GitLab / Developer Evangelism Team

Container Images are a significant source of vulnerabilities in the software development lifecycle because they are often built on existing images, usually from external sources. Ensuring containers are safe before being deployed in your environment is essential. In this video tutorial, Abubakar will walk through setting up container scanning in GitLab.

You can also learn more about container scanning in the GitLab documentation: https://docs.gitlab.com/ee/user/application_security/container_scanning/

#devsecops #containers #trivy #grype #containerscanning

Testing applications before they go live goes beyond syntactic analysis of the changes made for vulnerabilities. Some vulnerabilities only show up when the application is deployed and pushed to the limits by users. Dynamic Application Security Testing (DAST) examines applications for vulnerabilities in deployed environments.
In this video, Abubakar will explain how DAST can be used to test your application and end it with a demo.

Documentation: https://docs.gitlab.com/ee/user/application_security/dast/

#devsecops #dast #gitlab #security #appsec

GitLab Documentation: https://docs.gitlab.com/ee/user/application_security/policies/

#devsecops #dast #gitlab

Organizations spend a ton of time ensuring compliance with regulatory and self-imposed requirements. Enforcement of these requirements can, however, be a challenging exercise. GitLab provides a Compliance Framework feature, allowing organizations to label projects meeting specific compliance regulations. Security teams can enforce the requirements of the regulations by creating Compliance pipelines, which ensures specified security scans are executed in all projects with a compliance attached.

In this video, Abubakar will walk through how to setup a Compliance framework and pipeline.

Documentation: https://docs.gitlab.com/ee/user/group/compliance_frameworks.html

#devsecops #dast #gitlab #compliance #compliancemanagement #devops #appsec

Collecting Observability data with eBPF aims to help Dev, Ops, and SREs to debug and troubleshoot incidents. Data requires storage, visualization, and verification: Do the Service Level Objectives (SLOs) match, dashboards visualize useful data correlation, network service maps make sense, and what about security policies?

Simulating a production incident is challenging. Chaos engineering enables teams to break things in a controlled environment and verify alerts, SLOs, and data accuracy. Which data retention cycle is best, and which dashboards reduce the mean-time-to-response? Anomaly detection and forecasting would be great too.

This talk dives into the learning steps with eBPF and discusses traditional metrics monitoring and future Observability data collection, storage and visualization. Learn from hands-on examples with chaos experiments that attempt to break eBPF probes, data collection, and policies in unexpected ways … and bring new perspectives into cloud-native reliability.

Getting started with new cloud-native technologies can be overwhelming. This talk dives into the getting started experiences with eBPF from a developer experience POV, switching sides into Ops and reliability use cases.

Established workflows with chaos engineering meet the Kernel with eBPF - it is crucial to understand the possibilities and risks next to the presented advantages.

The stories tell potential traps and successful learning paths to inspire the community to do the same. The feedback and conversations during and after the talk will help improve the project documentation and use case references. The research on integrating different technologies (SLOs, eBPF, Chaos Engineering, dashboards) and how they fit into the big (cloud-native) picture can help with the foundation for future ideas and new projects in the cloud-native ecosystem.

Everything shown and developed in this talk is available as Open Source, ensuring everyone can contribute.

Michael Friedrich

Michael Friedrich is a Senior Developer Evangelist at GitLab, focussing on Observability, SRE, and Ops. He loves to help educate everyone and regularly speaks at events and meetups. Michael co-founded the #EveryoneCanContribute cafe meetup group to learn cloud-native & DevOps. Michael is a Polynaut advisor at Polywork, created o11y.love as a learning platform for Observability, and shares insights in the opsindev.news newsletter.

Overview of GitLab's Developer Evangelism team to help with preparation for the Marketing Functional Call.

Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe 2023 in Amsterdam, The Netherlands from April 17-21. Learn more at https://kubecon.io​. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.

Consumers To Contributors: Open Source As a Competitive Advantage - Brendan O'Leary, GitLab

Speakers: Brendan O'Leary
As open source software has eaten the software world, it can be your biggest asset or cause your biggest problems. Most of the time, we consume open source without really considering the long-term impact on our business. So why would a business, enterprise, or organization decide to become a Contributor instead of just a Consumer? In this talk, we'll look at some of the biggest success stories in enterprise open source software partnerships and some of the cautionary tales. The more an organization is involved in co-creating the open source packages they use, the more both the organization and the open source project benefit. This session is for everyone: open source maintainers, OSPO leaders, or open source advocates in large enterprises. At the end of our session, you'll be able to articulate the tangible and emergent benefits organizations and enterprises gain when they stop just consuming open source software and instead embrace "Everyone can contribute."

Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.

Tamland: How GitLab.Com Uses Long-Term Monitoring Data For Capacity Forecasting. - Andrew Newdigate, GitLab, Inc.

Speakers: Andrew Newdigate
Tamland is a capacity planning tool built by GitLab to provide long-term forecasts of potential capacity issues across the services running GitLab.com. It's built on top of the long-term metric storage capabilities of Thanos, which provides utilization and saturation metric data stretching back over a 1 year period. From this, a predictive forecast model is constructed and used to predict future growth trends across hundreds of saturation points over the coming months. This practical talk demonstrates how we capture long-term metrics data in a scalable way using Thanos, how we use Facebook's Prophet library for building forecast models, and how we integrate this with Jupyter to generate a report complete with visualizations. It discusses the benefits of switching to a data-driven and repeatable approach to capacity planning, as well as some of the practical challenges of building the tool. Tamland is an open-source project and attendees have access to the project source if they're interested in digging deeper into our implementation.

Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.

What Container Runtime Do I Need? - Abubakar Siddiq Ango, GitLab

Speakers: Abubakar Siddiq Ango
Docker made container technology approachable and easy to adopt, but the recent need to replace Docker has opened up several options and complexity, which can be daunting to someone new to Container technologies. Knowing what runtime engine is suited for what type of use case is crucial in making the right choice when reaching for a replacement. In this talk, Abubakar will start with a brief primer about what the Container runtime does, the common ones available, what they have in common and what sets them apart. We will also see different use cases applicable to different container runtime engines. At the end of the talk, the listener will be better informed in choosing the most preferred runtime engine for their workload.

Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe 2023 in Amsterdam, The Netherlands from April 17-21. Learn more at https://kubecon.io​. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.

Lightning Talk: Don't Wait, Secure your DevOps Processes Using Open Standard Methods Today! - Dov Hershkovitch, GitLab

Security is shifting left. What used to be a straightforward task in the past, such as deploying an application, today involves secrets. Secrets are typically stored in a secret management solution framework, yet available to the engineer's disposal. In this lightning talk, I will explain how you could secure your DevOps process today, using an open standard (JTW) to access secrets, without compromising due to security or complaints, or waiting for a DevOps vendor to build a native integration framework for you

Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe 2023 in Amsterdam, The Netherlands from April 17-21. Learn more at https://kubecon.io​. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.

Confidence with Chaos for Your Kubernetes Observability - Michael Friedrich, GitLab

The Kubernetes observability stack is deployed with Prometheus, and dashboards provide many interesting insights. What’s next? Everything is overwhelming and your teams are drowning in alerts. Alerts and Service Level Objectives (SLO) require team discussions and adjuments, and the dashboards could benefit from more fine granular details. Documentation and action items for your SRE and DevOps teams are needed too. Simulate a production incident to see whether SLOs are met, or alerts are fired. Is there a way to observe the deployed application, and see if it breaks from chaos? Join this talk to dive into ops and dev stories with practical insights into Kubernetes metrics, Prometheus alerting, chaos engineering with Chaos Mesh, OpenTelemetry app instrumentation, and hear about production incidents with failed SLOs. Gain confidence with chaos as an SRE, and as a developer seeing the value in Observability. Welcome to day 2 DevOps.

Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe 2023 in Amsterdam, The Netherlands from April 17-21. Learn more at https://kubecon.io​. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.

Secure CI/CD Using JSON Web Token (JWT) - Dov Hershkovitch, GitLab

DevSecOps extends the DevOps ecosystem with the security aspect. Sensitive information is everywhere, be it passwords, secret tokens or exchanged IDs in order to gain access to tools and platforms. The problem has been addressed by many secret management solutions and frameworks, yet creating another problem: Which to choose from, and how to integrate best into your DevOps processes? Engineers started to workaround the security protocols, and often sensitive information is stored in insecure ways. A plaintext token can lead to security leaks and business incidents in a worst case scenario. JSON Web Token (JWT) aims to build the integration bridge as an open standard for security claims exchange. Join this session to learn how in GitLab we leverage JWT tokens to access different secret management solutions, including major cloud providers. Hear best practices on the challenges to retrieve sensitive data and how to enhance the DevSecOps security processes in your organization.

In this video, Brendan describes the GitLab Code Challenge at KubeCon North America in Detroit. Complete fun challenges and learn how GitLab can scan your dependencies for known vulnerabilities and create provenance metadata to support SLSA Level 2 compliance.

To join the Code Challenge, visit https://codechallenge.dev
For complete rules, please see https://about.gitlab.com/community/sweepstakes/kubecon-na-2022-code-challenge/.

No description provided.

In this workshop, you will learn the basics of Monitoring and Observability with microservices and container clusters. The hands-on session includes Prometheus and Grafana, kube-prometheus, alerts/incidents, and customizations/scaling. We will discuss best practices with logs, traces, and how innovation with OpenTelementry and eBPF can help with advanced Observability workflows.

Speaker - Michael Friedrich (@dnsmichi)

►►► Pre-requisites ►►►
1. Installed & configured a minikube cluster (https://minikube.sigs.k8s.io/docs/start/)
2. Make sure to go through the previous workshops:
- Linux & Docker Fundamentals: https://youtu.be/EUu1E_YKGTw
- Kubernetes 101: https://youtu.be/PN3VqbZqmD8

►►►Resources ►►►
► Workshop Slide Deck - https://docs.google.com/presentation/d/1uuYIPwQjckNiPPJQcN8tauZ8KSIdHASbyoAxJ0fc6uQ/edit?usp=sharing

Chapters
00:00 Intro music
01:38 Introduction with Saiyam and Michael
08:10 Workshop Start
08:58 What to expect
10:05 Workshop requirements
12:22 Tips
15:06 Monitoring, quo vadis - in a nutshell, black-box, metrics/trends, microservices, whitebox
23:00 Kubernetes - learn what to monitor
29:45 Metrics with Prometheus - Architecture, PromQL, UI,
39:15 Prometheus Operator - install Prometheus in Kubernetes
52:22 Kubernetes Metrics
54:45 Prometheus Metrics in Grafana - Dashboards inspection, deployed by Prometheus Operator
01:02:56 Workshop dashboards in Grafana - first panel and Kubernetes dashboard, container metrics, kube-state-metrics,
01:21:34 ServiceMonitor CRD for /metrics endpoints auto discovery with Prometheus
01:37:56 Monitoring 2.0 - Prometheus client libraries & instrumentation,
01:45:43 Alerts and SLOs - Prometheus Operator CRDs, Alert Manager, podtato-head
01:55:53 Trigger alerts for podtato-head deployment - blackbox probe, dashboards, alert rules,
02:14:45 Service Level Objectives & Ops Confidence - Golden Signals, SLOs as code,
02:19:15 Customize kube-prometheus - custom dashboards, reduce visible data, see what is important
02:22:50 Beyond Metrics - Logs, Tracing, OpenTelemetry
02:31:28 OpenTelemetry demo deployment - shop, website, Jaeger tracing,
02:39:05 Discussion: Why traces? What's next
02:45:35 Performance and Scaling - data retention, long-term storage, distributed scaling, GitLab.com SaaS production insights,
02:53:50 Observability and Chaos Engineering
02:56:06 Chaos Mesh
02:58:10 DNS Chaos - demo exercise from KubeCon EU, leak app memory, verify alerts and SLOs
03:12:45 Take action from chaos experiments
03:15:00 Future Observability - eBPF, auto-instrumentation with Cilium Tetragon, etc.
03:17:30 SLOs and quality gates with Keptn
03:17:48 Security - Policies with Kyverno, Hardening (book recommendation: Hacking Kubernetes)
03:18:54 Your adventure -
03:19:20 Q&A - https://o11y.love and outro with Saiyam and Michael

►►►Connect with Kubesimplify ►►►
► Twitter - https://twitter.com/kubesimplify
► Discord - https://kubesimplify.com/discord
► Website - https://kubesimplify.com/
► GitHub - https://github.com/kubesimplify

#kubesimplify #kubernetes #observability

No description provided.

Michael Friedrich walks through the first v0.1.1 release, the job artifacts report summary as markdown table file for projects and group with project, and shows the deletion of job artifacts using the CLI script with Docker and from source.

GitLab Storage Analyzer is a new Python project to help with analysis and cleanup, developed by the Developer Evangelism team.

Documentation and usage in https://gitlab.com/gitlab-de/gitlab-storage-analyzer

For more Continuous Delivery Foundation content, check out our blog: https://cd.foundation/blog/

How we Build CI/CD Observability with OpenTelemetry - Michael Friedrich, GitLab

CI/CD Pipelines are blocked, resources are drained, and the cloud invoice for the deployment is going wild - where do you start analysing and troubleshooting? One look leads into the CI/CD pipeline: Next to the job runs, which preparation steps happen, how many context switches are encountered, and which step is actually causing the problems?

Logs and metrics help to see the bigger picture, collecting the job and pipeline execution times, or fetch times for resources. Traces with spans provide more context on executed jobs, enriched with troubleshooting metadata. It is not always DNS, sometimes it’s also the slow IO cache …

Join this talk to learn how we build CI/CD Observability with OpenTelemetry in GitLab. You can learn more about the architecture challenges, implementation approaches, and performance scaling requirements for SaaS platforms.

Don’t miss out! Join us at our upcoming hybrid event: KubeCon + CloudNativeCon North America 2022 from October 24-28 in Detroit (and online!). Learn more at https://kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.

From Monitoring to Observability: Left Shift your SLOs with Chaos - Michael Friedrich, GitLab

Security has shifted left in CI/CD pipelines. Traditional service monitoring moved on with metrics, logs and traces and observability embraces the unknown unknowns. Developers and SREs are instrumenting applications with distributed tracing. How do service level objectives (SLOs) add to the bigger picture? This talk invites into a developer’s tale about ops deployment scalability, availability threshold definitions and measuring application performance. What are the benefits of app instrumentation, metrics and traces and where does the journey start? Dev becomes Ops: SLOs need to be well understood and simulated early in the development process. New building blocks come to play: Continuous Delivery, quality gates and chaos engineering - is it possible to left shift SLOs with Chaos in your CI/CD pipelines?

Developers and SREs are instrumenting applications and apply observability workflows with metrics, traces, logs, and beyond. The first service level objective (SLO) is defined, now what - wait for the first production incident?

Think of day-2-Ops: SLOs need to be well understood and simulated early in the development process. False-positive alerts can lead to on-call fatigue. How to simulate an incident? Add chaos to production and simulate network failures, broken apps, etc. - and validate the SLOs. Developers can add their own chaos experiments too.

Join this talk to learn how SLOs can be shifted left with chaos, and get inspired by new tools and workflows for your production environment.

Feature proposal: https://gitlab.com/gitlab-org/gitlab/-/issues/338943
GitLab with OpenTelemetry Research: https://gitlab.com/everyonecancontribute/observability/opentelemetry-gitlab-research

No description provided.

We are going to Open Source a project and discuss how you can do it too! With amazing guests...

Laurel Younis https://twitter.com/LaurelYounisDev
Michael Friedrich https://twitter.com/dnsmichi
Matthew Codes https://twitter.com/matthew_codes

Repo + Org https://github.com/XollabOS

Discussion on GitHub https://github.com/EddieHubCommunity/support/discussions/3800

I now have a 2nd YouTube channel for short video clips of 60s or less, subscribe...
https://youtube.com/eddiejaoudetv

JOIN our inclusive open source community now for FREE... https://www.eddiehub.org, also checkout my website and sign up to our community NEWSLETTER... https://www.eddiejaoude.io for my live stream + video schedule and community calls

Reviewing your Open Source projects #OpenSource #GitHub #DevRel

SERVICES I USE AND RECOMMEND

Some of these might be affiliate links, no extra cost to you, but I get a little $ if you sign up, plus you might get a discount too.

- Live streaming with Streamyard http://links.eddiejaoude.io/t/pYlzGjcta1a4
- Cloud hosting with Digital Ocean, you will get $100 FREE credit http://links.eddiejaoude.io/t/EAaCRWhsnZlF
- Membership, Newsletters, CRM all in one with Kartra http://links.eddiejaoude.io/t/pQ5W3FRLk8Cp
- Awesome backup platform, BackBlaze http://links.eddiejaoude.io/t/4rqTZjLbwmCp

COMMUNITY SPONSORS

A BIG thank you to my GitHub Sponsors:
***
Stephen Mount http://github.com/stemount
DailyDotDev https://github.com/dailydotdev
***

- Nicholas Carrigan https://github.com/nhcarrigan
- Santosh Yadav https://github.com/santoshyadavdev
- Andrew Cunliffe https://github.com/andrew-cunliffe
- Alexander Stoichkov https://github.com/SashoStoichkov
- Allan Regush https://github.com/AllanRegush
- CORE Multi-Chain Framework https://github.com/CORE-Blockchain



FIND ME ON OTHER SOCIAL PLATFORMS

Don’t forget to support my channel by subscribing below, it’s free, and also share with your friends. Subscribe now!
https://www.youtube.com/eddiejaoude?sub_confirmation=1

Follow on other socials for behind the scenes footage and join the Discord server to continue the conversation.

https://www.eddiejaoude.io/
https://github.com/eddiejaoude
https://youtube.com/eddiejaoude
https://twitter.com/eddiejaoude
https://instagram.com/eddiejaoude
https://linkedin.com/in/eddiejaoude
http://discord.eddiehub.org/
https://github.com/EddieHubCommunity

How to Open Source YOUR project

Project sync-up. We did introductions and overview of the OpenFeature project, and than had a Q&A session with participants. After that we discussed the next steps and the meeting cadence.

Meeting notes: https://docs.google.com/document/d/1pp6t2giTcdEdVAri_2B1Z6Mv8mHhvtZT1AmkPV9K7xQ/edit#heading=h.vqjhqfod6mpn

This course will teach you how to use GitLab CI to create CI/CD pipelines for building and deploying software to AWS.

🎥 Course created by Valentin Despa.

📚 Course Notes: https://gitlab.com/gitlab-course-public/freecodecamp-gitlab-ci/-/blob/main/docs/course-notes.md
📺 Valentin on YouTube: http://www.youtube.com/channel/UCUUl_HXJjU--iYjUkIgEcTw?sub_confirmation=1
🔗 Valentin's website: https://www.vdespa.com
🐦 Valentin on Twitter: https://twitter.com/vdespa


⭐️ Course Contents ⭐️

⭐️ Unit 1 - Introduction to GitLab

⌨️ Lesson 1 - Welcome (0:00:00​)
⌨️ Lesson 2 - Your first GitLab project (0:03:03​)
⌨️ Lesson 3 - Your first pipeline (0:13:00​)
⌨️ Lesson 4 - Help, my pipeline is not working (0:23:32)
⌨️ Lesson 5 - What is YAML? (0:26:22)
⌨️ Lesson 6 - What is a shell? (0:35:12)
⌨️ Lesson 7 - GitLab architecture (0:37:50)
⌨️ Lesson 8 - Pipeline stages (0:43:14)
⌨️ Lesson 9 - Why do pipelines fail? (0:48:11)
⌨️ Lesson 10 - Job artifacts (0:52:34)
⌨️ Lesson 11 - Testing the build (0:59:02)
⌨️ Lesson 12 - Variables (1:04:33)
⌨️ Lesson 13 - What is DevOps (1:10:27)

⭐️ Unit 2 - Continuous Integration with GitLab CI

⌨️ Lesson 1 - Unit overview (1:16:53)
⌨️ Lesson 2 - Your first GitLab project (1:18:41)
⌨️ Lesson 3 - Building the project (1:22:05)
⌨️ Lesson 4 - Assignment (1:33:10)
⌨️ Lesson 5 - Assignment solution (1:34:43)
⌨️ Lesson 6 - How to integrate changes? (1:40:24)
⌨️ Lesson 7 - Merge requests (1:43:50)
⌨️ Lesson 8 - Code review (1:51:38)
⌨️ Lesson 9 - Integration tests (1:56:29)
⌨️ Lesson 10 - How to structure a pipeline (2:10:53)

⭐️ Unit 3 - Continuous Deployment with GitLab & AWS

⌨️ Lesson 1 - Unit overview (2:16:41)
⌨️ Lesson 2 - A quick introduction to AWS (2:17:14)
⌨️ Lesson 3 - AWS S3 (2:20:57)
⌨️ Lesson 4 - AWS CLI (2:23:35)
⌨️ Lesson 5 - Uploading a file to S3 (2:29:04)
⌨️ Lesson 6 - Masking & protecting variables (2:33:00)
⌨️ Lesson 7 - Identity management with AWS IAM (2:38:49)
⌨️ Lesson 8 - Uploading multiple files to S3 (2:47:54)
⌨️ Lesson 9 - Hosting a website on S3 (2:53:15)
⌨️ Lesson 10 - Controlling when jobs run (3:00:06)
⌨️ Lesson 11 - Post-deployment testing (3:07:03)
⌨️ Lesson 12 - What is CI/CD? (3:13:01)
⌨️ Lesson 13 - Assignment (3:16:47)
⌨️ Lesson 14 - Assignment solution (3:17:26)
⌨️ Lesson 15 - Environments (3:24:40)
⌨️ Lesson 16 - Reusing configuration (3:33:52)
⌨️ Lesson 17 - Assignment (3:36:57)
⌨️ Lesson 18 - Assignment solution (3:40:53)
⌨️ Lesson 19 - Continuous Delivery pipeline (3:44:15)

⭐️ Unit 4 - Deploying a dockerized application to AWS

⌨️ Lesson 1 - Unit overview (3:48:129)
⌨️ Lesson 2 - Introduction to AWS Elastic Beanstalk (3:49:25)
⌨️ Lesson 3 - Creating a new AWS Elastic Beanstalk application (3:51:48)
⌨️ Lesson 4 - Creating the Dockerfile (3:59:02)
⌨️ Lesson 5 - Building the Docker image (4:02:12)
⌨️ Lesson 6 - Docker container registry (4:09:27)
⌨️ Lesson 7 - Testing the container (4:15:59)
⌨️ Lesson 8 - Private registry authentication (4:20:04)
⌨️ Lesson 9 - Deploying to AWS Elastic Beanstalk (4:34:18)
⌨️ Lesson 10 - Post-deployment testing (4:45:54)
⌨️ Lesson 11 - CI/CD recap (4:50:29)

⭐️ Unit 5 - Conclusion

⌨️ Lesson 1 - Final assignment (4:51:37)
⌨️ Lesson 2 - Conclusion (4:55:16)

🎉 Thanks to our Champion and Sponsor supporters:
👾 Raymond Odero
👾 Agustín Kussrow
👾 aldo ferretti
👾 Otis Morgan
👾 DeezMaster

--

Learn to code for free and get a developer job: https://www.freecodecamp.org

Read hundreds of articles on programming: https://freecodecamp.org/news

This talk introduces a developer`s view on using cloud native resources and mistakes turned into visible failures. Learn about the first steps with metrics, SLOs and app instrumentation, quality gates in a CI/CD pipeline, and chaos engineering - my experience in the past 15 years.

Michael Friedrich is a Senior Developer Evangelist at GitLab focussing on backend dev, ops and sec. He studied Hardware/Software Systems Engineering and moved into a role on DNS and monitoring development at the University of Vienna and ACO.net. Michael was a maintainer of Icinga, an OSS monitoring software, for 11 years before joining GitLab. He loves engaging with new technologies in the Monitoring/Observability, CI/CD and security area and regularly speaks at events and meetups. Current projects involve Prometheus exporters, tracing and pipeline efficiency. Michael hosts a technology coffee chat called “#everyonecancontribute cafe” on everyonecancontribute.com.

Connect with Michael,
Twitter: https://twitter.com/dnsmichi
LinkedIn: https://www.linkedin.com/in/dnsmichi/

Liz is joined by Frederic Branczyk to talk about Parca, a project that continuously profiles CPU & memory usage using eBPF

Show notes:

Don’t miss out! Join us at our next event: KubeCon + CloudNativeCon Europe 2022 in Valencia, Spain from May 17-20. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.

Practical Kubernetes Monitoring with Prometheus - Michael Friedrich, GitLab

Monitoring for microservices and distributed workloads isn’t an easy task. Imagine that you become responsible after years of traditional service monitoring. You start your research - Kubernetes as a container orchestrator already is a complex ecosystem to understand. Join this talk for a journey on the first steps, best practices with Prometheus, Grafana and the Prometheus Operator. The adventure does not stop here: Use client libraries to instrument your own application with metrics, deploy it to Kubernetes and what now? Explore how service discovery, long term storage with Thanos/Cortex and alerting help complete cloud native monitoring. It’s also an iterative process, with new workloads, changes, and a constant work in progress. This talk will help prepare you for cold winters and hot summers, silencing alerts before they exist. Spoiler: The end will peek into observability with logs, traces and SLOs, and show monitoring use cases on GitLab.com SaaS.

Don’t miss out! Join us at our next event: KubeCon + CloudNativeCon Europe 2022 in Valencia, Spain from May 17-20. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.

As Strong As the Weakest Link: Securing the Software Supply Chain- Brendan O'Leary, GitLab

The Solarwinds breach is an event that we won't truly understand for some time - if ever. Several discussions we've been having in the abstract for years have become very concrete. The systems we use to develop, build and deploy our code are essential production systems. Securing the software supply chain is one of the most underrated security aspects today. All software today is built with dependencies. However, a discussion of these dependencies - both explicit and transient - as links in the software supply "chain" couldn't be more accurate. And the truth is, a chain is only as strong as its weakest link. In this talk, we'll examine the complexities and sophisticated tradecraft from the various supply chain attacks. We'll also explore securing the cloud native supply chain with CNCF tools from Helm & Distribution to Cloud Custodian & Porter. More importantly, we'll delve into the simple, practical security measures that can help prevent such attacks.

No description provided.

Slides with exercises: https://docs.google.com/presentation/d/1xs4-mlf5L95aER_pVo6i5U0d5DW4f_AIG0RKk8SpKIc/edit
Project with solutions: https://gitlab.com/gitlab-de/workshops/go-tanuki-cicd-workshop-talentql-pipeline-program
TalentQL Pipeline: https://pipeline.talentql.com/

TOC
7:08 First Steps
14:59 CI/CD: Terminology & First Steps
24:53 Pipeline Editor
34:37 CI/CD: Development Workflows
36:40 Go Tanuki Build
46:13 Pipeline jobs and stages
46:28 Go Tanuki Binary build and code tests with CI/CD
54:43 Run the binary
1:01:13 Visualize the pipeline
1:02:03 Faster feedback with CI/CD
1:04:03 JUnit test reports
1:06:03 Security
1:16:03 What's next
1:16:29 Exercises for async practice
1:19:29 Q&A

https://about.gitlab.com/blog/2021/10/19/top-10-gitlab-hacks/
https://about.gitlab.com/pricing/
https://about.gitlab.com/solutions/open-source/
https://about.gitlab.com/solutions/education/

Slides: https://osad-munich.org/wp-content/uploads/2021/10/Michael-Friedrich-Slides_OSAD2021.pdf

Security has shifted left in CI/CD pipelines. Tools and cultural changes enable teams to focus on their cloud-native journey. Traditional service monitoring moved on with metrics, logs and traces and observability embraces the unknown unknowns. Developers and SREs are instrumenting applications with distributed tracing. How do service level objectives (SLOs) add to the bigger picture?

This talk invites into a developer’s tale about ops deployment scalability, availability threshold definitions and measuring application performance. Estimated SLOs could be simulated early in the development process. New building blocks come to play: Quality gates and chaos engineering – is it possible to left shift the SLOs in your CI/CD pipelines?

Attendees go on a hands-on deep dive into cloud native resources with Keptn and Prometheus as quality gates, and explore ways of chaos engineering with Litmus. This includes best practices and tips to start in a cloud native deployment journey.

At GitLab, we believe that every student and every teacher can contribute! The GitLab for Education Program provides the top tiers of GitLab for free to students, teachers and faculty at educational institutions around the globe for teaching, learning and research. We are invested in ensuring that students have access to the full functionality of GitLab while in school so they can become future contributors and evangelists of GitLab.

No description provided.

GitLab enables the efficient implementation of GitOps and infrastructure and code strategies with tools like HashiCorp Terraform, allowing organizations to efficiently and continuously roll out updates to infrastructure with shorter TTRs, Time to Recovery. It does this by enabling teams to leverage several other integrations:

- HashCorp Vault to manage secrets during CI job execution securely
- HashiCorp Packer to build images
- HashiCorp Waypoint for application delivery

The joint solutions developed by HashiCorp and GitLab are helping organizations find a better way for application development and keeping delivery, and infrastructure management workflows in lockstep.
This session will show how GitLab integrates with HashiCorp Terraform, Packer, Vault and Waypoint.

Speaker: Abubakar Siddiq Ango

#Terraform #GitLab #CICD #HashiCorpVault #Waypoint #HashiCorpPacker

If you liked this video and want to see more from HashiCorp, subscribe to our channel: https://www.youtube.com/c/HashiCorp?sub_confirmation=1

To learn more, visit our hands-on interactive lab environment, HashiCorp Learn: https://learn.hashicorp.com/

HashiCorp is the leader in multi-cloud infrastructure automation software. The HashiCorp software suite enables organizations to adopt consistent workflows to provision, secure, connect, and run any infrastructure for any application. HashiCorp open source tools Vagrant, Packer, Terraform, Vault, Consul, Nomad, Boundary, and Waypoint are downloaded tens of millions of times each year and are broadly adopted by the Global 2000. Enterprise versions of these products enhance the open source tools with features that promote collaboration, operations, governance, and multi-data center functionality.

For more information, visit: www.hashicorp.com or follow us on social media:
Twitter: @hashicorp
LinkedIn: https://www.linkedin.com/company/hashicorp
Facebook: https://www.facebook.com/HashiCorp

No description provided.

The AWS UG OSTech Conference 2021 is a sprint immense event as the name suggests, a wide event that will have all the developers (SDEs), Cloud, DevOps, SRE, students, and industry enthusiasts all at one place with Interactive sessions by keynote speakers and a real-time application for everything.

Event website: https://www.awsugjaipur.tech/
Agenda: https://www.awsugjaipur.tech/#schedule

We will be having awesome swag opportunities for the attendees who are active throughout the event and also having some contests and quizzes during the event.

1. Quizzes: After each session participate in the quiz and grab a chance to earn a 250/- Amazon gift card.

2. Knowledge Share Contest: Check details on the website.
Submit entry here: https://lnkd.in/gXUjKgM

--
MapMyIndia Contest Submission: https://lnkd.in/g95hB32
--
Surprise Contest from Agora (SDK Integration)|
Top winners will get exiting swags:
Ref: https://docs.agora.io/en/video/start_call_web
Submit here: https://bit.ly/3tO2xjI
--

𝐖𝐚𝐧𝐭 𝐭𝐨 𝐛𝐞 𝐚 𝐦𝐞𝐦𝐛𝐞𝐫?
𝐅𝐨𝐥𝐥𝐨𝐰 & 𝐂𝐥𝐢𝐜𝐤 𝐨𝐧 𝐑𝐞𝐠𝐢𝐬𝐭𝐞𝐫: https://lnkd.in/dNcQKZU
𝐎𝐭𝐡𝐞𝐫 𝐒𝐨𝐜𝐢𝐚𝐥𝐬: https://www.awsugjaipur.tech/joinus

Michael Friedrich works for GitLab and talks about his 10 years and more journey from monitoring to DevOps. It's really interesting to see how he grew from his experience from the community and now helps to shape the open source community with it.

Slides: https://opensource.siemens.io/events/2021/slides/Michael_Friedrich_From_Monitoring_to_DevOps_10%2B_years_OSS_community_building.pdf

The yearly Open Source @ Siemens event in Zug, Switzerland, became fully virtual in 2020. This year, in 2021, we host the 8th edition, with the afternoon sessions being fully open to public for the first time.
From community building to technical deep dives, the Open Source @ Siemens 2021 event provides great insights for everyone interested in the Open Source and Inner Source topics and beyond.

Dev Loves CI/CD: Efficient Sec and Ops Pipelines - Michael Friedrich, GitLab

Continuous integration and delivery/deployment helps speed up development and review workflows. Developers can focus on code reliably tested in different environments. At some point, the operations team gets paged on broken pipelines and jobs being stuck. On top, the security audit unveiled plain text secret exposure and dependency exploits. The next horror story: The software cannot be deployed anymore because package dependencies are broken. In this talk we hear stories on making CI/CD pipelines more reliable and secure. Automated deployments and package/container repositories can help avoid redundant cycles and extra work hours. Monitoring/observability combined with automation ensures to sleep in busy on-call times. Learn how Dev meets Sec and Ops in the pipelines and hear best practices on efficiency, iteration and insights.

For more Continuous Delivery Foundation content, check out our blog: https://cd.foundation/blog/

The Imperative to Stop Being Lazy and Do Better - Brendan O'Leary, GitLab
Speakers: Brendan O'Leary
There are a lot of challenging, unsolved problems in software. Building accessible, inclusive, smart software is a solved one...do better. My last name is valid. Despite what countless apps and websites have tried to tell me, it is reasonable to have an apostrophe in a name. I get it; SQL is hard. But it doesn't "solve" the problem to have validation, saying, "Please enter a valid last name." Talk about *invalidating* someone's experience in life. And that's not even that big of a deal. But this kind of carelessness is all too common in tech. Many other people's identities are marginalized even more severely when developers are careless. In this talk, we'll examine examples of each of these types of inclusion. We'll show how these issues have already been solved; it just requires the determination and compassion to choose to make our products more accessible and more inclusive.

For more Continuous Delivery Foundation content, check out our blog: https://cd.foundation/blog/

Watch the GitLab 14 Community Meetup and the community's favorite features...summarized in 5 minutes.

Learn more here: https://about.gitlab.com/gitlab-14/

Longer version: https://www.youtube.com/watch?v=mSspEk8efHE

To celebrate the release of GitLab 14 https://about.gitlab.com/gitlab-14/, members of the Developer Evangelism team and wider GitLab community share some of their favorite features that have been released since our last major milestone.

Learn about some of the most beloved features in GitLab from some of our most passionate and active users. 5 minute video: https://www.youtube.com/watch?v=3KdONZj8kG4

The speakers and topic include:

00:54 John Coghlan - Intro to GitLab 14
05:30 Michael Friedrich - CI/CD Pipeline Editing on Steroids with the new editor
17:44 Alejandro Medina - SSH key expiration enforced by default AND Pronouns box for GitLab profiles
24:09 Michael Aigner - GitLab VS Code extension including the new code review feature from 14
37:58 Brendan O'Leary - SAST and the new Semgraph integration for SAST
57:00 Q&A

Slides & insights:

- CI/CD Pipeline Editing on Steroids with the new editor: https://docs.google.com/presentation/d/1239kdKB1QiOzRTT8klSOwbsYzqBTJHvW0PoclOlNHfU/edit
- SSH key expiration enforced by default AND Pronouns box for GitLab profiles: https://docs.google.com/presentation/d/1Whd_ESUykde1uMcWWtfsq_612tQSZ_nsAdKaEwmZQxY/edit
- GitLab VS Code extension including the new code review feature from 14: https://www.youtube.com/watch?v=F5ypjlOZ4-0
- SAST and the new Semgraph integration for SAST https://docs.google.com/presentation/d/1wRs-BECUQvyUeL0O95FCbR9NWs4CQkbJP6cRQlBRhcs/edit

Feature requests discussed in the meetup:

- VS Code Extension: Pipelines progress and logs views https://gitlab.com/gitlab-org/gitlab-vscode-extension/-/issues/423

Beyond Code Live is an inclusive event series that amplifies the voices of women at GitLab to inspire success for the wider DevOps community. GitLab team members will showcase their favorite platform “hacks” for managing routine responsibilities outside of programming in each session.

Session 2 speakers included:

Host: John Coglan & Jamie Rachel - Community Relations
"GitLab as a Personal Notebook" by Laura Duggan, @LDuggan - Digital Design
"Designing for Developer Experience" by Veethika Mishra, @VMishhra- UX
"GitLab as a time efficiency tool" Carol Teskey, @CTeskey - People Success

"Gitlab Runner on Oracle Cloud Infrastructure (OCI) ARM64" by Abubakar Siddiq Ango, Developer Evangelism Program Manager at GitLab. Read more about the collaboration and how to setup GitLab Runner on OCI ARM64 instances at https://about.gitlab.com/blog/2021/05/25/gitlab-oracle-cloud-arm-based

HeleCloud talks Cloud is a weekly occurring live online event on news updates in Cloud. Every week, news topics from the cloud space are being discussed by the hosts Detelina and Walter and their guests Adric Walter & Michael Friedrich.

Everyone talks about Security shifting left in your CI/CD pipeline. Tools and cultural changes enable teams to scale and avoid deployment problems. SLOs are left out - what if a software change triggers a regression and your production SLOs fail? As a developer, you want to detect these problems as early as possible. This talk dives deep into CI/CD pipelines and discusses ideas to calculate and match SLOs in the development lifecycle. Early in your Pull or Merge Request for review.

Modern development environments are not bound to a single application, oftentimes there are software dependencies to resolve and runtime limitations on operating systems to overcome. VMs and containers helped make this easier, recent times have moved development environments to the cloud. Everyone can contribute - no matter the hardware or software resources, operating systems, or runtime environments. Learn how GitLab uses Gitpod to onboard contributors with the GitLab Development Kit (GDK). The native integration into GitLab enables developers to apply best practices for their own projects. This talk shares use cases, best practices and hidden gems for the DevSecOps lifecycle.

John Coghlan, a member of GitLab's Developer Evangelism team and the Commit planning team, lead a workshop to help folks, particularly first-timers, prepare their submissions for the 2021 GitLab Commit CFP. This includes information about the event, what we're looking for in a proposal, and a break down of a winning submission.

The call for proposals (CFP) for GitLab Commit is open through Friday April 30, 2021. We are looking for great speakers (no experience necessary) to share their stories with our community.

Submit your proposal here: https://forms.gle/YU2sENCjcFBSv8VF7

In this part 2 of the GitLab + GKE Autopilot video, Abubakar, a Developer Evangelist at GitLab demonstrates how to integrate a GKE Autopilot cluster with GitLab.

Read the announcement blogpost to learn more about GKE Autopilot: https://cloud.google.com/blog/products/containers-kubernetes/introducing-gke-autopilot

Learn other ways GitLab works with GKE Autopilot: https://about.gitlab.com/blog/2021/02/24/gitlab-gke-autopilot/

Part 1: https://youtu.be/cNffh-qyXhQ

In this video, Abubakar, a Developer Evangelist at GitLab introduces GKE Autopilot and demonstrates how to install GitLab on a GKE Autopilot cluster using Helm charts.

Read the announcement blogpost to learn more about GKE Autopilot: https://cloud.google.com/blog/products/containers-kubernetes/introducing-gke-autopilot

Learn other ways GitLab works with GKE Autopilot: https://about.gitlab.com/blog/2021/02/24/gitlab-gke-autopilot/

Part 2: https://youtu.be/rCwHL3hQEWU

Michael, Developer Evangelist at GitLab, meets with Nadia and Dov from Verify:Pipeline Authoring to discuss the launch of the new Pipeline Editor and what's next to make Pipeline Editor a must-try feature for even more GitLab CI/CD users. 💫


Learn more about Pipeline Editor: https://docs.gitlab.com/ee/ci/pipeline_editor/

- Repository with exercises & slides: https://gitlab.com/gitlab-de/workshops/swiss-meetup-2021-jan
- Agenda with timestamps:

* Introduction 4:32
* First steps with GitLab: Labels, Issue templates, etc. 9:12
* CI/CD: First Steps 18:13
* CI/CD: Go Project & Tests 33:07
* CI/CD Pipeline Editor 46:45
* CI Security: Detect Secrets and Vulnerabilities 51:03
* What's next? 59:00
* Exercises for Async Practice 1:00:57
* Q&A 1:07:22 - end

The Developer Evangelism team at GitLab created this hands-on learning workshop for the Switzerland meetup. The generic template for future workshops can be found in our handbook: https://about.gitlab.com/handbook/marketing/community-relations/developer-evangelism/projects/#workshops

Here's a quick way to find the reason your pipeline is failing using GitLab (and a great example of the importance of high-quality error messages).

This virtual meetup from 2020/12/15 features an AMA featuring four GitLab team members from the GitLab CI team. They also offer a preview of our pipeline editor plans including an early look at the visual pipeline builder.

The panel features:

Thao Yeager, Senior Product Manager, Continuous Integration
Veethika Mishra, Senior Product Designer, Continuous Integration
Dov Hershkovitch, Senior Product Manager, Pipeline Authoring
Nadia Sotnikova, Product Designer, Pipeline Authoring

You can find additional information from the meetup and join the discussion via this GitLab issue: https://gitlab.com/gitlab-org/gitlab/-/issues/293913
-----

We would love for you to contribute to our virtual meetups.

You can find upcoming virtual meetups and resources to plan your own here: https://about.gitlab.com/community/virtual-meetups/

We want to hear your ideas for topics. Remote? Security? Contributing to OS? Email suggestions to evangelists@gitlab.com.

We also love when community members present at GitLab meetups. Send an email to evangelists@gitlab.com if you’re interested in being the featured speaker at a future remote meetup.

No description provided.

This AMA was recorded during KubeCon North America 2020 and features a panel of GitLab Developer Evangelists answering questions from the wider GitLab community.

Panelists include:
- Abubakar Siddiq Ango
- Brendan O'Leary
- John Coghlan
- Michael Friedrich

You can find more videos featuring the GitLab Developer Evangelism team on this playlist: https://www.youtube.com/playlist?list=PL05JrBw4t0Kq-bYO9jCJaN45BBpzWSLAQ

Presented by: Brendan O'Leary, GitLab
Presented at All Things Open 2020 - Case Study/Demo Track

Abstract: In the age of commoditization, hyper-cloud service wrapping, and increased competition in the open-source world, many Commerical Open Source (COSS) companies are struggling to find a sustainable business model. Balancing support of open-source with the need to maintain the business that provides that support can cause companies to make rash decisions about licensing and their business models.

In this talk, we'll take a look at the commercial open-source landscape. We will learn from those who have been successful in building sustainable open-source communities and businesses. We will explore the various business models available to open source-based companies and where there have been successes and failures. We will use the case study of GitLab, a complete DevOps platform that is open core and based on git. The company has grown 177% year over year, even with the growing uncertainty in the space.

GitLab has made a bet on what we call buyer-based open core, and so far, it's paid off. However, this wasn't luck or some special sauce. It took many iterations on the GitLab business model to end up where we are today. Since founding the business in 2014, GitLab has tried many monetization techniques, including donations, consultancy, and single-tenet service. Still, none of them worked to allow us to sustain and grow the business.

Finally, we landed on buyer-based open-core. This talk will help you understand how we've modeled our business, and why we think that buyer-based open-core could be a winning combination for Commerical Open Source Companies.

We hosted a virtual meetup as part of the GitLab Community Day: CI featuring Abubakar Siddiq Ango, Developer Evangelist Program Manager at GitLab, on 2020/12/01.

The recordings features an introduction to GitLab CI including some demos. You can follow along via the links below.

Slides: https://docs.google.com/presentation/d/1oJLEL2OVm0gz8qvIlqpoidGdmsGt1exT2pwbZjaVTaE/edit?usp=sharing
Repository: https://gitlab.com/gitlab-com/marketing/corporate_marketing/developer-evangelism/code/ci-community-day-2020
---
Watch more videos from the GitLab Developer Evangelism team: https://www.youtube.com/playlist?list=PL05JrBw4t0Kq-bYO9jCJaN45BBpzWSLAQ

Find upcoming virtual meetups and resources to plan your own here: https://about.gitlab.com/community/virtual-meetups/

We hosted a virtual meetup as part of the GitLab Community Day: CI featuring Michael Friedrich, Developer Evangelist at GitLab, on 2020/12/01.

The recordings features an introduction to GitLab CI including some demos. You can follow along via the links below.

Slides: https://docs.google.com/presentation/d/1oJLEL2OVm0gz8qvIlqpoidGdmsGt1exT2pwbZjaVTaE/edit?usp=sharing
Repository: https://gitlab.com/gitlab-com/marketing/corporate_marketing/developer-evangelism/code/ci-community-day-2020
---
Watch more videos from the GitLab Developer Evangelism team: https://www.youtube.com/playlist?list=PL05JrBw4t0Kq-bYO9jCJaN45BBpzWSLAQ

Find upcoming virtual meetups and resources to plan your own here: https://about.gitlab.com/community/virtual-meetups/

We hosted a virtual meetup as part of the GitLab Community Day: CI featuring Brendan O'Leary, Senior Developer Evangelist at GitLab, on 2020/12/01.

The recordings features an introduction to GitLab CI including some demos. You can follow along via the links below.

Slides: https://docs.google.com/presentation/d/1oJLEL2OVm0gz8qvIlqpoidGdmsGt1exT2pwbZjaVTaE/edit?usp=sharing
Repository: https://gitlab.com/gitlab-com/marketing/corporate_marketing/developer-evangelism/code/ci-community-day-2020
---
Watch more videos from the GitLab Developer Evangelism team: https://www.youtube.com/playlist?list=PL05JrBw4t0Kq-bYO9jCJaN45BBpzWSLAQ

Find upcoming virtual meetups and resources to plan your own here: https://about.gitlab.com/community/virtual-meetups/

No description provided.

Continuous Integration and Delivery/Deployment helps speed up development and review workflows. Developers now can focus on code reliably tested in different environments. Once in a while the operations team gets paged on broken pipelines and jobs being stuck. Then the security audit has unveiled plain text secret exposure and dependency exploits.
The next horror story: The software cannot be deployed anymore since package dependencies are broken in a new distribution.
In this talk Michael Friedrich, Developer Evangelist at GitLab, takes a different look on making CI/CD pipelines more secure.

No description provided.

No description provided.

Visit https://everyonecancontribute.com

Agenda: https://gitlab.com/everyonecancontribute/general/-/issues/54
Blog: https://about.gitlab.com/blog/2020/10/15/use-waypoint-to-deploy-with-gitlab-cicd/
Getting started: https://www.waypointproject.io/docs/getting-started
Learn: https://learn.hashicorp.com/waypoint
Roadmap: https://www.waypointproject.io/docs/roadmap

Slides: https://docs.google.com/presentation/d/1bh-M-B1DUqstQfCDTnUr7T5YbBKOHfOH-8jfPCSJDDQ/edit?usp=sharing

We hosted a virtual meetup featuring Michael Friedrich, Developer Evangelist at GitLab, on 2020/10/06.

Title: Best Practices with GitLab CI/CD

Description: Take the first steps in GitLab for your development workflows. Start the first merge request to solve an issue and get ideas on branching, code reviews, approval processes and add automated CI test feedback in MRs.

Repo: https://gitlab.com/dnsmichi/meetup-2020-cw41
Slides: https://docs.google.com/presentation/d/1ajDgQfqNI2TclSpK3DzM8FqNXPSKYHupsDyI3W9bNyo/edit?usp=sharing

---

We would love for you to contribute to our virtual meetups.

You can find upcoming virtual meetups and resources to plan your own here: https://about.gitlab.com/community/virtual-meetups/

We want to hear your ideas for topics. Remote? Security? Contributing to OS? Email suggestions to evangelists@gitlab.com.

We also love when community members present at GitLab meetups. Send an email to evangelists@gitlab.com if you’re interested in being the featured speaker at a future remote meetup.

Development is more than just code, and last-minute bug fixes on release day can increase stress and lead to burnout. Guided by real-world exercises, learn how CI/CD improves your development workflow, and practice automated build-and-deploy stages.

Slides: https://docs.google.com/presentation/d/1j5ROpjwmBiXqtiHN6lJ20UcJCefw4-KC25lWWoDqTnY/edit?usp=sharing

Repository: https://gitlab.com/dnsmichi/collision-from-home-2020

This presentation was recorded at GOTO Chicago 2020. #GOTOcon #GOTOchgo
http://gotochgo.com

Brendan O'Leary - Senior Developer Evangelist at GitLab

ABSTRACT
The one question I'm asked more than any other when talking about working at GitLab is: wait, you don't have any offices? That is often followed by a confused look or the direct question: How?
Writing down decisions, asynchronous communication, measuring results, not hours. Companies often aspire to these goals...however in an all-remote company, they aren't aspirational - they are requirements. GitLab has grown from 9 people in 2014 to over 900 people in 55 different countries with a valuation of almost $3 billion.
In this talk, we'll discover some of the not-so-secret sauce that GitLab has leveraged to achieve this growth.
On this journey, our values have remained the same. We value collaboration, results, efficiency, diversity & inclusion, iteration, and transparency [...]

TIMECODES
00:00 Intro
00:22 GitLab's story
05:54 The (case for) asynchronous enterprise
06:46 Release cycle time is critical
07:51 Remote is part of the solution
10:13 Challenges
12:15 Values
12:36 Iteration
13:42 Transparency
15:08 Efficiency
16:20 Communication guidelines
17:34 Trust

Download slides and read the full abstract here:
https://gotochgo.com/2020/sessions/1427/the-asynchronous-enterprise

RECOMMENDED BOOKS
Tsedal Neeley • Remote Work Revolution • https://amzn.to/3lTDGtI
David Burkus • Leading from Anywhere • https://amzn.to/3fUThp0
Maria Sam • Remote Work Secrets • https://amzn.to/3CDRYV1
Phil Simon • Reimagining Collaboration • https://amzn.to/3yGPXoA

https://twitter.com/GOTOcon
https://www.linkedin.com/company/goto-
https://www.facebook.com/GOTOConferences
#AsynchronousEnterprise #RemoteWork #Remote #RemoteEnterprise #PostOffice

Looking for a unique learning experience?
Attend the next GOTO conference near you! Get your ticket at http://gotocon.com

SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily.
https://www.youtube.com/user/GotoConferences/?sub_confirmation=1

GitInGifs: Git Branches

This video is the third in our #GitInGifs series of videos. This series celebrates the 15th Anniversary of Git with easy to consume videos about git itself - from the basics to the details of the interworkings of git. And in all these videos, we'll use gifs and memes to make git concepts easier to understand and learn!

Get in touch with Sales: http://bit.ly/2IygR7z

GitInGifs Working Directory & Staging Area

This video is the second in our #GitInGifs series of videos. This series celebrates the 15th Anniversary of Git with easy to consume videos about git itself - from the basics to the details of the interworkings of git. And in all these videos, we'll use gifs and memes to make git concepts easier to understand and learn!

Get in touch with Sales: http://bit.ly/2IygR7z

Livestream recording from the Linuxing in London meetup on April 22nd, 2020.

Slides with self-practice exercises: https://docs.google.com/presentation/d/1obSNrWUlXAUJK_HRsUnQcpmPoFDDme0oL5f3P905u7A/edit?usp=sharing
GitLab repository for the exercises: https://gitlab.com/dnsmichi/meetup-2020-cw17
Meetup group: https://www.meetup.com/Linuxing-In-London/events/269938032/
Event organisation issue: https://gitlab.com/gitlab-com/marketing/corporate-marketing/-/issues/2273

Note: First time, mistakes happen. Screen sharing did not work in the first 4 minutes. You may skip over, or listen to the audio introduction :)

GitInGifs Introduction

This video introduces our #GitInGifs series of videos. This series celebrates the 15th Anniversary of Git with easy to consume videos about git itself - from the basics to the details of the interworkings of git. And in all these videos, we'll use gifs and memes to make git concepts easier to understand and learn!

Get in touch with Sales: http://bit.ly/2IygR7z

In the video, Abubakar, Technical Evangelism Program Manager at GitLab gives a brief introduction on what is Buildpacks, Cloud Native Buildpacks and how we use it to power AutoDevOps.

Note: https://www.youtube.com/watch?v=kTNfi5z6Uvk has the most recent workshop from Feb 2021 :)
Agenda with timestamps:

* Workshop intro 6:04
* Let's get started: CI/CD Introduction 9:30
* First steps with CI/CD 11:16
* Build Go Project 16:39
* Unit Tests 23:50
* CI pipeline stages: Deploy & run 27:29
* CI/CD Variables & Templates 29:53
* Monitoring 32:08
* Container Images and Packages 33:45
* Code Coverage with Go 35:09
* Project Badges 35:46
* Round-up 36:32

We hosted a virtual meetup featuring Michael Friedrich, Developer Evangelist at GitLab, on 2020/03/24.

Title: Make your life as a developer easier with GitLab CI and the Web IDE

Description: Ever wanted to get CI quickly up and running? We will be exploring the capabilities of GitLab CI from simple scripts to building code and running unit tests as we code inside the Web IDE. Everything which makes your journey with CI a breeze in group practice.

If you’re interested in learning how to build a CI pipeline in GitLab this talk is for you. If you’re a more experienced GitLab user, we’d still love for you to attend and lend your expertise to our breakout groups.

Slides: https://docs.google.com/presentation/d/1scYkmV4Xdfj-8iwwpEiLCe0vBfpAdrL5pyA2w1Fgnf0/edit?usp=sharing
Repository: https://gitlab.com/dnsmichi/meetup-2020-cw13
---

We would love for you to contribute to our virtual meetups.

You can find upcoming virtual meetups and resources to plan your own here: https://about.gitlab.com/community/virtual-meetups/

We want to hear your ideas for topics. Remote? Security? Contributing to OS? Email suggestions to evangelists@gitlab.com.

We also love when community members present at GitLab meetups. Send an email to evangelists@gitlab.com if you’re interested in being the featured speaker at a future remote meetup.

GitLab's Brendan O'Leary (https://twitter.com/olearycrew) shares thoughts on how to minimize your tool stack to the essentials, avoid tool sprawl, and focus on the required business capabilities for running a remote enterprise. After that, we take a look at GitLab's #RemoteStack and how we use those various tools to enable our business and reinforce our values.

Level up your remote transition! TechCrunch called our Remote Playbook "a valuable resource for anyone who is trying to find a way to function in a #RemoteWork environment." Download our Remote Playbook for 🆓 right now: https://about.gitlab.com/company/culture/all-remote/

The one question I'm asked more than any other when talking about working at GitLab is: wait, you don't have any offices? That is often followed by a confused look or the direct question: How?

Writing down decisions, asynchronous communication, measuring results, not hours. Companies often aspire to these goals...however in an all-remote company, they aren't aspirational - they are requirements. GitLab has grown from 9 people in 2014 to over 900 people in 55 different countries with a valuation of almost $3 billion.

In this talk, we'll discover some of the not-so-secret sauce that GitLab has leveraged to achieve this growth. On this journey, our values have remained the same. We value collaboration, results, efficiency, diversity & inclusion, iteration, and transparency. And we've done all that without having any office, headquarters, or anything that looks like one.

Slides: https://docs.google.com/presentation/d/11XLfdSAnWDla9gQEZIrv5E2Fh4qeZXwThlZ2I7VQgok/edit#slide=id.g73fbef8bdb_0_0

JSConf Hawaii will return soon
https://www.jsconfhi.com/

With the postponements and cancellations of conferences due to COVID-19, Members of the cloud-native community came together to brainstorm on an online event to discuss new developments and updates.

This is a recording of the keynotes from the GitLab Heroes Summit, recorded on 2020/01/21.

Keynote #1: Building Communities at Scale - Akanksha Bhasin
Keynote #2: GitLab Heroes 101 - Nico Meisenzahl and Adrian Moisey
Keynote #3: Meetups with self-hosted Jitsi - Philipp Westphalen
Keynote #4: Pitch Perfect: How to hit the right notes when giving a talk - Bethan Vincent

To learn more about the GitLab Heroes program, please visit

This is a recording of the lightning talks from the GitLab Heroes Summit, recorded on 2020/01/21.

Lightning talk #1: Contributing to GitLab in 2020 - Mario García
Lightning talk #2: DesignOps with GitLab - Alejandro Mercado Peña
Lightning talk #3: Running Terraform and GitLab Together in Harmony - Will Hall
Lightning talk #4: Be a part of something bigger - Marvin Karegyeya
Lightning talk #5: Rescued by Kanban - Mario Kleinsasser

To learn more about the GitLab Heroes program, please visit https://about.gitlab.com/community/heroes/

This is a recording of the panel discussion with members of the GitLab Hero program lead by Roland Heuser and featuring Riccardo Padovani, Niclas Mietz, Abel Ayuba, and Will Hall. It was recorded during the GitLab Heroes Summit on 2020/01/21.

To learn more about the GitLab Heroes program, please visit https://about.gitlab.com/community/heroes/.