Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Accelerate DevOps with GitHub
  • Toc
  • feedback
Accelerate DevOps with GitHub

Accelerate DevOps with GitHub

By : Michael Kaufmann
5 (11)
close
Accelerate DevOps with GitHub

Accelerate DevOps with GitHub

5 (11)
By: Michael Kaufmann

Overview of this book

This practical guide to DevOps uses GitHub as the DevOps platform and shows how you can leverage the power of GitHub for collaboration, lean management, and secure and fast software delivery. The chapters provide simple solutions to common problems, thereby helping teams that are already on their DevOps journey to further advance into DevOps and speed up their software delivery performance. From finding the right metrics to measure your success to learning from other teams’ success stories without merely copying what they’ve done, this book has it all in one place. As you advance, you’ll find out how you can leverage the power of GitHub to accelerate your value delivery – by making work visible with GitHub Projects, measuring the right metrics with GitHub Insights, using solid and proven engineering practices with GitHub Actions and Advanced Security, and moving to event-based and loosely coupled software architecture. By the end of this GitHub book, you'll have understood what factors influence software delivery performance and how you can measure your capabilities, thus realizing where you stand in your journey and how you can move forward.
Table of Contents (31 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Share Your Thoughts
1
Part 1: Lean Management and Collaboration
Part 1: Lean Management and Collaboration
Free Chapter
2
Chapter 1: Metrics That Matter
Chapter 1: Metrics That Matter
Why accelerate?
Engineering velocity
High-performance companies
Measuring metrics that matter
The SPACE framework for developer productivity
Objectives and key results
Summary
Case study
Further reading
3
Chapter 2: Plan, Track, and Visualize Your Work
Chapter 2: Plan, Track, and Visualize Your Work
Work is work
Unplanned work and rework
Visualizing your work
Limiting WIP
GitHub issues, labels, and milestones
GitHub Projects
Third-party integration
Case study
Summary
Further readings and references
4
Chapter 3: Teamwork and Collaborative Development
Chapter 3: Teamwork and Collaborative Development
Software development is a team sport
The heart of collaboration – the pull request
Hands-on – Creating a pull request
Proposing changes
Pull request reviews
Best practices for code reviews
Summary
Further readings and references
5
Chapter 4: Asynchronous Work: Collaborate from Anywhere
Chapter 4: Asynchronous Work: Collaborate from Anywhere
Comparing synchronous and asynchronous work
Distributed teams
Cross-team collaboration
Shift to asynchronous workflows
Teams and Slack integration
GitHub Discussions
Pages and wikis
Working from everywhere with GitHub Mobile
Case study
Summary
Further readings and references
6
Chapter 5: The Influence of Open and Inner Source on Software Delivery Performance
Chapter 5: The Influence of Open and Inner Source on Software Delivery Performance
History of free and open source software
The difference between open source and open development
Benefits of embracing open source for companies
Implementing an open source strategy
Open and inner source
The importance of insourcing
GitHub Sponsors
Summary
Further reading and references
7
Part 2: Engineering DevOps Practices
Part 2: Engineering DevOps Practices
8
Chapter 6: Automation with GitHub Actions
Chapter 6: Automation with GitHub Actions
Overview of GitHub Actions
Workflows, pipelines, and actions
YAML basics
The workflow syntax
Working with secrets
Hands-on – your first workflow
Hands-on – your first action
The GitHub marketplace
Summary
Further reading
9
Chapter 7: Running Your Workflows
Chapter 7: Running Your Workflows
Hosted runners
Self-hosted runners
Managing access with runner groups
Using labels
Scaling your self-hosted runners
Monitoring and troubleshooting
Case study
Summary
Further reading
10
Chapter 8: Managing Dependencies Using GitHub Packages
Chapter 8: Managing Dependencies Using GitHub Packages
GitHub Packages
Using npm packages with Actions
Using Docker with Packages
Apache Maven, Gradle, NuGet, and RubyGems packages
Summary
Further reading
11
Chapter 9: Deploying to Any Platform
Chapter 9: Deploying to Any Platform
Staged deployments
Automating your deployments
How to deploy to Azure App Service
How to deploy to AWS ECS
How to deploy to GKE
Infrastructure as code
Measuring success
Case study
Summary
Further reading
12
Chapter 10: Feature Flags and the Feature Lifecycle
Chapter 10: Feature Flags and the Feature Lifecycle
What are Feature Flags?
The lifecycle of features
The benefits of Feature Flags
Getting started with Feature Flags
Feature Flags and technical debt
Frameworks and products
Experimentation with Feature Flags
Summary
Further reading
13
Chapter 11: Trunk-Based Development
Chapter 11: Trunk-Based Development
Trunk-based development
Why you should avoid complex branching
Other git workflows
Accelerating with MyFlow
Case study
Summary
Further reading
14
Part 3: Release with Confidence
Part 3: Release with Confidence
15
Chapter 12: Shift Left Testing for Increased Quality
Chapter 12: Shift Left Testing for Increased Quality
Shift left testing with test automation
Eradicating flaky tests
Code coverage
Shift right – testing in production
Fault injection and chaos engineering
Tests and compliance
Test management in GitHub
Case study
Summary
Further reading
16
Chapter 13: Shift-Left Security and DevSecOps
Chapter 13: Shift-Left Security and DevSecOps
Shift-left security
Assume-breach, zero-trust, and security-first mindset
Attack simulations
Red team-blue team exercises
Attack scenarios
GitHub Codespaces
Summary
Further reading
17
Chapter 14: Securing Your Code
Chapter 14: Securing Your Code
Dependency management and Dependabot
Secret scanning
Code scanning
Writing your own CodeQL queries
Summary
Further reading
18
Chapter 15: Securing Your Deployments
chevron up
Chapter 15: Securing Your Deployments
Container and infrastructure security scanning
Automate the infrastructure change process
Source code and infrastructure integrity
Dynamic application security testing
Security hardening your release pipeline
Case study
Summary
Further reading
19
Part 4: Software Architecture
Part 4: Software Architecture
20
Chapter 16: Loosely Coupled Architecture and Microservices
Chapter 16: Loosely Coupled Architecture and Microservices
Loosely coupled systems
Microservices
Evolutionary design
Event-driven architecture
Summary
Further reading
21
Chapter 17: Empower Your Teams
Chapter 17: Empower Your Teams
Conway's law
The two-pizza team
Inverse Conway Maneuver
Delivery cadence
A mono- or multi-repo strategy
Case study
Summary
Further reading
22
Part 5: Lean Product Management
Part 5: Lean Product Management
23
Chapter 18: Lean Product Development and Lean Startup
Chapter 18: Lean Product Development and Lean Startup
Lean product development
Incorporating customer feedback
The MVP
Enterprise portfolio management
Improving your product management skills
Business Model Canvas
Summary
Further reading
24
Chapter 19: Experimentation and A|B Testing
Chapter 19: Experimentation and A|B Testing
Conducting experiments with the scientific method
Effective A|B testing with GrowthBook and Flagger
Experimentation and OKR
Summary
Further reading
25
Part 6: GitHub for your Enterprise
Part 6: GitHub for your Enterprise
26
Chapter 20: GitHub – The Home for All Developers
Chapter 20: GitHub – The Home for All Developers
Hosting options and pricing
Hands-on – create your account on GitHub.com
Enterprise security
GitHub Learning Lab
Summary
Further reading
27
Chapter 21: Migrating to GitHub
Chapter 21: Migrating to GitHub
Picking the right migration strategy
Achieving compliance with low-fidelity migrations
Synchronizing requirements for a smooth transition
Migrating your code
Migrating from Azure DevOps or GitHub
Migrating your pipelines
Summary
Further reading
28
Chapter 22: Organizing Your Teams
Chapter 22: Organizing Your Teams
GitHub scopes and namespaces
Structuring GitHub teams
Role-based access
Custom roles
Outside collaborators
Summary
Further reading
29
Chapter 23: Transform Your Enterprise
Chapter 23: Transform Your Enterprise
Why many transformations fail
Starting with WHY?
Data-driven transformation
Summary
Further reading
Why subscribe?
30
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

Security hardening your release pipeline

CI/CD pipelines are complex and have a big surface to attack. Basically, release pipelines are remote code execution environments and should be treated like this with caution (see Haymore A., Smart I., Gazdag V., Natesan D., & Fernick J., 2022 for some attack examples).

Model your pipelines with caution and follow best practices, especially when you are building highly customized ones. It's better to ask for external help than to be sorry if it is too late.

Secure your runners

If you use GitHub-hosted runners, it's their job to keep them safe. The runners are ephemeral, and every execution starts in a clean state. But you execute code that can access your resources in GitHub, including secrets. Make sure to security-harden your GitHub Actions (see the Secure your Actions section) and limit permissions for GitHub_TOKEN (workflows should run with the least-possible privileges).

Self-hosted runners run in your environment...

End of Section 6
Next Section
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete