Achieve performance engineering and testing at the end of every sprint
Get hands-on experience with continuos integration using the latest versions of the most popular DevSecOps tools, all working together, end-to-end, in a set of servers in the cloud each participant controls.
The hands-on approach enables participants to truly gain important insights into the benefits and trade-offs related to agile test automation.
Included is a “guided tour” of how the 21 groups of DevOps technologies work together in a toolchain that builds and deploy software: Git/GitHub/GitLab, Maven/Yarn, Nexus, Jenkins/Cloudbees, Vault, SonarQube, Selenium, Ansible.
The “Sec” part of “DevSecOps” means security, which include scans of code for vulnerabilities, use of digital certificates to control access, and tools to manage secrets using secure vaults.
To ensure quality at speed, Agile software developers are increasingly required to include in each sprint automated performance status in their System Demo presentations.
Who Should Attend
This course is for anyone new to DevOps but experienced with information technology and software development. No specific prerequisites are assumed, and all technical concepts are explained; This course is for testers, programmers, business analysts, and managers who need to see first-hand how DevOps works.
Editions of the course
There are several editions of this class, of different length:
The half-day introduction provides an understanding of key DevSecOps terms and concepts possible only from seeing the various tools all working together. Participants pull from and push to GitHub, edit files, and see first-hand programs built and software tested automatically. Participants leave with an understanding of the meaning behind buzzwords and abbreviations in DevSecOps.
The full-day experience has you generating both application code and the whole DevOps toolchain for an architecture that automatically scales. You then re-build the whole setup after making configuration changes. Participants leave with an ability to identify DevSecOps toolchain components and usage workflow and have an appreciation for some of the subtleties about each technology.
The two-day immersion enables you to see code moving through multiple environments from development servers to production clusters – crucial for working in corporate enterprises. Participants see a live “blue/green” deployment and fall-back. Participants leave with a visceral understanding of both the advantages and limitations modern DevSecOps offers.
The traditional approach of performance testing only before final release to production means that potentially major risks and technical debt can remain hidden. Here is how organizations make performance testing and engineering “shift-left” earlier in the software development lifecycle.
Only this course provides participants a full set of dozens of cloud-based servers to work on live during the class. This is an opportunity few get even with on-the-job experience.
Example: Maven vs. Yarn
GitHub/GitLab source repository
Maven/Yarn package repository
Nexus binary repository
SonarQube status repository
CMDB server repository
DNS (Domain Name System)
CDN for files around the world
Application SQL databases
Liquibase database schema changelogs
Programming Languages (Java)
Java Frameworks: Spring Boot
Build and Release
Release when ready
Docker images vs. Vagrant
AWS HVM machine images
SonarQube code scan run reports
Failover test run
Browser inspect debugger
ELK stack vs. Tick stack
Elsticsearch vs. InfluxDB
Logstash vs. Telegraf
Kibana vs Graphana