Take your DevOps and DevSecOps game to the next level by leveraging the power of the GitHub toolset in practice
Key Features
• Release software faster and with confidence
• Increase your productivity by spending more time on software delivery and less on fixing bugs and administrative tasks
• Deliver high-quality software that is more stable, scalable, and secure
Book Description
This practical guide to DevOps uses GitHub as the DevOps platform and shows how you can leverage the power of GitHub for collaboration, lean management, and secure and fast software delivery.
The chapters provide simple solutions to common problems, thereby helping teams that are already on their DevOps journey to further advance into DevOps and speed up their software delivery performance. From finding the right metrics to measure your success to learning from other teams' success stories without merely copying what they've done, this book has it all in one place. As you advance, you'll find out how you can leverage the power of GitHub to accelerate your value delivery – by making work visible with GitHub Projects, measuring the right metrics with GitHub Insights, using solid and proven engineering practices with GitHub Actions and Advanced Security, and moving to event-based and loosely coupled software architecture.
By the end of this GitHub book, you'll have understood what factors influence software delivery performance and how you can measure your capabilities, thus realizing where you stand in your journey and how you can move forward.
What you will learn
• Effectively measure software delivery performance
• Adopt DevOps and lean management techniques in your teams
• Plan, track, and visualize your work using GitHub Issues and Projects
• Use continuous delivery with GitHub Actions and Packages
• Scale quality through testing in production and chaos engineering
• "Shift left" security and secure your entire software supply chain
• Use DevSecOps practices with GitHub Advanced Security
• Secure your code with code scanning, secret scanning, and Dependabot
Who this book is for
This book is for developers, solutions architects, DevOps engineers, and SREs, as well as for engineering or product managers who want to enhance their software delivery performance. Whether you're new to DevOps, already have experience with GitHub Enterprise, or come from a platform such as Azure DevOps, Team Foundation Server, GitLab, Bitbucket, Puppet, Chef, or Jenkins but struggle to achieve maximum performance, you'll find this book beneficial.
Author(s): Michael Kaufmann
Edition: 1
Publisher: Packt Publishing
Year: 2022
Language: English
Commentary: Vector PDF
Pages: 540
City: Birmingham, UK
Tags: DevOps; Amazon Web Services; Microsoft Azure; Security; Monitoring; Microservices; Pipelines; Docker; Deployment; Troubleshooting; GitHub; Product Management; YAML; Software Architecture; Test Automation; Team Management; Collaboration; Event-Driven Architecture; Teamwork; Gradle; A/B Testing; Workflows; GitHub Actions; FOSS; DevSecOps; Maven; Metrics; Dependency Management; GitHub Pages; OKR
Cover
Title
Copyright and Credits
Foreword
Table of Contents
Part 1: Lean Management and Collaboration
Chapter 1: Metrics That Matter
Why accelerate?
Engineering velocity
Measuring velocity with effort
Toxic estimates
The correct way to estimate high-level initiatives
From developer to engineering velocity
High-performance companies
The Developer Velocity Index
The state of DevOps
Measuring metrics that matter
DLT
DF
MTTR
CFR
The Four Keys dashboard
What you shouldn't do
The SPACE framework for developer productivity
Satisfaction and well-being
Performance
Activity
Communication and collaboration
Efficiency and flow
How to use the SPACE framework
OKRs
What are OKRs?
How do OKRs work?
OKRs and DevOps
Summary
Case study
Further reading
Chapter 2: Plan, Track, and Visualize Your Work
Work is work
Unplanned work and rework
Visualizing your work
Establish pull
Prioritize
Keep it simple!
Limiting WIP
Set WIP limits
Reduce batch size
Reduce hand-offs
GitHub issues, labels, and milestones
Creating a new issue
Collaborating on issues
The issue backlog
Milestones
Pinning issues
Issue templates
GitHub Projects
Get started
Adding work items to projects
Adding metadata to your work
Working with table views
Working with the board view
Working with views
Workflows
Insights
Managing access
Third-party integration
Jira
Azure Boards
Case study
Summary
Further readings and references
Chapter 3: Teamwork and Collaborative Development
Software development is a team sport
The heart of collaboration – the pull request
Hands-on – Creating a pull request
Proposing changes
Draft pull requests
Code owners
Required reviews
Requesting a pull request review
Auto-merge
Pull request reviews
Reviewing proposed changes in a pull request
Marking files as viewed
Hands-on – Making suggestions
Incorporating feedback into your pull request
Submitting a review
Finishing your pull request
Best practices for code reviews
Teach Git
Link pull request to issue
Use draft pull requests
Have a minimum number of two approvers
Do peer reviews
Automate review steps
Deploy and test changes
Review guidelines/code of conduct
Summary
Further readings and references
Chapter 4: Asynchronous Work: Collaborate from Anywhere
Comparing synchronous and asynchronous work
The history of communication
Work and communication
In-person and remote work
Distributed teams
Cross-team collaboration
Shift to asynchronous workflows
Teams and Slack integration
GitHub Discussions
Getting started with Discussions
Discussion categories
Starting a discussion
Participating in a discussion
Pages and wikis
GitHub Pages
Wikis
Working from everywhere with GitHub Mobile
Case study
Summary
Further readings and references
Chapter 1: The5 Influence of Open and Inner Source on Software Delivery Performance
History of free and open source software
Public domain software
Free software
Open source software
The rise of open source software
The difference between open source and open development
Benefits of embracing open source for companies
Deliver faster with open source software
Build better products by engaging the community
Use tools with a lower risk of obsolescence
Attract talent
Influence emerging technologies and standards
Improve your process by learning from open source projects
Implementing an open source strategy
Open and inner source
The importance of insourcing
GitHub Sponsors
Sponsor tiers
Sponsorship goals
Summary
Further reading and references
Part 2: Engineering DevOps Practices
Chapter 6: Automation with GitHub Actions
Overview of GitHub Actions
Workflows, pipelines, and actions
YAML basics
Comments
Scalar types
Collection types
The workflow syntax
Workflow triggers
Workflow jobs
Workflow steps
Context and expression syntax
Workflow commands
Working with secrets
Storing your secrets
Accessing your secrets
The GITHUB_TOKEN secret
Hands-on – your first workflow
Hands-on – your first action
The GitHub marketplace
Summary
Further reading
Chapter 7: Running Your Workflows
Hosted runners
Isolation and privileges
Hardware
Software
Networks
Pricing
Self-hosted runners
The runner software
Communication between the runner and GitHub
Using self-hosted runners behind a proxy server
Adding self-hosted runners to GitHub
Removing self-hosted runners
Managing access with runner groups
Using labels
Scaling your self-hosted runners
Ephemeral runners
Scaling up and down with GitHub webhooks
Existing solutions
Monitoring and troubleshooting
Checking the status of the runners
Reviewing the application log files
Reviewing the job log files
Checking the service status
Monitoring the runner update process
Case study
Summary
Further reading
Chapter 8: Managing Dependencies Using GitHub Packages
GitHub Packages
Pricing
Permissions and visibility
Using npm packages with Actions
Using Docker with Packages
Apache Maven, Gradle, NuGet, and RubyGems packages
Java with Apache Maven
Gradle
RubyGems
NuGet
Summary
Further reading
Chapter 9: Deploying to Any Platform
Staged deployments
Automating your deployments
How to deploy to Azure App Service
Deployment of Azure resources
Deploying the application with GitHub Actions
How to deploy to AWS ECS
Deployment of AWS resources
Deploying the container with GitHub Actions
How to deploy to GKE
Deployment of Google resources
Deploying the container with GitHub Actions
IaC
Tools
Best practices
Strategies
Workflow templates
Reusable workflows
Measuring success
Case study
Summary
Further reading
Chapter 10: Feature Flags and the Feature Lifecycle
What are Feature Flags?
The lifecycle of features
The benefits of Feature Flags
Getting started with Feature Flags
Feature Flags and technical debt
Frameworks and products
Experimentation with Feature Flags
Summary
Further reading
Chapter 11: Trunk-Based Development
Trunk-based development
Why you should avoid complex branching
Other git workflows
Gitflow
GitHub flow
Release flow
GitLab flow
Accelerating with MyFlow
The main branch
Private topic branches
Releasing
Hotfix
Automation
Case study
Summary
Further reading
Part 3: Release with Confidence
Chapter 12: Shift Left Testing for Increased Quality
Shift left testing with test automation
Test-driven development
Managing your test portfolio
Eradicating flaky tests
Code coverage
Shift right – testing in production
Health data and monitoring
Feature flags and canary releases
Business continuity and disaster recovery
Exploratory testing and usability testing
Fault injection and chaos engineering
Tests and compliance
Test management in GitHub
Case study
Summary
Further reading
Chapter 13: Shift-Left Security and DevSecOps
Shift-left security
Assume-breach, zero-trust, and security-first mindset
Attack simulations
Red team-blue team exercises
Team constellation
Rules of the game
Where to start
Attack scenarios
GitHub Codespaces
Summary
Further reading
Chapter 14: Securing Your Code
Dependency management and Dependabot
Exploring your dependencies
Dependabot
Automate Dependabot updates with GitHub Actions
Use Dependabot to keep your GitHub actions up to date
Secret scanning
Code scanning
Code scanning in GitHub
Running your code scans
Getting started
Code scanning alerts
Pull request integration
Code scanning configuration
Writing your own CodeQL queries
Summary
Further reading
Chapter 15: Securing Your Deployments
Container and infrastructure security scanning
Container scanning
Infrastructure policies
Automate the infrastructure change process
Source code and infrastructure integrity
The SBOM
Signing your commits
Signing your code
Dynamic application security testing
Security hardening your release pipeline
Secure your runners
Secure your Actions
Secure your environments
Use tokens when possible
Collect security telemetry
Case study
Summary
Further reading
Part 4: Software Architecture
Chapter 16: Loosely Coupled Architecture and Microservices
Loosely coupled systems
Microservices
Evolutionary design
Event-driven architecture
Summary
Further reading
Chapter 17: Empower Your Teams
Conway's law
The two-pizza team
Inverse Conway Maneuver
Delivery cadence
A mono- or multi-repo strategy
Working with large mono repositories
Organizing your repos with topics and star lists
Using Git submodules to structure your code
What's the right strategy?
Case study
Summary
Further reading
Part 5: Lean Product Management
Chapter 18: Lean Product Development and Lean Startup
Lean product development
Incorporating customer feedback
The MVP
Enterprise portfolio management
Improving your product management skills
Understanding your customers
Understanding your business
Understanding your product
Business Model Canvas
Summary
Further reading
Chapter 19: Experimentation and A|B Testing
Conducting experiments with the scientific method
Observation – gathering and analyzing the data
Formulating the hypothesis
Building the experiment
Validating the results
Effective A|B testing with GrowthBook and Flagger
Flagger
Experimentation and OKR
Summary
Further reading
Part 6: GitHub for your Enterprise
Chapter 20: GitHub – The Home for All Developers
Hosting options and pricing
Hosting options
GitHub Connect
Pricing
Hands-on – create your account on GitHub.com
Enterprise security
SAML authentication
SCIM
Automatic team synchronization
Enterprise Managed Users
Authentication with GHES
The Audit API
GitHub Learning Lab
Summary
Further reading
Chapter 21: Migrating to GitHub
Picking the right migration strategy
Achieving compliance with low-fidelity migrations
Synchronizing requirements for a smooth transition
Migrating your code
Migrating from Azure DevOps or GitHub
Migrating your pipelines
Summary
Further reading
Chapter 22: Organizing Your Teams
GitHub scopes and namespaces
GitHub enterprises
GitHub organizations
Structuring GitHub teams
Role-based access
Custom roles
Outside collaborators
Summary
Further reading
Chapter 23: Transform Your Enterprise
Why many transformations fail
Assuming your company or industry is special
Having no sense of urgency
Having no clear vision
Letting obstacles block your progress
Not getting help
Starting with WHY?
A purpose-driven mission
Establishing an engineering culture
Data-driven transformation
The Theory of Constraints
Eliminating bottlenecks
DevOps is a journey of continuous improvement
Optimizing for value stream-aligned teams
Summary
Further reading
Index