Accelerate DevOps with GitHub: Enhance software delivery performance with GitHub Issues, Projects, Actions, and Advanced Security
- Length: 540 pages
- Edition: 1
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2022-09-09
- ISBN-10: 1801813353
- ISBN-13: 9781801813358
- Sales Rank: #132263 (See Top 100 Books)
Take your DevOps and DevSecOps game to the next level by leveraging the power of the GitHub toolset in practice
Key Features
- Release software faster and with confidence
- Increase your productivity by spending more time on software delivery and less on fixing bugs and administrative tasks
- Deliver high-quality software that is more stable, scalable, and secure
Book Description
This practical guide to DevOps uses GitHub as the DevOps platform and shows how you can leverage the power of GitHub for collaboration, lean management, and secure and fast software delivery.
The chapters provide simple solutions to common problems, thereby helping teams that are already on their DevOps journey to further advance into DevOps and speed up their software delivery performance. From finding the right metrics to measure your success to learning from other teams’ success stories without merely copying what they’ve done, this book has it all in one place. As you advance, you’ll find out how you can leverage the power of GitHub to accelerate your value delivery – by making work visible with GitHub Projects, measuring the right metrics with GitHub Insights, using solid and proven engineering practices with GitHub Actions and Advanced Security, and moving to event-based and loosely coupled software architecture.
By the end of this GitHub book, you’ll have understood what factors influence software delivery performance and how you can measure your capabilities, thus realizing where you stand in your journey and how you can move forward.
What you will learn
- Effectively measure software delivery performance
- Adopt DevOps and lean management techniques in your teams
- Plan, track, and visualize your work using GitHub Issues and Projects
- Use continuous delivery with GitHub Actions and Packages
- Scale quality through testing in production and chaos engineering
- “Shift left” security and secure your entire software supply chain
- Use DevSecOps practices with GitHub Advanced Security
- Secure your code with code scanning, secret scanning, and Dependabot
Who this book is for
This book is for developers, solutions architects, DevOps engineers, and SREs, as well as for engineering or product managers who want to enhance their software delivery performance. Whether you’re new to DevOps, already have experience with GitHub Enterprise, or come from a platform such as Azure DevOps, Team Foundation Server, GitLab, Bitbucket, Puppet, Chef, or Jenkins but struggle to achieve maximum performance, you’ll find this book beneficial.
Accelerate DevOps with GitHub Foreword Foreword Contributors About the author About the reviewers Preface Who this book is for What this book covers To get the most out of this book Download the example code files Download the color images Conventions used Get in touch Share Your Thoughts Part 1: Lean Management and Collaboration Chapter 1: Metrics That Matter Why accelerate? Engineering velocity Measuring velocity with effort Toxic estimates The correct way to estimate high-level initiatives From developer to engineering velocity High-performance companies The Developer Velocity Index The state of DevOps Measuring metrics that matter Delivery lead time Deployment frequency Mean time to restore Change fail rate The Four Keys dashboard What you shouldn't do The SPACE framework for developer productivity Satisfaction and well-being Performance Activity Communication and collaboration Efficiency and flow How to use the SPACE framework Objectives and key results What are OKRs? How do OKRs work? OKRs and DevOps Summary Case study Further reading Chapter 2: Plan, Track, and Visualize Your Work Work is work Unplanned work and rework Visualizing your work Establish pull Prioritize Keep it simple! Limiting WIP Set WIP limits Reduce batch size Reduce hand-offs GitHub issues, labels, and milestones Creating a new issue Collaborating on issues The issue backlog Milestones Pinning issues Issue templates GitHub Projects Get started Adding work items to projects Adding metadata to your work Working with table views Working with the board view Working with views Workflows Insights Managing access Third-party integration Jira Azure Boards Case study Summary Further readings and references Chapter 3: Teamwork and Collaborative Development Software development is a team sport The heart of collaboration – the pull request Hands-on – Creating a pull request Proposing changes Draft pull requests Code owners Required reviews Requesting a pull request review Auto-merge Pull request reviews Reviewing proposed changes in a pull request Marking files as viewed Hands-on – Making suggestions Incorporating feedback into your pull request Submitting a review Finishing your pull request Best practices for code reviews Teach Git Link pull request to issue Use draft pull requests Have a minimum number of two approvers Do peer reviews Automate review steps Deploy and test changes Review guidelines/code of conduct Summary Further readings and references Chapter 4: Asynchronous Work: Collaborate from Anywhere Comparing synchronous and asynchronous work The history of communication Work and communication In-person and remote work Distributed teams Cross-team collaboration Shift to asynchronous workflows Teams and Slack integration GitHub Discussions Getting started with Discussions Discussion categories Starting a discussion Participating in a discussion Pages and wikis GitHub Pages Wikis Working from everywhere with GitHub Mobile Case study Summary Further readings and references Chapter 5: The Influence of Open and Inner Source on Software Delivery Performance History of free and open source software Public domain software Free software Open source software The rise of open source software The difference between open source and open development Benefits of embracing open source for companies Deliver faster with open source software Build better products by engaging the community Use tools with a lower risk of obsolescence Attract talent Influence emerging technologies and standards Improve your process by learning from open source projects Implementing an open source strategy Open and inner source The importance of insourcing GitHub Sponsors Sponsor tiers Sponsorship goals Summary Further reading and references Part 2: Engineering DevOps Practices Chapter 6: Automation with GitHub Actions Overview of GitHub Actions Workflows, pipelines, and actions YAML basics Comments Scalar types Collection types The workflow syntax Workflow triggers Workflow jobs Workflow steps Context and expression syntax Workflow commands Working with secrets Storing your secrets Accessing your secrets The GITHUB_TOKEN secret Hands-on – your first workflow Hands-on – your first action The GitHub marketplace Summary Further reading Chapter 7: Running Your Workflows Hosted runners Isolation and privileges Hardware Software Networks Pricing Self-hosted runners The runner software Communication between the runner and GitHub Using self-hosted runners behind a proxy server Adding self-hosted runners to GitHub Removing self-hosted runners Managing access with runner groups Using labels Scaling your self-hosted runners Ephemeral runners Scaling up and down with GitHub webhooks Existing solutions Monitoring and troubleshooting Checking the status of the runners Reviewing the application log files Reviewing the job log files Checking the service status Monitoring the runner update process Case study Summary Further reading Chapter 8: Managing Dependencies Using GitHub Packages GitHub Packages Pricing Permissions and visibility Using npm packages with Actions Using Docker with Packages Apache Maven, Gradle, NuGet, and RubyGems packages Java with Apache Maven Gradle RubyGems NuGet Summary Further reading Chapter 9: Deploying to Any Platform Staged deployments Automating your deployments How to deploy to Azure App Service Deployment of Azure resources Deploying the application with GitHub Actions How to deploy to AWS ECS Deployment of AWS resources Deploying the container with GitHub Actions How to deploy to GKE Deployment of Google resources Deploying the container with GitHub Actions Infrastructure as code Tools Best practices Strategies Workflow templates Reusable workflows Measuring success Case study Summary Further reading Chapter 10: Feature Flags and the Feature Lifecycle What are Feature Flags? The lifecycle of features The benefits of Feature Flags Getting started with Feature Flags Feature Flags and technical debt Frameworks and products Experimentation with Feature Flags Summary Further reading Chapter 11: Trunk-Based Development Trunk-based development Why you should avoid complex branching Other git workflows Gitflow GitHub flow Release flow GitLab flow Accelerating with MyFlow The main branch Private topic branches Releasing Hotfix Automation Case study Summary Further reading Part 3: Release with Confidence Chapter 12: Shift Left Testing for Increased Quality Shift left testing with test automation Test-driven development Managing your test portfolio Eradicating flaky tests Code coverage Shift right – testing in production Health data and monitoring Feature flags and canary releases Business continuity and disaster recovery Exploratory testing and usability testing Fault injection and chaos engineering Tests and compliance Test management in GitHub Case study Summary Further reading Chapter 13: Shift-Left Security and DevSecOps Shift-left security Assume-breach, zero-trust, and security-first mindset Attack simulations Red team-blue team exercises Team constellation Rules of the game Where to start Attack scenarios GitHub Codespaces Summary Further reading Chapter 14: Securing Your Code Dependency management and Dependabot Exploring your dependencies Dependabot Automate Dependabot updates with GitHub Actions Use Dependabot to keep your GitHub actions up to date Secret scanning Code scanning Code scanning in GitHub Running your code scans Getting started Code scanning alerts Pull request integration Code scanning configuration Writing your own CodeQL queries Summary Further reading Chapter 15: Securing Your Deployments Container and infrastructure security scanning Container scanning Infrastructure policies Automate the infrastructure change process Source code and infrastructure integrity The SBOM Signing your commits Signing your code Dynamic application security testing Security hardening your release pipeline Secure your runners Secure your Actions Secure your environments Use tokens when possible Collect security telemetry Case study Summary Further reading Part 4: Software Architecture Chapter 16: Loosely Coupled Architecture and Microservices Loosely coupled systems Microservices Evolutionary design Event-driven architecture Summary Further reading Chapter 17: Empower Your Teams Conway's law The two-pizza team Inverse Conway Maneuver Delivery cadence A mono- or multi-repo strategy Working with large mono repositories Organizing your repos with topics and star lists Using Git submodules to structure your code What's the right strategy? Case study Summary Further reading Part 5: Lean Product Management Chapter 18: Lean Product Development and Lean Startup Lean product development Incorporating customer feedback The MVP Enterprise portfolio management Improving your product management skills Understanding your customers Understanding your business Understanding your product Business Model Canvas Summary Further reading Chapter 19: Experimentation and A|B Testing Conducting experiments with the scientific method Observation – gathering and analyzing the data Formulating the hypothesis Building the experiment Validating the results Effective A|B testing with GrowthBook and Flagger Flagger Experimentation and OKR Summary Further reading Part 6: GitHub for your Enterprise Chapter 20: GitHub – The Home for All Developers Hosting options and pricing Hosting options GitHub Connect Pricing Hands-on – create your account on GitHub.com Enterprise security SAML authentication SCIM Automatic team synchronization Enterprise Managed Users Authentication with GHES The Audit API GitHub Learning Lab Summary Further reading Chapter 21: Migrating to GitHub Picking the right migration strategy Achieving compliance with low-fidelity migrations Synchronizing requirements for a smooth transition Migrating your code Migrating from Azure DevOps or GitHub Migrating your pipelines Summary Further reading Chapter 22: Organizing Your Teams GitHub scopes and namespaces GitHub enterprises GitHub organizations Structuring GitHub teams Role-based access Custom roles Outside collaborators Summary Further reading Chapter 23: Transform Your Enterprise Why many transformations fail Assuming your company or industry is special Having no sense of urgency Having no clear vision Letting obstacles block your progress Not getting help Starting with WHY? A purpose-driven mission Establishing an engineering culture Data-driven transformation The Theory of Constraints Eliminating bottlenecks DevOps is a journey of continuous improvement Optimizing for value stream-aligned teams Summary Further reading Why subscribe? Other Books You May Enjoy Packt is searching for authors like you Share Your Thoughts
Donate to keep this site alive
How to download source code?
1. Go to: https://github.com/PacktPublishing
2. In the Find a repository… box, search the book title: Accelerate DevOps with GitHub: Enhance software delivery performance with GitHub Issues, Projects, Actions, and Advanced Security
, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.