SlideShare a Scribd company logo

JOIN 2022: Patching 3rd party software Like a boss

Download as PPTX, PDF
P
Pieter Vincken

The document discusses the automation of patching third-party software using tools like Renovate, Tekton, and ArgoCD. It covers the importance of updating dependencies for security and functionality, the processes involved in automating these updates, and showcases a demo project. Essential aspects include configuration, deployment practices, and building confidence in the update process.

Technology
Related topics:
CI/CDCloud Computing Insights
1 of 46
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
04/10/2022 PATCHING 3RD PARTY SOFTWARE LIKE A BOSS Using Renovate, Tekton and ArgoCD
2 WHO AM I? o Consultant at Ordina o Software architect & developer background o Interested in: Automation, public cloud in enterprises, hyperscale software o Company blog & LinkedIn
1. Why? 2. What? 3. How? 4. Demo Time! AGENDA
4 USING THE LATEST FEATURES Why?
5 PREVENTATIVE MAINTENANCE Upgrade from 6.8.21 to 8.0.1 or from 8.0.0 to 8.0.1
6 SECURITY VULNERABILITIES Log4Shell ring a bell
o Knowing when there is an update o Knowing what to update o Knowing how to update o Validate that the update works o Rollout to production 7 WHAT IS NEEDED
8 HOW DOES IT WORK
9 THE PROCESS
10 THE PROCESS
11 HOW DOES IT WORK Java project repo/ ├─ src/ ├─ Dockerfile ├─ pom.xml
12 HOW DOES IT WORK Java project Docker: amazoncorretto:18.0.0 Maven: org.apache.logging.log4j:log4j-core:2.12.2
13 HOW DOES IT WORK Java project Docker: amazoncorretto:18.0.0 Maven: org.apache.logging.log4j:log4j-core:2.12.2 amazoncorretto:18.0.1 org.apache.logging.log4j:log4j-core:2.18.0
14 HOW DOES IT WORK Java project Docker: amazoncorretto:18.0.0 -> 18.0.1 Maven: org.apache.logging.log4j:log4j-core:2.12.2 -> 2.18.0
15 HOW DOES IT WORK Java project Docker: amazoncorretto:18.0.0 -> 18.0.1 Maven: org.apache.logging.log4j:log4j-core:2.12.2 -> 2.18.0 PR: amazoncorretto: 18.0.1 PR: log4j: 2.18.0
16 HOW DOES IT WORK Java project PR: amazoncorretto: 18.0.1 PR: log4j: 2.18.0 Build: amazoncorretto: 18.0.1 Build: log4j: 2.18.0
17 HOW DOES IT WORK Java project PR: log4j: 2.18.0
18 HOW DOES IT WORK DONE!? Coffee time!
19 HOW DOES IT WORK DONE!? Coffee time!
20 HOW DOES IT WORK
21 HOW DOES IT WORK
22 HOW DOES RENOVATE WORK Deployment deploy-repo/ ├─ resources/ │ ├─ deployment.yaml ├─ configs/ │ ├─ service.properties ├─ kustomization.yaml
23 HOW DOES RENOVATE WORK Deployment apiVersion: apps/v1 kind: Deployment metadata: name: my-awesome-service spec: selector: matchLabels: app: my-awesome-service template: metadata: labels: app: my-awesome-service spec: containers: - name: my-awesome-service image: my-awesome-service:0.0.0
24 HOW DOES RENOVATE WORK Deployment apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - resources/deployment.yaml - https://github.com/pietervincken/my-other-service?ref=0.0.0
25 HOW DOES RENOVATE WORK Deployment Kubernetes: image: pietervincken/my-java-service:0.0.0 Kustomize: resource: github.com/pietervincken/my-other-service:0.0.0
26 HOW DOES RENOVATE WORK Deployment Kubernetes: image: pietervincken/my-java-service:0.0.0 Kustomize: resource: github.com/pietervincken/my-other-service:0.0.0
HOW DOES RENOVATE WORK Deployment Kubernetes: image: pietervincken/my-java-service:0.0.0 -> 0.0.1 Kustomize: resource: github.com/pietervincken/my-other-service:0.0.0 -> 0.1.0 27
HOW DOES RENOVATE WORK Deployment my-java-service:0.0.0 -> 0.0.1 my-other-service:0.0.0 -> 0.1.0 PR: my-java-service: 0.0.1 PR: my-other-service: 0.1.0 28
HOW DOES RENOVATE WORK Deployment PR: my-java-service: 0.0.1 PR: my-other-service: 0.1.0 29
30 HOW DOES IT WORK DONE!? Coffee time!
31 HOW DOES IT WORK DONE!? Coffee time!
32 HOW DOES IT WORK
33 HOW DOES IT WORK
HOW DOES IT WORK Deployment Kubernetes: image: pietervincken/my-java-service:0.0.1 Kustomize: resource: github.com/pietervincken/my-other-service:0.1.0 34
HOW DOES IT WORK Deployment Kubernetes: image: pietervincken/my-java-service:0.0.1 Kustomize: resource: github.com/pietervincken/my-other-service:0.1.0 Repository changed 35
HOW DOES IT WORK Deployment Build kustomization 36
HOW DOES IT WORK Deployment Apply changes 37
38 HOW DOES IT WORK
39 HOW DOES IT WORK DONE! Succes!
40 DEMO TIME
o Inform about the update o Build confidence in update sources o Docker hub o Maven central o Internal sources o Start with low impact o Limit amount of concurrent updates 41 CONVINCE THE BRASS Baby steps
42 CUSTOMIZE IT It’s all just config
• Conventional commits • At least semver based tags • Good automated testing • -> high level of confidence for auto-merge • Clear deployment process to (pre-) production • Automation and configuration as code are key 43 NOT REQUIRED, BUT GOOD TO HAVE
• Renovate Github • ArgoCD documentation • Tekton documentation • Tekline: Pipeline as code solution for tekton • Demo project • Ordina JWorks 44 RESOURCES
45
PIETER VINCKEN COMPETENCE LEAD CLOUD T +32 (0)15 29 58 58 E pieter.vincken@ordina.be

More Related Content

PDF
Red Hat Forum Benelux 2015
Microsoft
 
PPTX
[Devopsdays2021] Roll Your Product with Kaizen Culture
Woohyeok Kim
 
PDF
給 RD 的 Kubernetes 初體驗
William Yeh
 
PPTX
Use GitLab with Chaos Engineering to Harden your Applications + OpenEBS 1.3 ...
MayaData Inc
 
PDF
JDD2015: Kubernetes - Beyond the basics - Paul Bakker
PROIDEA
 
PPTX
DevOps with Kubernetes and Helm - Jenkins World Edition
Jessica Deen
 
PDF
Microservices in Java
Anatole Tresch
 
PDF
Best devops course syllabus pdf 2025.pdf
mayra0232020
 
Red Hat Forum Benelux 2015
Microsoft
 
[Devopsdays2021] Roll Your Product with Kaizen Culture
Woohyeok Kim
 
給 RD 的 Kubernetes 初體驗
William Yeh
 
Use GitLab with Chaos Engineering to Harden your Applications + OpenEBS 1.3 ...
MayaData Inc
 
JDD2015: Kubernetes - Beyond the basics - Paul Bakker
PROIDEA
 
DevOps with Kubernetes and Helm - Jenkins World Edition
Jessica Deen
 
Microservices in Java
Anatole Tresch
 
Best devops course syllabus pdf 2025.pdf
mayra0232020
 

Similar to JOIN 2022: Patching 3rd party software Like a boss (20)

PDF
Mihai Criveti - PyCon Ireland - Automate Everything
Mihai Criveti
 
PDF
Effective Platform Building with Kubernetes. Is K8S new Linux?
Wojciech Barczyński
 
PDF
Effective Kubernetes - Is Kubernetes the new Linux? Is the new Application Se...
Wojciech Barczyński
 
PDF
Docker and Cloud - Enables for DevOps - by ACA-IT
Stijn Wijndaele
 
PDF
'DOCKER' & CLOUD: ENABLERS For DEVOPS
ACA IT-Solutions
 
PDF
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
Cloud Native NoVA
 
PDF
Containerizing your Security Operations Center
Jimmy Mesta
 
PDF
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
Altinity Ltd
 
PDF
Chicago Docker Meetup Presentation - Mediafly
Mediafly
 
PDF
Openshift cheat rhce_r3v1 rhce
Darnette A
 
PPTX
Visual Studio 2017 - Montreal Launch Event
Guy Barrette
 
PDF
Zero downtime-java-deployments-with-docker-and-kubernetes
Arjan Schaaf
 
PDF
Kubernetes x PaaS – コンテナアプリケーションのNoOpsへの挑戦
Yoichi Kawasaki
 
PDF
The DevOps paradigm - the evolution of IT professionals and opensource toolkit
Marco Ferrigno
 
PDF
The DevOps Paradigm
NaLUG
 
PDF
Kubernetes_Webinar_Slide_Deck.pdf
AuliaFebrian2
 
PDF
Cloud-native .NET Microservices mit Kubernetes
QAware GmbH
 
PDF
PVS-Studio in the Clouds: Travis CI
Andrey Karpov
 
PDF
How to Dockerize Web Application using Docker Compose
Evoke Technologies
 
PDF
Can I Contain This?
Eficode
 
Mihai Criveti - PyCon Ireland - Automate Everything
Mihai Criveti
 
Effective Platform Building with Kubernetes. Is K8S new Linux?
Wojciech Barczyński
 
Effective Kubernetes - Is Kubernetes the new Linux? Is the new Application Se...
Wojciech Barczyński
 
Docker and Cloud - Enables for DevOps - by ACA-IT
Stijn Wijndaele
 
'DOCKER' & CLOUD: ENABLERS For DEVOPS
ACA IT-Solutions
 
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
Cloud Native NoVA
 
Containerizing your Security Operations Center
Jimmy Mesta
 
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
Altinity Ltd
 
Chicago Docker Meetup Presentation - Mediafly
Mediafly
 
Openshift cheat rhce_r3v1 rhce
Darnette A
 
Visual Studio 2017 - Montreal Launch Event
Guy Barrette
 
Zero downtime-java-deployments-with-docker-and-kubernetes
Arjan Schaaf
 
Kubernetes x PaaS – コンテナアプリケーションのNoOpsへの挑戦
Yoichi Kawasaki
 
The DevOps paradigm - the evolution of IT professionals and opensource toolkit
Marco Ferrigno
 
The DevOps Paradigm
NaLUG
 
Kubernetes_Webinar_Slide_Deck.pdf
AuliaFebrian2
 
Cloud-native .NET Microservices mit Kubernetes
QAware GmbH
 
PVS-Studio in the Clouds: Travis CI
Andrey Karpov
 
How to Dockerize Web Application using Docker Compose
Evoke Technologies
 
Can I Contain This?
Eficode
 
Ad

Recently uploaded (20)

PPTX
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
PPTX
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
project resource management chapter-09.pdf
ssuser00e6e21
 
PDF
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
PDF
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
PDF
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PPTX
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
PDF
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
PDF
Hybrid model detection and classification of lung cancer
IAESIJAI
 
PPTX
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
PPTX
Chapter 5: Probability Theory and Statistics
RandyFin
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
Approach and Philosophy of On baking technology
30anthuong17
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
project resource management chapter-09.pdf
ssuser00e6e21
 
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
Hybrid model detection and classification of lung cancer
IAESIJAI
 
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
Chapter 5: Probability Theory and Statistics
RandyFin
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Ad

JOIN 2022: Patching 3rd party software Like a boss

  • 1. 04/10/2022 PATCHING 3RD PARTY SOFTWARE LIKE A BOSS Using Renovate, Tekton and ArgoCD
  • 2. 2 WHO AM I? o Consultant at Ordina o Software architect & developer background o Interested in: Automation, public cloud in enterprises, hyperscale software o Company blog & LinkedIn
  • 3. 1. Why? 2. What? 3. How? 4. Demo Time! AGENDA
  • 4. 4 USING THE LATEST FEATURES Why?
  • 5. 5 PREVENTATIVE MAINTENANCE Upgrade from 6.8.21 to 8.0.1 or from 8.0.0 to 8.0.1
  • 7. o Knowing when there is an update o Knowing what to update o Knowing how to update o Validate that the update works o Rollout to production 7 WHAT IS NEEDED
  • 11. 11 HOW DOES IT WORK Java project repo/ ├─ src/ ├─ Dockerfile ├─ pom.xml
  • 12. 12 HOW DOES IT WORK Java project Docker: amazoncorretto:18.0.0 Maven: org.apache.logging.log4j:log4j-core:2.12.2
  • 13. 13 HOW DOES IT WORK Java project Docker: amazoncorretto:18.0.0 Maven: org.apache.logging.log4j:log4j-core:2.12.2 amazoncorretto:18.0.1 org.apache.logging.log4j:log4j-core:2.18.0
  • 14. 14 HOW DOES IT WORK Java project Docker: amazoncorretto:18.0.0 -> 18.0.1 Maven: org.apache.logging.log4j:log4j-core:2.12.2 -> 2.18.0
  • 15. 15 HOW DOES IT WORK Java project Docker: amazoncorretto:18.0.0 -> 18.0.1 Maven: org.apache.logging.log4j:log4j-core:2.12.2 -> 2.18.0 PR: amazoncorretto: 18.0.1 PR: log4j: 2.18.0
  • 16. 16 HOW DOES IT WORK Java project PR: amazoncorretto: 18.0.1 PR: log4j: 2.18.0 Build: amazoncorretto: 18.0.1 Build: log4j: 2.18.0
  • 17. 17 HOW DOES IT WORK Java project PR: log4j: 2.18.0
  • 18. 18 HOW DOES IT WORK DONE!? Coffee time!
  • 19. 19 HOW DOES IT WORK DONE!? Coffee time!
  • 22. 22 HOW DOES RENOVATE WORK Deployment deploy-repo/ ├─ resources/ │ ├─ deployment.yaml ├─ configs/ │ ├─ service.properties ├─ kustomization.yaml
  • 23. 23 HOW DOES RENOVATE WORK Deployment apiVersion: apps/v1 kind: Deployment metadata: name: my-awesome-service spec: selector: matchLabels: app: my-awesome-service template: metadata: labels: app: my-awesome-service spec: containers: - name: my-awesome-service image: my-awesome-service:0.0.0
  • 24. 24 HOW DOES RENOVATE WORK Deployment apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - resources/deployment.yaml - https://github.com/pietervincken/my-other-service?ref=0.0.0
  • 25. 25 HOW DOES RENOVATE WORK Deployment Kubernetes: image: pietervincken/my-java-service:0.0.0 Kustomize: resource: github.com/pietervincken/my-other-service:0.0.0
  • 26. 26 HOW DOES RENOVATE WORK Deployment Kubernetes: image: pietervincken/my-java-service:0.0.0 Kustomize: resource: github.com/pietervincken/my-other-service:0.0.0
  • 27. HOW DOES RENOVATE WORK Deployment Kubernetes: image: pietervincken/my-java-service:0.0.0 -> 0.0.1 Kustomize: resource: github.com/pietervincken/my-other-service:0.0.0 -> 0.1.0 27
  • 28. HOW DOES RENOVATE WORK Deployment my-java-service:0.0.0 -> 0.0.1 my-other-service:0.0.0 -> 0.1.0 PR: my-java-service: 0.0.1 PR: my-other-service: 0.1.0 28
  • 29. HOW DOES RENOVATE WORK Deployment PR: my-java-service: 0.0.1 PR: my-other-service: 0.1.0 29
  • 30. 30 HOW DOES IT WORK DONE!? Coffee time!
  • 31. 31 HOW DOES IT WORK DONE!? Coffee time!
  • 34. HOW DOES IT WORK Deployment Kubernetes: image: pietervincken/my-java-service:0.0.1 Kustomize: resource: github.com/pietervincken/my-other-service:0.1.0 34
  • 35. HOW DOES IT WORK Deployment Kubernetes: image: pietervincken/my-java-service:0.0.1 Kustomize: resource: github.com/pietervincken/my-other-service:0.1.0 Repository changed 35
  • 36. HOW DOES IT WORK Deployment Build kustomization 36
  • 37. HOW DOES IT WORK Deployment Apply changes 37
  • 39. 39 HOW DOES IT WORK DONE! Succes!
  • 41. o Inform about the update o Build confidence in update sources o Docker hub o Maven central o Internal sources o Start with low impact o Limit amount of concurrent updates 41 CONVINCE THE BRASS Baby steps
  • 43. • Conventional commits • At least semver based tags • Good automated testing • -> high level of confidence for auto-merge • Clear deployment process to (pre-) production • Automation and configuration as code are key 43 NOT REQUIRED, BUT GOOD TO HAVE
  • 44. • Renovate Github • ArgoCD documentation • Tekton documentation • Tekline: Pipeline as code solution for tekton • Demo project • Ordina JWorks 44 RESOURCES
  • 45. 45
  • 46. PIETER VINCKEN COMPETENCE LEAD CLOUD T +32 (0)15 29 58 58 E pieter.vincken@ordina.be

Editor's Notes

  • #5: https://www.dutchnews.nl/news/2022/05/mark-rutte-deleted-text-messages-from-his-old-nokia-daily-vk/ https://thefintechtimes.com/onepoll-how-outdated-technology-affects-working-from-home-productivity/ https://techtalk.currys.co.uk/computing/workplace-productivity/
  • #6: Example of Log4Shell / Log4J vulnerabilty TODO Embracing updates and upgrading frequently allow for small changes And very little effort to update. Big bang upgrades are costly.
  • #7: TODO Upgrading is inevitable. Having an (automated) process in place is key https://www.comparitech.com/blog/information-security/cybersecurity-vulnerability-statistics/ https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components/ Too this day, still unpatched log4shell systems available…
  • #8: Renovate -> not only what to update but also how -> Changelog!
  • #12: Dependency detection: https://docs.renovatebot.com/modules/manager/ Supported repository systems https://docs.renovatebot.com/#supported-platforms Renovate: Scans your repositories to detect package files and their dependencies Checks if any newer versions exist Raises Pull Requests for available updates
  • #13: Fictive example!
  • #14: Fictive example!
  • #15: Fictive example!
  • #16: Fictive example!
  • #17: Fictive example!
  • #18: You can allow Renovate to merge automatically on successful builds, but in general and definitely when starting to use this, you’ll merge these PRs by hand.
  • #19: Grab a coffee and scroll through some Reddit posts about how automation makes your life easy!
  • #20: Fictive example!
  • #23: Dependency detection: https://docs.renovatebot.com/modules/manager/ Docker-compose, Ansible, Kubernetes, Flux, Helm, kustomize, Terraform, Tekton(?!?) Supported repository systems https://docs.renovatebot.com/#supported-platforms Github, Bitbucket, Gitlab, … Renovate: Scans your repositories to detect package files and their dependencies Checks if any newer versions exist Raises Pull Requests for available updates
  • #26: Dependency detection: https://docs.renovatebot.com/modules/manager/ Supported repository systems https://docs.renovatebot.com/#supported-platforms Renovate: Scans your repositories to detect package files and their dependencies Checks if any newer versions exist Raises Pull Requests for available updates
  • #27: Dependency detection: https://docs.renovatebot.com/modules/manager/ Supported repository systems https://docs.renovatebot.com/#supported-platforms Renovate: Scans your repositories to detect package files and their dependencies Checks if any newer versions exist Raises Pull Requests for available updates
  • #28: Dependency detection: https://docs.renovatebot.com/modules/manager/ Supported repository systems https://docs.renovatebot.com/#supported-platforms Renovate: Scans your repositories to detect package files and their dependencies Checks if any newer versions exist Raises Pull Requests for available updates
  • #29: Dependency detection: https://docs.renovatebot.com/modules/manager/ Supported repository systems https://docs.renovatebot.com/#supported-platforms Renovate: Scans your repositories to detect package files and their dependencies Checks if any newer versions exist Raises Pull Requests for available updates
  • #30: Either automated or manually Moves through your normal development process E.g. deploy it to a development environment first. After that’s validated, merge to main for production Prevent copy paste errors by allowing renovate to update the different environment repositories
  • #31: Fictive example!
  • #32: Fictive example!
  • #35: Dependency detection: https://docs.renovatebot.com/modules/manager/ Supported repository systems https://docs.renovatebot.com/#supported-platforms Renovate: Scans your repositories to detect package files and their dependencies Checks if any newer versions exist Raises Pull Requests for available updates
  • #36: Dependency detection: https://docs.renovatebot.com/modules/manager/ Supported repository systems https://docs.renovatebot.com/#supported-platforms Renovate: Scans your repositories to detect package files and their dependencies Checks if any newer versions exist Raises Pull Requests for available updates
  • #37: Dependency detection: https://docs.renovatebot.com/modules/manager/ Supported repository systems https://docs.renovatebot.com/#supported-platforms Renovate: Scans your repositories to detect package files and their dependencies Checks if any newer versions exist Raises Pull Requests for available updates
  • #38: yaml file extension by Grafix Point from https://thenounproject.com/browse/icons/term/yaml-file-extension ArgoCD performs API calls based on the YAML it has generated.
  • #40: The only 2 manual actions we had to do was merge 2 PRs. Everything else was automated.
  • #42: Outdated versions Security vulnerabilties Only update when new feature needed Update all depedencies at once -> not a good idea Small updates, validated, one by one -> way to go
  • #43: Possibility to limit type of updates Major / minor / patch Limit what to update In/exclude update sources (E.g. only internal container registry) Auto-merge trusted sources E.g. in-house maintained libraries Auto-merge low impact targets E.g. supporting application Limit number of PRs Grouping similar updates Limiting PRs by design Custom/additional upgrade steps through scripts
  • #46: Zalando’s, Netflixes and Tesla’s of the world are build to change. The fast moving companies are able to adapt quickly and efficiently The key to move fast is to often in small steps. Big leaps rarely work out.