دانلود کتاب DevOps Tools for Java Developers (Early Release)

فهرست مطالب :

Cover
Copyright
Table of Contents
Foreword
Preface
Conventions Used in This Book
Using Code Examples
O’Reilly Online Learning
How to Contact Us
Acknowledgments
Chapter 1. DevOps for (or Possibly Against) Developers
DevOps Is a Concept Invented by the Ops Side
Exhibit 1: The Phoenix Project
Exhibit 2: The DevOps Handbook
Google It
What Does It Do?
State of the Industry
What Constitutes Work?
If We’re Not About Deployment and Operations, Then Just What Is Our Job?
Just What Constitutes “Done”?
Rivalry?
More Than Ever Before
Volume and Velocity
Done and Done
Float Like a Butterfly…
Integrity, Authentication, and Availability
Fierce Urgency
The Software Industry Has Fully Embraced DevOps
Making It Manifest
We All Got the Message
Chapter 2. The System of Truth
Three Generations of Source Code Management
Choosing Your Source Control
Making Your First Pull Request
Git Tools
Git Command-Line Basics
Git Command-Line Tutorial
Git Clients
Git IDE Integration
Git Collaboration Patterns
git-flow
GitHub Flow
GitLab Flow
OneFlow
Trunk-Based Development
Summary
Chapter 3. An Introduction to Containers
Understanding the Problem
The History of Containers
Why Containers?
Intro to Container Anatomy
Docker Architecture and the Container Runtime
Docker on Your Machine
Basic Tagging and Image Version Management
Image and Container Layers
Best Image Build Practices and Container Gotchas
Respect the Docker Context and .dockerignore File
Use Trusted Base Images
Specify Package Versions and Keep Up with Updates
Keep Your Images Small
Beware of External Resources
Protect Your Secrets
Know Your Outputs
Summary
Chapter 4. Dissecting the Monolith
Cloud Computing
Microservices
Antipatterns
DevOps and Microservices
Microservice Frameworks
Spring Boot
Micronaut
Quarkus
Helidon
Serverless
Setting Up
Summary
Chapter 5. Continuous Integration
Adopt Continuous Integration
Declaratively Script Your Build
Build with Apache Ant
Build with Apache Maven
Build with Gradle
Continuously Build
Automate Tests
Monitor and Maintain Tests
Summary
Chapter 6. Package Management
Why Build-It-and-Ship-It Is Not Enough
It’s All About Metadata
Key Attributes of Insightful Metadata
Metadata Considerations
Determining the Metadata
Capturing Metadata
Writing the Metadata
Dependency Management Basics for Maven and Gradle
Dependency Management with Apache Maven
Dependency Management with Gradle
Dependency Management Basics for Containers
Artifact Publication
Publishing to Maven Local
Publishing to Maven Central
Publishing to Sonatype Nexus Repository
Publishing to JFrog Artifactory
Summary
Chapter 7. Securing Your Binaries
Supply Chain Security Compromised
Security from the Vendor Perspective
Security from the Customer Perspective
The Full Impact Graph
Securing Your DevOps Infrastructure
The Rise of DevSecOps
The Role of SREs in Security
Static and Dynamic Security Analysis
Static Application Security Testing
Dynamic Application Security Testing
Comparing SAST and DAST
Interactive Application Security Testing
Runtime Application Self-Protection
SAST, DAST, IAST, and RASP Summary
The Common Vulnerability Scoring System
CVSS Basic Metrics
CVSS Temporal Metrics
CVSS Environmental Metrics
CVSS in Practice
Scoping Security Analysis
Time to Market
Make or Buy
One-Time and Recurring Efforts
How Much Is Enough?
Compliance Versus Vulnerabilities
Vulnerabilities Can Be Combined into Different Attack Vectors
Vulnerabilities: Timeline from Inception Through Production Fix
Test Coverage Is Your Safety Belt
Quality Gate Methodology
Quality Gate Strategies
Fit with Project Management Procedures
Implementing Security with the Quality Gate Method
Risk Management in Quality Gates
Practical Applications of Quality Management
Shift Security Left
Not All Clean Code Is Secure Code
Effects on Scheduling
The Right Contact Person
Dealing with Technical Debt
Advanced Training on Secure Coding
Milestones for Quality
The Attacker’s Point of View
Methods of Evaluation
Be Aware of Responsibility
Summary
Chapter 8. Deploying for Developers
Building and Pushing Container Images
Managing Container Images by Using Jib
Building Container Images with Eclipse JKube
Deploying to Kubernetes
Local Setup for Deployment
Generate Kubernetes Manifests by Using Dekorate
Generate and Deploy Kubernetes Manifests with Eclipse JKube
Choose and Implement a Deployment Strategy
Managing Workloads in Kubernetes
Setting Up Health Checks
Adjusting Resource Quotas
Working with Persistent Data Collections
Best Practices for Monitoring, Logging, and Tracing
Monitoring
Logging
Tracing
High Availability and Geographic Distribution
Hybrid and MultiCloud Architectures
Summary
Chapter 9. Mobile Workflows
Fast-Paced DevOps Workflows for Mobile
Android Device Fragmentation
Android OS Fragmentation
Building for Disparate Screens
Hardware and 3D Support
Continuous Testing on Parallel Devices
Building a Device Farm
Mobile Pipelines in the Cloud
Planning a Device-Testing Strategy
Summary
Chapter 10. Continuous Deployment Patterns and Antipatterns
Why Everyone Needs Continuous Updates
User Expectations on Continuous Updates
Security Vulnerabilities Are the New Oil Spills
Getting Users to Update
Case Study: Java Six-Month Release Cadence
Case Study: iOS App Store
Continuous Uptime
Case Study: Cloudflare
The Hidden Cost of Manual Updates
Case Study: Knight Capital
Continuous Update Best Practices
Index
About the Authors
Colophon