weaveworks. She has worked on a multitude of topics including front end development, UI automation for testing and API development. Previously she was a software developer at State Farm where she was on the delivery engineering team working on GitOps enablement. She was instrumental in the multi-tenancy migration to utilize Flux for an internal Kubernetes offering. Outside of work, Priyanka enjoys hanging out with her husband and two rescue dogs as well as traveling around the globe.
Vous êtes un particulier, une organisation ou une entreprise et vous avez créé un logiciel open source très intéressant. Les utilisateurs le téléchargent, vous avez des retours, des rapports de bugs et des demandes d’ajout et de modification de code. Il est alors temps de réfléchir à la façon de faire rentrer d’autres personnes dans votre projet.
Lors de cette conférence, nous verrons quelles sont les étapes importantes pour attirer et impliquer des développeurs et des utilisateurs en balaynt depuis les fondamentaux, comme le guide de contribution ou la documentation, jusqu’aux prémices d’une gouvernance neutre.
OpenTuesday: Agile Testautomatisierung und Continuous IntegrationDigicomp Academy AG
In seinem Referat zeigte Michael Palotas von Gridfusion Software Solution auf, wie die einzelnen Komponenten Selenium / Selenium Grid, Maven, Git / GitHub und Jenkins zusammenspielen und wie durch ein solches System agile Testautomatisierung und Continuous Integration mit relativ einfachen Mitteln ermöglicht wird.
Talk on the GitLab Commit 2020: Join us to learn how we helped one of the largest financial services institutions in the world shape their cloud strategy using GitLab and Terraform. Starting on a cloud journey brings so many questions around resource provisioning & management, security, compliance, how to enable the team with easy access to definitions, and keep everyone updated. As we know, the most reliable source of truth is the code, so the use of infrastructure as code paired with an inner-source process is a solid foundation.
Can Kubernetes Keep a Secret? - Women in AppSec WebinarSoluto
We’ve all experienced it: you’re working on a task, adding some code, and then you need to store some sensitive configuration value. It could be an API key, client secret or an encryption key ― something that’s highly sensitive and must be kept secret. And this is where things get messy. Usually, secret storage is highly coupled with how the code is deployed, and different platforms have different solutions. Kubernetes has a promise to simplify this process by using the native secret object, which, as the name implies, can be used to store secrets or sensitive configurations. Unfortunately, Kubernetes secrets are fundamentally broken, and a developer who tries to use them will definitely have some issues. But no need to worry ― there are solid alternatives for storing secrets securely on Kubernetes platform. One solution is to use Kamus, an open-source, git-ops solution, that created by Soluto, for managing secrets on Kubernetes. Kamus can encrypt a secret so it can be decrypted only by your app on runtime - and not by anyone else. The first part of this session will cover the challenges faced when using Kubernetes secrets (from a usability and security point of view). The second part will discuss some of the existing solutions (Sealed Secrets, Helm Secrets and others), their pros, and cons, and then feature Kamus: how it works, what problems it solves, how it differs from other solutions, and what threats it can help mitigate (and what threats it can’t). The talk will cover all that is required to know so you can run Kamus on your own cluster and use it for secret management. Join me for this session to learn how you can build a Kubernetes cluster than can keep a secret ― for real.
Source versioning is a core activity in software development and a foundation of DevSecOps automation. With technologies such as cloud infrastructure, build tools, CI tools, the move to declarative configuration and environments, source versioning is being used for more than just application code. We will discuss some of the strategies to use with source versioning in light of DevOps and automation principles.
Better, Faster, Easier: How to Make Git Really Work in the EnterprisePerforce
There's a lot of reasons to love Git. (Git is awesome at what it does.) Let’s look at the 3 major use cases for Git in the enterprise:
1. You work with third party or outsourced development teams.
2. You use open source in your products.
3. You have different workflow needs for different teams.
Making the best of Git can be difficult in an enterprise environment. Trying to manage all the moving parts is like herding cats.
So, how do you optimize your teams’ use of Git — and make it all fit into your vision of the enterprise SDLC?
You’ll learn about:
-The challenges that accompany each use case — third parties, open source code, different workflows.
-Ways to solve these problems.
-How to make Git better, faster, and easier — with Perforce
Guidelines for Working with Contract Developers in Evergreenloriayre
Slides from presentation on Application Development from Evergreen International Conference 2012. Jed Moffitt also participated in the presentation but he had no slides so these are just the slides from Lori Ayre's portion. Handouts included a sample Development Plan and contract (http://www.slideshare.net/loriayre/development-contract-sample)
WebRTC Live Q&A Session #4 - WebRTC in WebKit and the story around Apple and ...Amir Zmora
A live Q&A session about WebRTC in general and an update about Apple's work on WebRTC. Session included internal information from a meeting between Apple engineers and the people behind the WebRTC-in-WebKit initiative.
Session by Alex Gouailard, Dan Burnett and Amir Zmora
The “Hacktober Fest” has been announced and we would like you all to become a part of this amazing event, that celebrates open source contributions worldwide. During the entire month of October 2020, all you have to do is contribute to any open source projects and open at least 4 pull requests. You don’t need to be an expert in programming or coding to take part in this fest. Upon successfully completing 4 pull requests, you will win an amazing Hacktoberfest T-shirt and awesome stickers.
DSC UIET has organized the Hacktoberfest 2020 session to familiarize all the students of UIET with "Hacktoberfest" and how to ace it.
Attacking and defending GraphQL applications: a hands-on approachDavide Cioccia
DevSecCon Seatlle 2019 - Workshop
The workshop is meant for developers, architects and security folks. During the workshop we will learn how to setup a GraphQL project, define a schema, create Query, Mutation and Subscription for a "fake" social network. We will learn what are the main security issues to consider when developing a GraphQL application:
Introspection: information disclosure
/graphql as a single point of failure (DoS attacks)
IDOR
Broken Access control
Injections
Once we get familiar with the issues, we will explain how to avoid it and/or fix it.
Open Source Compliance at Orange, OW2online, June 2020OW2
Presentation by Nicolas Toussaint, Software Architect, Orange.
Abstract: Orange and Orange Business Services have turned to full open source solutions to tackle the complex problem of respecting the open source legal compliance constraints.
This talk presents the journey undertaken the past few years to build and improve the existing tooling and processes to make compliance validation possible, as well as allow overseeing progresses.
Slides from OpenSource101.com Talk (https://opensource101.com/sessions/wtf-is-gitops-why-should-you-care/)
If you’re interested in learning more about Cloud Native Computing or are already in the Kubernetes community you may have heard the term GitOps. It’s become a bit of a buzzword, but it’s so much more! The benefits of GitOps are real – they bring you security, reliability, velocity and more! And the project that started it all was Flux – a CNCF Incubating project developed and later donated by Weaveworks (the GitOps company who coined the term).
Pinky will share from personal experience why GitOps has been an essential part of achieving a best-in-class delivery and platform team. Pinky will give a brief overview of definitions, CNCF-based principles, and Flux’s capabilities: multi-tenancy, multi-cluster, (multi-everything!), for apps and infra, and more.
Pinky will cover a little of Flux’s microservices architecture and how the various components deliver this robust, secure, and trusted open source solution. Through the components of the Flux project, users today are enjoying compatibility with Helm, Jenkins, Terraform, Prometheus, and more as well as with cloud providers such as AWS, Azure, Google Cloud, and more.
Join us for this informative session and get all of your GitOps questions answered by an end user in the community!
Speaker: Priyanka (aka “Pinky”) is a Developer Experience Engineer at Weaveworks. She has worked on a multitude of topics including front end development, UI automation for testing and API development. Previously she was a software developer at State Farm where she was on the delivery engineering team working on GitOps enablement. She was instrumental in the multi-tenancy migration to utilize Flux for an internal Kubernetes offering. Outside of work, Priyanka enjoys hanging out with her husband and two rescue dogs as well as traveling around the globe.
Vous êtes un particulier, une organisation ou une entreprise et vous avez créé un logiciel open source très intéressant. Les utilisateurs le téléchargent, vous avez des retours, des rapports de bugs et des demandes d’ajout et de modification de code. Il est alors temps de réfléchir à la façon de faire rentrer d’autres personnes dans votre projet.
Lors de cette conférence, nous verrons quelles sont les étapes importantes pour attirer et impliquer des développeurs et des utilisateurs en balaynt depuis les fondamentaux, comme le guide de contribution ou la documentation, jusqu’aux prémices d’une gouvernance neutre.
OpenTuesday: Agile Testautomatisierung und Continuous IntegrationDigicomp Academy AG
In seinem Referat zeigte Michael Palotas von Gridfusion Software Solution auf, wie die einzelnen Komponenten Selenium / Selenium Grid, Maven, Git / GitHub und Jenkins zusammenspielen und wie durch ein solches System agile Testautomatisierung und Continuous Integration mit relativ einfachen Mitteln ermöglicht wird.
Talk on the GitLab Commit 2020: Join us to learn how we helped one of the largest financial services institutions in the world shape their cloud strategy using GitLab and Terraform. Starting on a cloud journey brings so many questions around resource provisioning & management, security, compliance, how to enable the team with easy access to definitions, and keep everyone updated. As we know, the most reliable source of truth is the code, so the use of infrastructure as code paired with an inner-source process is a solid foundation.
Can Kubernetes Keep a Secret? - Women in AppSec WebinarSoluto
We’ve all experienced it: you’re working on a task, adding some code, and then you need to store some sensitive configuration value. It could be an API key, client secret or an encryption key ― something that’s highly sensitive and must be kept secret. And this is where things get messy. Usually, secret storage is highly coupled with how the code is deployed, and different platforms have different solutions. Kubernetes has a promise to simplify this process by using the native secret object, which, as the name implies, can be used to store secrets or sensitive configurations. Unfortunately, Kubernetes secrets are fundamentally broken, and a developer who tries to use them will definitely have some issues. But no need to worry ― there are solid alternatives for storing secrets securely on Kubernetes platform. One solution is to use Kamus, an open-source, git-ops solution, that created by Soluto, for managing secrets on Kubernetes. Kamus can encrypt a secret so it can be decrypted only by your app on runtime - and not by anyone else. The first part of this session will cover the challenges faced when using Kubernetes secrets (from a usability and security point of view). The second part will discuss some of the existing solutions (Sealed Secrets, Helm Secrets and others), their pros, and cons, and then feature Kamus: how it works, what problems it solves, how it differs from other solutions, and what threats it can help mitigate (and what threats it can’t). The talk will cover all that is required to know so you can run Kamus on your own cluster and use it for secret management. Join me for this session to learn how you can build a Kubernetes cluster than can keep a secret ― for real.
Source versioning is a core activity in software development and a foundation of DevSecOps automation. With technologies such as cloud infrastructure, build tools, CI tools, the move to declarative configuration and environments, source versioning is being used for more than just application code. We will discuss some of the strategies to use with source versioning in light of DevOps and automation principles.
Better, Faster, Easier: How to Make Git Really Work in the EnterprisePerforce
There's a lot of reasons to love Git. (Git is awesome at what it does.) Let’s look at the 3 major use cases for Git in the enterprise:
1. You work with third party or outsourced development teams.
2. You use open source in your products.
3. You have different workflow needs for different teams.
Making the best of Git can be difficult in an enterprise environment. Trying to manage all the moving parts is like herding cats.
So, how do you optimize your teams’ use of Git — and make it all fit into your vision of the enterprise SDLC?
You’ll learn about:
-The challenges that accompany each use case — third parties, open source code, different workflows.
-Ways to solve these problems.
-How to make Git better, faster, and easier — with Perforce
Microsoft Skills Bootcamp - The power of GitHub and AzureDavide Benvegnù
In this session, part of the Microsoft Skills Bootcamp, I go through Digital Transformation in the DevOps era, and how to use Azure DevOps and GitHub together to achieve that.
Download Deck to know more about Lyra Infosystems and how we can help you with GitLab Customizations, Support, Integrations, tiered plans and with respect to licensing. Mail us at gitlab@lyrainfo.com to know more.
Webinar: Capabilities, Confidence and Community – What Flux GA Means for YouWeaveworks
Flux, the original GitOps project, began its development in a small London office back in 2017 with the goal to bring continuous delivery (CD) to developers, platform and cluster operators working with Kubernetes. From donating the project to the CNCF, its continued growth within the cloud native community, to its achievement of passing rigorous battle tests for security, longevity and governance, it’s little wonder that Flux v2 has reached yet another celebratory milestone – General Availability (GA).
Flux is the GitOps platform of choice for many enterprise companies such as SAP, Volvo Cars, and Axel Springer; and is embedded within AKS, Azure Arc and EKS Anywhere. It provides extensive automation to CI/CD, security and audit trails, and reliability through canary deployments and rollback capabilities.
Join this webinar by Flux maintainers and creators and discover:
* Latest release features and roadmap for the future.
* Interesting use cases for Flux (e.g security).
* Flux capabilities you may not be aware of (e.g. extensions).
* Joining the vibrant Flux community.
* How to leverage Flux in a supported enterprise environment today.
Introducing GitSwarm: Pure Git with Globally Scalable DevOpsPerforce
Developers want the productivity of distributed version control like Git. DevOps benefit from a scalable mainline repository. With our new Helix GitSwarm you no longer need to choose between the two.
In this presentation, you will see:
- The challenges of using Git at enterprise scale
- The conflicting requirements of developers and DevOps
- A demonstration of Helix GitSwarm in action
Choreo: Empowering the Future of Enterprise Software EngineeringWSO2
Key topics covered:
- Real-world examples of Choreo's comprehensive coverage from application design and deployment, security, scaling, and monitoring
- Running different types of workloads, such as web applications, APIs, microservices, integrations, and tasks at scale, and wire them together to deliver seamless omnichannel digital experiences
- How Choreo improves the developer experience by eliminating repetition, silos, and redundancy through enhanced discoverability and self-serviceability
Continuous Integration (CI) is frequently implemented as a dev process and not tied to the rest of the software development life cycle. Resulting in shadow IT, silo’d processes and information, and ultimately a lack of real time visibility across all stakeholders. And even greater implications such as risk of IP loss due to lack of corporate governance controls (e.g., RBAC, security and traceability). Watch this webinar to learn how to scale CI as-as-service using Jenkins across an enterprise. As teams self-select their CI tools, using TeamForge would allow individuals across your enterprise to rapidly access CI tools of their choosing, while central IT maintains full visibility and control with minimal effort. In this webinar, we also present a case study for establishing an organization-wide build ecosystem at a global financial services company.
• GitHub is known for providing continuous integration and forming a part of an essential tool category for DevOps. If you require knowledge and working of GitHub, you can do so with the help of GitHub job support. It’s an excellent platform for code sharing. Wherein all stakeholders get a chance to come together to facilitate project management. With millions of repositories to its credit, it has become one of the formidable source code hosts in the DevOps universe.
• When developing a large project or a small application, you may run into difficulty when using GitHub. That’s when you will find that GSAI can provide GitHub online job support, which can be a gamechanger for your project to move ahead and be a success.
GitHub Online Training & GitHub Corporate training:
• We offer a wide range of IT technologies training. Over the past 8 years we have been providing IT training to our clients, customers across the globe. We provide individual online training, In house / classroom training at client premises, and goal oriented customized training programs. However, we further offer GitHub Training as per your needs in either installation & Git configuration, Maven Lifecycle, Jenkins’s installation, Ansible architecture, Docker architecture, cloud service models, AZURE., AWS, Python operators etc.
A Peek Behind the Curtain: Managing the Kubernetes Contributor CommunityBob Killen
The Kubernetes community is a vibrant beacon in open source. It takes a village to enable a city of contributors doing what they do best. There are a lot of fun stories and lessons to be shared from helping out the community. One lesson is taken straight from the Kubernetes project itself: declarative config management. Most aspects of the community are managed using declarative configs. Adding a new SIG, GitHub org member, and even Slack channel, involves updating and PRing a change into one of the many Kubernetes repos. Adopting this methodology provides the community the means to self-manage itself. Join us as we journey through the many bits of community automation and weigh the merits of automating every aspect of our community.
SCALE 18x 2020
- What are Internal Developer Portal (IDP) and Platform Engineering?
- What is Backstage?
- How Backstage can help dev to build developer portal to make their job easier
Jirayut Nimsaeng
Founder & CEO
Opsta (Thailand) Co., Ltd.
Youtube Record: https://youtu.be/u_nLbgWDwsA?t=850
Dev Mountain Tech Festival @ Chiang Mai
November 12, 2022
Efficient platform engineering with Microk8s & gopaddle.pdfVinothini Raju
DevOps has evolved over these years and has presented us with a new set of challenges. We have more tools and complexity. This presentation will walk you thought -
* How we tackle the explosion of tools and complexity and add more value to business
* How platforms can help
* What challenge we face when we build a platform from scratch
* How a joint solution from Canonical MicroK8s and gopaddle can help.
Open up your platform with Open Source and GitHubScott Graham
Use GitHub & open source to get your users involved in projects within your company. This presentation give a quick run down of what you need to know to get started.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
3. a network of organizations
TECHNOLOGY
CREDIT
PLATFORM
REAL ESTATE
PLATFORM
INSURANCE
PLATFORM
Digitalisation of the
credit, real estate
and insurance
industries
5. in numbers
>200
employees
662
partners on the
platform
53.5
bill euro
real estate financing
transaction volume
in 2019
3.5
bill euro
credit
transaction volume
in 2019
housing-saving
transaction volume
in 2019
11.0
bill euro
16. challenge or
opportunity
idea
solution in
one team
feedback
share with
community
of practice
adoption by
other teams
recommendation
in documentation
or principle
upstream
sharing
(public)
improvement
of solution
21. ● Use “WIP” labels or draft-pull requests
● Author of pull-request should merge
● Expectation management for reviews
● Pull-request templates are often ignored
● Source code in the cloud has no legal
constraints unless it contains user data
● Continuous integration before merge
#1 Private repository on GitHub
22. ● High entry barrier for other teams
● Does not scale well: How to organize
repositories
● Unknown GitHub accounts as members
● How to collaborate between teams
● Integration with existing development
infrastructure
#1 Private repository on GitHub
30. GitHub as a product
#3 Support channel in Slack
31. ● Support is good, documentation is better
● Documentation is good, trainings are
better
● It’s good to have a FAQ for repeating
issues
● Internal tools are also products
#3 Support channel in Slack
32. ● Documentation for GitHub@Europace
● Git-/GitHub-Trainings
● FAQ on GitHub@Europace
#3 Support channel in Slack
33.
34. Management of many
repositories is still
cumbersome
Rules of play for GitHub
organization reduce
team autonomy
#4 GitHub org for one product
36. ● Easier separation of repositories
● More autonomy for team around product
#4 GitHub org for one product
37. ● Less transparency due to limited access
(only team)
● Extra costs for every organization and
additional seats for people of other teams
#4 GitHub org for one product
38.
39. Less transparency due
to limited access (only
team)
Extra costs for every
organization
#5 GitHub org per subsidiary or product
41. ● Enforce SSO and 2FA from beginning
● Use units which last longer, i.e. subsidiaries
or products
#5 GitHub org per subsidiary or product
42. ● No enterprise search, search does not find
internal repositories if not member
● CI/CD integration
● GitHub Registry and Actions
● No migration path to Enterprise SSO
● Azure AD supports only max. number of
orgs per SAML connector
#5 GitHub org per subsidiary or product
46. ● Integrating cloud and on-premise
infrastructure is not easy
● Personal access tokens have a too broad
scope to be used for CI/CD
● Integrate security team early
● If you only need an RSA key and an access
token, don’t ask for whole ActiveDirectory
account
#6 CI/CD with technical user per purpose
47. ● Use similar process for integrating other
cloud services with on-premise
infrastructure
#6 CI/CD with technical user per purpose
48.
49. Who should be
contacted for
contributions or other
questions regarding one
project?
#7 Trusted committer for InnerSource documentation
51. ● Every project needs at least 2 or 3 active
code owners in order to ensure proper
maintenance of the code
● CODEOWNERS file in GitHub repositories
● Accountabilities of a trusted committer or
code owner should be identical for all
teams
#7 Trusted committer for InnerSource documentation
52. ● Questions on non-technical topics need
to be answered outside of issues and
pull-requests, because many
non-developers don’t use GitHub
#7 Trusted committer for InnerSource documentation
53.
54. How to agree on
standard technologies
between autonomous
teams?
#8 Open decision process for standards
56. ● Use IETF RFC 2119 (MUST, SHOULD, MAY etc.)
for defining compliance level of
technology standards
● GitHub flow for reviewing and applying
standards
● Standard committee defined in
CODEOWNERS file
#8 Open decision process for standards