DevOps Tools for Java Developers (Early Release)

Cover
Copyright
Table of Contents
Foreword
Preface
	Conventions Used in This Book
	Using Code Examples
	O’Reilly Online Learning
	How to Contact Us
	Acknowledgments
Chapter 1. DevOps for (or Possibly Against) Developers
	DevOps Is a Concept Invented by the Ops Side
		Exhibit 1: The Phoenix Project
		Exhibit 2: The DevOps Handbook
		Google It
		What Does It Do?
		State of the Industry
		What Constitutes Work?
	If We’re Not About Deployment and Operations, Then Just What Is Our Job?
		Just What Constitutes “Done”?
		Rivalry?
	More Than Ever Before
		Volume and Velocity
		Done and Done
		Float Like a Butterfly…
		Integrity, Authentication, and Availability
		Fierce Urgency
	The Software Industry Has Fully Embraced DevOps
		Making It Manifest
		We All Got the Message
Chapter 2. The System of Truth
	Three Generations of Source Code Management
	Choosing Your Source Control
	Making Your First Pull Request
	Git Tools
		Git Command-Line Basics
		Git Command-Line Tutorial
		Git Clients
		Git IDE Integration
	Git Collaboration Patterns
		git-flow
		GitHub Flow
		GitLab Flow
		OneFlow
		Trunk-Based Development
	Summary
Chapter 3. An Introduction to Containers
	Understanding the Problem
		The History of Containers
		Why Containers?
	Intro to Container Anatomy
		Docker Architecture and the Container Runtime
		Docker on Your Machine
		Basic Tagging and Image Version Management
		Image and Container Layers
	Best Image Build Practices and Container Gotchas
		Respect the Docker Context and .dockerignore File
		Use Trusted Base Images
		Specify Package Versions and Keep Up with Updates
		Keep Your Images Small
		Beware of External Resources
		Protect Your Secrets
		Know Your Outputs
	Summary
Chapter 4. Dissecting the Monolith
	Cloud Computing
	Microservices
		Antipatterns
		DevOps and Microservices
		Microservice Frameworks
		Spring Boot
		Micronaut
		Quarkus
		Helidon
	Serverless
		Setting Up
	Summary
Chapter 5. Continuous Integration
	Adopt Continuous Integration
	Declaratively Script Your Build
		Build with Apache Ant
		Build with Apache Maven
		Build with Gradle
	Continuously Build
	Automate Tests
	Monitor and Maintain Tests
	Summary
Chapter 6. Package Management
	Why Build-It-and-Ship-It Is Not Enough
	It’s All About Metadata
		Key Attributes of Insightful Metadata
		Metadata Considerations
		Determining the Metadata
		Capturing Metadata
		Writing the Metadata
	Dependency Management Basics for Maven and Gradle
		Dependency Management with Apache Maven
		Dependency Management with Gradle
	Dependency Management Basics for Containers
	Artifact Publication
		Publishing to Maven Local
		Publishing to Maven Central
		Publishing to Sonatype Nexus Repository
		Publishing to JFrog Artifactory
	Summary
Chapter 7. Securing Your Binaries
	Supply Chain Security Compromised
		Security from the Vendor Perspective
		Security from the Customer Perspective
		The Full Impact Graph
	Securing Your DevOps Infrastructure
		The Rise of DevSecOps
		The Role of SREs in Security
	Static and Dynamic Security Analysis
		Static Application Security Testing
		Dynamic Application Security Testing
		Comparing SAST and DAST
	Interactive Application Security Testing
	Runtime Application Self-Protection
	SAST, DAST, IAST, and RASP Summary
	The Common Vulnerability Scoring System
		CVSS Basic Metrics
		CVSS Temporal Metrics
		CVSS Environmental Metrics
		CVSS in Practice
	Scoping Security Analysis
		Time to Market
		Make or Buy
		One-Time and Recurring Efforts
		How Much Is Enough?
		Compliance Versus Vulnerabilities
	Vulnerabilities Can Be Combined into Different Attack Vectors
		Vulnerabilities: Timeline from Inception Through Production Fix
		Test Coverage Is Your Safety Belt
	Quality Gate Methodology
		Quality Gate Strategies
		Fit with Project Management Procedures
		Implementing Security with the Quality Gate Method
		Risk Management in Quality Gates
		Practical Applications of Quality Management
	Shift Security Left
		Not All Clean Code Is Secure Code
		Effects on Scheduling
		The Right Contact Person
		Dealing with Technical Debt
		Advanced Training on Secure Coding
		Milestones for Quality
		The Attacker’s Point of View
		Methods of Evaluation
		Be Aware of Responsibility
	Summary
Chapter 8. Deploying for Developers
	Building and Pushing Container Images
		Managing Container Images by Using Jib
		Building Container Images with Eclipse JKube
	Deploying to Kubernetes
		Local Setup for Deployment
		Generate Kubernetes Manifests by Using Dekorate
		Generate and Deploy Kubernetes Manifests with Eclipse JKube
		Choose and Implement a Deployment Strategy
	Managing Workloads in Kubernetes
		Setting Up Health Checks
		Adjusting Resource Quotas
		Working with Persistent Data Collections
	Best Practices for Monitoring, Logging, and Tracing
		Monitoring
		Logging
		Tracing
	High Availability and Geographic Distribution
	Hybrid and MultiCloud Architectures
	Summary
Chapter 9. Mobile Workflows
	Fast-Paced DevOps Workflows for Mobile
	Android Device Fragmentation
		Android OS Fragmentation
		Building for Disparate Screens
		Hardware and 3D Support
	Continuous Testing on Parallel Devices
		Building a Device Farm
		Mobile Pipelines in the Cloud
		Planning a Device-Testing Strategy
	Summary
Chapter 10. Continuous Deployment Patterns and Antipatterns
	Why Everyone Needs Continuous Updates
		User Expectations on Continuous Updates
		Security Vulnerabilities Are the New Oil Spills
	Getting Users to Update
		Case Study: Java Six-Month Release Cadence
		Case Study: iOS App Store
	Continuous Uptime
		Case Study: Cloudflare
	The Hidden Cost of Manual Updates
		Case Study: Knight Capital
	Continuous Update Best Practices
Index
About the Authors
Colophon