Allow loading remote contents and showing images to get the best out of this email.FAUN.dev's DevOps / SRE / Platform Engineering Weekly Newsletter
 
🔗 View in your browser.   |  ✍️ Publish on FAUN.dev   |  🦄 Become a sponsor
 
Allow loading remote contents and showing images to get the best out of this email.
 
DevOpsLinks
 
This week in DevOps, with Dolly the Cow
 
 
📝 A Few Words
 
 
I'm glad to announce my new book: GitOps the Hard Way, with Argo CD

Most Argo CD tutorials stop at "apply this, watch it sync". Then production reality hits: drifts, RBAC lockouts, repo-server OOM, secrets sitting in Git ..etc and you're on your own.

This book is the other path. 12 hands-on chapters from an empty cluster to automated deploys: Argo CD, Helm, ApplicationSets, GitLab CI/CD, Kubernetes and more! Every command ran against a live cluster and every manifest applies and syncs.

Build it the hard way once, you finish with a working artifact; an automated GitOps pipeline you assembled yourself, running on infrastructure you provisioned, that you can explain piece by piece.

20% off with GITOPS20, through June 30 -> Get it on FAUN.sensei()

Have a great week,
Aymen.
 
 
🔍 Inside this Issue
 
 
npm is about to get a lot safer by default, and a few popular build assumptions are about to get very loud. On the other end of the spectrum: Git gets a Rust glow-up, SREs flirt with agents (with guardrails), and observability finally learns how to watch LLMs behave.

🧨 GitHub pulls pin on npm's auto-run scripts
🦀 Grit: rewriting Git in Rust with agents
🧯 How Google SRE is using agentic AI to improve operations
🔭 Observing LLM Applications with OpenTelemetry
🔒 Securing CI/CD for an open source project: Locking down dependencies

Take the safer defaults, keep the sharp tools.

Have a great week!
FAUN.dev() Team
 
 
⭐ Sponsors
 
bytevibe.co bytevibe.co
 
Kubectl - Developer T-Shirt
 
 
First thing you do on a fresh machine: alias k=kubectl

Second thing: buy the shirt.

"kubectl." The command you've typed more times than your own name. Now on 100% cotton, no side seams, runs true to size.

Buy now.
 
 
👉 Spread the word and help developers find you by promoting your projects on FAUN. Get in touch for more information.
 
🔗 Stories, Tutorials & Articles
 
blog.gitbutler.com blog.gitbutler.com
 
Grit: rewriting Git in Rust with agents
 
 
The creator of GitHub built Grit, a Rust reimplementation of Git as a library passing 99% of Git's test suite, paving the way for network efficient tools. But be cautious: while promising, Grit is not tested for production use and may still have bugs worth reporting for future improvements.
 
 
cncf.io cncf.io
 
Securing CI/CD for an open source project: Locking down dependencies
 
 
Cilium maintainers explain how they harden GitHub Actions and Go module dependencies with immutable references and trust checks during code review.
 
 
cloud.google.com cloud.google.com
 
How Google SRE is using agentic AI to improve operations
 
 
Google SRE authors argue that teams should use agentic AI across the reliability lifecycle and give agents clear controls and audit logs before they allow them to change production state.
 
 
theregister.com theregister.com
 
GitHub pulls pin on npm's auto-run scripts
 
 
GitHub plans to make npm install skip dependency lifecycle scripts by default in npm 12.

That affects scripts such as: preinstall, install, postinstall, prepare

The security gain is clear. The migration risk sits with packages that depend on install-time work, such as native module builds, generated files, or setup scripts.
 
 
signoz.io signoz.io
 
Observing LLM Applications with OpenTelemetry
 
 
The SigNoz team shows you how to use OpenTelemetry to observe an LLM application, including agent traces and guardrail failures.
 
 

👉 Got something to share? Create your FAUN Page and start publishing your blog posts, tools, and updates. Grow your audience, and get discovered by the developer community.

 
⚙️ Tools, Apps & Software
 
github.com github.com
 
trentas/ptop
 
 
Interactive TUI that uses eBPF to live-inspect any Linux process - CPU, syscalls, network, I/O, memory, threads, and file descriptors.
 
 
github.com github.com
 
eunomia-bpf/ActPlane
 
 
eBPF-Based Information Flow Policy Engine for AI Agent Harnesses
 
 
github.com github.com
 
ljtn/epiq
 
 
CLI based issue tracker TUI - distributed and backed by git
 
 
github.com github.com
 
qnxqnxqnx/mcp-ssh-interactive
 
 
An MCP (Model Context Protocol) server that enables AI agents to run fully interactive SSH sessions (via tmux) and execute commands like a human operator.
 
 
github.com github.com
 
falcosecurity/prempti
 
 
Falco-powered policy and visibility layer for AI coding agents
 
 

👉 Spread the word and help developers find and follow your Open Source project by promoting it on FAUN. Get in touch for more information.

 
🤔 Did you know?
 
 
Did you know that systemd, the program that starts and supervises services on most Linux systems, can restart a service that has silently frozen without ever crashing? With a setting called WatchdogSec, the service must send systemd a heartbeat at a fixed interval by calling sd_notify with the message "WATCHDOG=1". If that heartbeat stops arriving, systemd assumes the service is stuck, then kills and restarts it, with no external monitor or sidecar involved. It works in any language that can write to the notify socket, which makes it one of the simplest ways to turn a silent deadlock into a clean restart.
 
 
🤖 Once, SenseiOne Said
 
 
"In cloud ops, the more you automate, the less you can claim you understand. SRE is admitting this up front and then building systems that fail loudly, predictably, and with enough context to debug the automation you trusted."
SenseiOne
 

(*) SenseiOne is FAUN.dev’s work-in-progress AI agent

 
😂 Meme of the week
 
 
 
 
❤️ Thanks for reading
 
 
👋 Keep in touch and follow us on social media:
- 💼LinkedIn
- 📝Medium
- 🐦Twitter
- 👥Facebook
- 📰Reddit
- 📸Instagram

👌 Was this newsletter helpful?
We'd really appreciate it if you could forward it to your friends!

🙏 Never miss an issue!
To receive our future emails in your inbox, don't forget to add community@faun.dev to your contacts.

🤩 Want to sponsor our newsletter?
Reach out to us at sponsors@faun.dev and we'll get back to you as soon as possible.
 

DevOpsLinks #533: How Google SRE is Using Agentic AI to Improve Operations
Legend: ✅ = Editor's Choice / ♻️ = Old but Gold / ⭐ = Promoted / 🔰 = Beginner Friendly

You received this email because you are subscribed to FAUN.dev.
We (🐾) help developers (👣) learn and grow by keeping them up with what matters.

You can manage your subscription options here (recommended) or use the old way here (legacy). If you have any problem, read this or reply to this email.