How can modern DevOps practices accelerate your software delivery without affecting the quality of the software? Learn how automation, continuous testing, and supply management techniques can improve software quality and speed of delivery. Get valuable insights from world-class domain experts at InfoQ Live on July 20th.
Here’s what former InfoQ live attendee Ognyan Dimitrov thought about the event:
The topics and the way they are presented by people with current experience really improves my visibility in the field. The answers from the presenters during the Q&A reveal details that otherwise will be learned the hard way by my own mistakes.
InfoQ Live July Sessions Spotlight
Attend InfoQ Live in order to turn advice from world-class software professionals into action items that you and your team can implement immediately.
Piranha: Reducing Feature Flag Debt @Uber by Murali Krishna Ramanathan, Staff Software Engineer @Uber
Feature flags are commonly used in the software development process as they provide flexibility with regard to gradual rollout of features, enable A/B testing, and provide the ability to toggle features on production instances. An often overlooked part of this development model is the introduction of tech debt due to stale feature flags.
The presence of code due to stale flags can adversely affect application reliability and increase software development costs. At Uber, reducing this debt without imposing significant additional overheads on the developers necessitated the design of novel tools and automated workflows.
In this talk, I will describe my experiences with building and deploying Piranha, an automated code refactoring tool to delete code corresponding to stale feature flags. The Piranha workflow has been used continuously at Uber since early 2018 to help delete more than 4K stale flags (> 200KLoC) across Java, ObjectiveC, and Swift code. It has also inspired open source contributions in the form of extensions to JavaScript and Go.
Murali Krishna Ramanathan, Staff Software Engineer @Uber
Software Supply Chains for DevOps by Aysylu Greenberg, Tech Lead of GCP Container Analysis @Google
Several recent high-profile security incidents were due to compromised software supply chains. The “software supply chain” is a collective term used to describe the stages of software lifecycle, from source to deployment via CI/CD pipelines, and all of the static and dynamic analyses conducted in between. In the world of microservices and cloud computing, trust in your company’s supply chain is critical, as most of the tooling and dependencies are from open source and third-party vendor projects.
When the code hits production, it’s essential to have enough observability to detect and investigate the problem and get to the root cause and mitigation as quickly as possible. With software supply chain attacks, not only is the newly deployed code under suspicion, but also all the tooling used to produce it becomes a potential attack vector, so an efficient and effective way to verify the integrity of the supply chain is paramount.
This talk will discuss what information needs to be collected to allow DevOps engineers to: inspect and verify the integrity of the supply chain, understand the challenges of having the right level of detail to reduce mean-time-to-detection and mean-time-to-understanding, and explore some of the existing solutions and open problems in this space.
Aysylu Greenberg, Tech Lead of GCP Container Analysis @Google
Register for InfoQ Live on July 20th for just $19.95* and get exclusive access to all talks on-demand after the event so you can revisit any of the sessions or watch any of the talks you missed.
*We are donating 100% of net revenue tickets (minus taxes, credit card fees, and processing fees) for this event to organizations working towards diversity, equity, and inclusion in the technology industry.