DevOps Speakeasy Podcast

In this interview, we speak to Eyal Ben Moshe, Head of the Ecosystem Engineering Group at JFrog, about the importance of shifting left and providing tools for developers to keep their software secure. He specifically discusses the release of Frogbit and Docker Desktop Extension and teases the BuildInfo resource, the metadata associated with a build in Artifactory.

Evgeny Karasik, Sr. Product Manager at JFrog, discusses the most exciting announcements from the keynote speakers at swampUP including Swift package management support, contextual analysis for security, and Frogbot integration and Docker desktop extension.

Andres Almiray discusses his open source project, JReleaser. The project that was initially created as Java releaser, is now a tool to release any type of binary supported by Artifactory to the right distribution.

In this episode, we speak to Raziel Tabib, CEO and Founder of Codefresh, a GitOps and continuous delivery platform. He discuss the meaning of GitOps, managing artifacts in the process to deployment, and scaling with ArgoCD instances and adding enrichments and integrations as additional value.

Ohad Maislish, co-founder and CEO of env0, talks about the management platform for infrastructure code and scaling as a business solution.

Tony Loehr, Developer Advocate at CyCode, discusses the strengths of the CyCode platform in the software development life cycle to secure software delivery.

Nuno Do Carmo, Technical Writer for SUSE Rancher, discusses bringing the Cloud Native technologies to Windows and more specifically Windows Subsystem for Linux. 

Denis Rosa, Developer Advocate Manager at Couchbase, talks about the challenge of external dependencies with continuous integration and delivery

In this episode, Mike Irwin, Engineer Manager at Docker, discusses the release of Docker Desktop for Linux and Docker Extensions, as well as his thoughts on DevSecOps.

James Strong, lead solution architect at Chainguard, discusses the challenges of securing software supply chains and recommendations for developers

CTO and Co-Founder of Komodor, Itiel Shwartz, discusses Kubernetes troubleshooting in production

Julie Gund from Gremlin speaks about Chaos Engineering - the practice of proactively injecting failures into your systems to find vulnerabilities before your customers experience them, ultimately reducing chaos.

In this interview, Andrea Frittoli, OpenSource Developer Advocate for IBM, speaks about the CDEvents project within the Continuous Delivery Foundation.

In this episode Tom walked us through the importance of devloper native observability and how it can be easily obtained with Lightrun.

In this episode we talked with Thomas Andolf is a developer with a passion in understanding how things work, some of Thomas special skills are security in code, authentication/authorization, automation of processes and development in high transaction environments.

26 views May 7, 2022 In this episode we talked with Kevin Wittek @kiview, a Testcontainers co-maintainer, passionate about FLOSS, containers and Java. We talked about an archaeological journey into the history of the testing pyramid: Who envisioned it first and in which context?

In this episode we talked with Erik Hellman @ErikHellman, a developer for more than two decades, spanning from large-scale telecom to embedded systems. He currently works as the Head of Development for Iteam Solutions in Stockholm and leads a team of developers focusing on sustainable digitalization for companies and other organizations.

In this episode we talked with Paulien van Alst, a passionate software engineer in love with readable, reliable, and testable code, independent of the language or technology used.

In this episode, we talked with Erica Löfström, a software developer and security expert passionate about quality and clean code. Specialized in writing Java backend applications with experience in the medicine and automotive sectors.

In this episode we talked with  Paulien van Alst, a passionate software engineer in love with readable, reliable, and testable code, independent of the language or technology used.

In this episode we talked with Thomas Andolf is a developer with a passion in understanding how things work, some of Thomas special skills are security in code, authentication/authorization, automation of processes and development in high transaction environments.

In this episode we talked with David Ahlbeck, an enthusiastic and innovative software developer with 25+ years of experience. He has worked in networking, online gaming and the automotive industry.

In this episode we talked with Dylan Beattie a consultant, software developer and international keynote speaker. He's the director of Ursatile, an independent consultancy based in London that specialises in helping organisations bridge the knowledge gap between software development and business strategy.

Valarie Regas spoke to us about how opening up, showing vulnerability, and using inclusive language help write better software and be better people.

In this episode, Heather VanCura, Chair of the JCP, spoke to us about how we can make sure Java retains its dominance as the programming language of choice and what Oracle is doing to attract and retain the next generation of developers.

In this episode, Roberto Cotrez of RedHat tells us about what's new in Quarkus 2.0 and shares details about the developer conference he organizes in Portugal (spoiler: #DevOpsSpeakeasy will be there!)

Emily Jiang speaks about IBM's implementation of JakartaEE's Microprofile, OpenLiberty, and her book on the subject.

Ken Kousen shares the news on his new book on Mockito, the mocking framework, mocking in general, and his life as an author.

In this episode Alex and Mykyta of Netflix Engineering explained why debugging GRPC might be hard, whom to ask and where to look when you have the need (spoiler: RTFM), and what are the differences between HTTP 2 and HTTP 3. Special appearances by a promising next-generation developer (maybe?) and Glory to Ukraine.

Eric Wendelin, head of analytics at Gradle explains how AI models in Gradle Enterprise can reduce your build time by only running the tests worth running based on prediction models developed at Meta.

AtomicJar's developer advocate Oleg Shelajev explains what Testcontainers is, what it achieved in 7 years of its existence, and why AtomicJar takes it to the cloud.

Did you hear about Foojay.io? If you didn't, you're in for a treat! In this episode, Geertjan Wielenga tells us about the new home of the Java community, diverse, unified, and grass-rooted.

Oracle's Sharat Chander has great news for us: #JavaOne is back! He tells all about why, when, and where, and it's a lot to look forward to!

Welcome back, in-person conferences, and welcome back, DevOps Speakeasy Podcast! Season 3, live from conference floors is here! We kick it off with our very own

It's another DevOps Speakeasy! In this episode, Kat flies solo without her co-host Baruch, but she's joined by Matt Stratton for a discussion about tech twitter drama, old technology, and practicing under stress.   Click Here for Transcript

This week, we're joined by Austin Parker (@austinlparker) from Lightstep, the Jason Momoa of DevOps, to talk about observability in the name of laziness. Also, Baruch advocates for Java, Kat brings up old Python drama, we reminisce about the JavaScript framework treadmill, and Austin sells us on OpenTelemetry. How do you pronounce "Haskell?"

Welcome to season two of DevOps Speakeasy! We're changing things up a bit this season -- your new host is Kat Cosgrove (@dixie3flatline), with Baruch Sadogursky (@jbaruch) as her co-host. In this episode, we're joined by Aaron Aldrich (@crayzeigh) from Red Hat's Managed OpenShift Black Belt team! He's here to talk to us about deploying highly-available Hello World applications, when to yolo commit and yeet it into prod, and psychological safety.   Because who doesn't love over-engineering the shit out of something simple?  

In this episode Kat (@Dixie3Flatline) and  Baruch (@jbaruch) interviewed Jeffrey Groman (@jeffrey_groman), a cybersecurity advisor, about cybersecurity in the age of DevOps and what the hell DevSecOps is.What is DevSecOps?SQL Injection, pwns you since 1998Proactive vs reactive securityRed team, Blue team and their gamesJuly 2020 F5 security incidentHome router security report 2020 (it's bad, people)Your router should auto-updateContinuous updates for securityTexas Instruments blocked C execution on their calculators! No more Doom!IoT devices-based botnet is a reality for 2 years now"Do you want to keep this setting" is Win 95 flavor of local rollbackList of self-updating routers (pick one of those next time)Jeffrey's LinkedIn with the motto "Assess, Advise, Educate"

In this episode Baruch (@jbaruch) and Kat (@Dixie3Flatline) interviewed Elena Grahovac (@webdeva), an engineering manager at GetYourGuide, where she is in charge of Developer Experience.What is Developer Experience?DevXCon – a conference on Developer Experience. Is it the same as DevRelCon?!Whiteboard interviews suck. Are interviews a part of DevX?Range - a book about t-shaped people.English-speaking episodes of the GoLang Show.GoCenter – JFrog's central repository for Go modules.DevOps Speakeasy interview with Sam Boyer about dependency management in general, and in Go in particular.Draft of Go 2 error handling.Draft of Go 2 generics.Why Java's checked exceptions are bad.Accelerate book - how to measure DevOps (and, apparently, DevX). 

In this episode Baruch (@jbaruch) and Kat (@Dixie3Flatline) interviewed our very own Rimas Mocevicius (@Rimusz), an open-source fan, committer of Helm project, and one of the engineers behind ChartCenter.io (it's cool, check it out!)Why Tiller was badRimas on Tillerless Helm 2What's new in Helm 3Tillerless Helm 3K3S - Lightweight Kubernetes for the EdgeLibrary Charts

In this episode Baruch (@jbaruch) hosted Kelsey Hightower (@kelseyhightower) and Melissa McKay(@melissajmckay) to discuss some of the great questions the audience asked during the "Demystifying CI/CD" webinar, they conducted a week prior. As the discussion progressed, it turned out that the answer to most of the questions is "it depends, it is really a tradeoff". Who could have thought!Continuous delivery vs. continuous deployment. Should you automate all the way to deployment without a final, manual approval step?Who should build pipelines and how can you trust the quality of your pipelines?How much trust can you place on dependencies? You can’t check everything so where is the line of trust?Imperative vs. declarative workflows. Reusability of each for different use cases? Using building blocks that encapsulate imperative actions for building declarative pipelinesCreating large blocks of workflows, with conditionals embedded in them, vs. small and containable blocksUsing mono-repositories vs. dedicated repositories for microservices or for different parts of your pipelinesWorking on the production main branch vs. several feature branchesAmount of time spent on review processes like merging on a branch or merging on a pull request?Managing changes to non-code assets like database schemas? Should they have separate pipelines? Backward compatibility and rollback considerations.What are the merits and practicality of GitOps and using version control to drive operations?

In this episode Baruch (@jbaruch) and Kat (@Dixie3Flatline) hosted Ravi Lachhman (@ravilach) to speak about Harness, CD automation and how it improves our software delivery – velocity, quality, security, and morale.HarnessT-shaped skillsEnterprise tool recommendation matrixRavi's swampUP talk on "Getting to Yes"Getting to Yes – the bookGopher, the Go language mascotContinuous Delivery Foundation

Today Baruch and Kat sat with the amazing Robert Reeves, the lazy, impatient, and hubris CTO of Liquibase, which sells weekends, time with kids, and sleep at night.Hitler Uses KubernetesThe AccelerateBuild a Bigger Team - Nike @ DOES18 Las VegasWar, Peace, and ITDatabase Reliability EngineeringDevOps at Scale: Pain is instructionalRobert's talk at swampUP 2020: It's Time To Automate Your Database Changes

In this special, we'll talk about the agenda of JFrog's upcoming user conference, the JFrog swampUP. It's online, it's affordable, and it is packed with awesome content!We run it twice, in the Americas TZ on June 24th and in EMEA TZ on July 1st, so time zone is not an issue!The tickets are $20, all the proceeds go to charity, no reason not to attend! Check the website for the full agenda and more details! 

Today Kat (@Dixie3Flatline) and Baruch (@jbaruch) hosted Leonid Igolnik (@ligolnik) a veteran engineering manager to talk about what it takes not only to work effectively during the pandemic but also lead effectively.SignalFXMiro - online collaboration whiteboard platformOther distributed whiteboard alternativesWhy people hate ZoomWhy people hate Slack [1][2]Remote (book)The Art of Working Remotely (book)

In this episode, we embarked on a fascinating journey of despair and hope with Sam Boyer (@sdboyer), the author of the Go Dep experiment, and discussed all things dependency management - why it doesn't work, and what can be done to make it a little more transparent and easier to work with.Go dep commit officially retiring the project, made on the day of our podcast was airedThe notorious blog post about package manager (which Baruch uses in all his talks now)Sam's take on the Go Dep experimentSemantic VersioningRuss Cox on SATJFrog Xray analyzing the security and licensing selections signals of the dependency managementConfusion Matrix definitionConfusion Matrix explained^1.2.0 is a lie

In this episode of the DevOps Speakeasy podcast, Kat and Baruch interviewed Chris Short, the author of the DevOps'ish newsletter and podcast and a CNCF Ambassador about OpenShift, Kubernetes Operators, how to pronounce kubectl and what's not!DevOp'ishRedHat OpenShiftCoreDNSPrometheusOperator PatternOperatorHubkubectl pronunciationkubectl – The definite pronunciation guideThe Dark Side of DevOps swampUP 2019 talkLiquid SofwareUsing JFrog Artifactory with air-gapJava Card TechnologySam Boyer's blog post on package managersSpurious CorrelationsResearch on a faster way to replace bad data

In this episode of the DevOps Speakeasy podcast, Kat and Baruch interviewed Valarie Regas about her journey to DevOps and staring at conferences, about working from home in the time of COVID-19, and about reading the room.Valarie's talk about Wardley Maps in front of pairing Belugas and Simon WardleyValarie's talk while being very pregnantJaguar I-PACE breaks software recallKat and her team's continuously updated car demo at swampUP 2019 presented by Kit MerkerRancher's K3S – Lightweight Kubernetes for IoT and Edge computingValarie at DevFest Siberia 2019DevOops - another amazing DevOps conference where you will be able to meet all 3 speakers of this podcatBaruch's talk about the importance of shownotes (both for the audience and for DevRel)

In this episode, Baruch and Kat hosted Jessica Deen, an amazing senior cloud advocate for Azure to talk about what DevOps is for her, and how cloud advocates can make engineers more productive.Azure DevOpsDonovan Brown's What is DevOps?Event-stream library hijacked to steal bitcoinJessica's talk at JFrog swampUP 2019 – complete DevOps pipelineDraftHelmJFrog Container Registry - a free registry for containers and a repository for Helm charts

In this episode, Baruch and Kat hosted John Willis, one of the co-fathers of DevOps, co-author of The DevOps Handbook and author of a dozen of other great books. We discussed his new digital transformation group in Red Hat, how we understanding the third economy should have DevOps ripple effect, and how governance is a lot like unit tests.The DevOps HandbookRed Hat's Global Transformation OfficeDevOps Automated Governance Reference ArchitecturesIntroduction to the three economiesUnderstanding the three economiesOpen Network User Group

In this episode, Baruch and Kat hosted Sasha Rosenbaum, a product manager at GitHub and spoke about where GitHub is going under Microsoft, how GitHub offerings compete (or do not compete) with Azure DevOps, why GitHub acquired npm.js and, suddenly, why virtual conferences suck and how to make them better.GitHub (duh!)Get started with GitHub ActionsAzure Artifacts (part of Azure DevOps)JFrog PipelinesJFrog Artifactorynpm.jsnpm.js is joining GitHubleft-pad incidentMaven Central inclusion processJFrog JCenterDivOps conferenceTulula (the company behind DivOps conference and the tech it uses)