Newslurp

<< Stories

AI DevOps ✨, Internal Developer Platforms 🧱, Cloudflare’s Python Workflows 🐍

TLDR DevOps <dan@tldrnewsletter.com>

November 21, 12:10 pm

TLDR DevOps
DevOps transformed software development by proving that speed and quality can coexist, driving widespread adoption of automation β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ  β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ 

TLDR

Together With Wiz

TLDR DevOps 2025-11-21

Secrets Security Cheat Sheet: From Sprawl to Control (Sponsor)

Whether you're cleaning up old keys or setting guardrails for AI-generated code, this guide helps your team build securely from the start.

You'll learn:

  • 7 best practices to discover, validate, and protect secrets across your SDLC
  • Real-world examples and ready-to-use GitHub + Gitleaks snippets
  • Tips for assigning ownership and fixing issues directly in code
  • Guidance to secure vaults without slowing developers down

Cut through the noise, identify what matters, and build guardrails that prevent future leaks.

Get the cheat sheet

πŸ“±

News & Trends

Introducing flat-rate pricing plans with no overages (5 minute read)

Flat-rate pricing plans for website delivery and security with no overages are now available on Amazon CloudFront, combining global content delivery (CDN) with AWS services into monthly tiers of Free, Pro, Business, and Premium ($0 to $1,000/month). Each plan includes a CloudFront distribution with one domain. Accounts can have up to 100 plans total.
Monitor network performance and traffic across your EKS clusters with Container Network Observability (4 minute read)

Amazon EKS has announced Container Network Observability, a feature that helps users monitor network performance and traffic patterns within their Kubernetes deployments. The new tool provides enhanced visibility of workload traffic, performance insights into network flows, and features like service maps and flow tables for troubleshooting. Users can enable Container Network Observability for new or existing EKS clusters, with performance metrics, service maps, and flow tables enabled by Amazon CloudWatch Network Flow Monitor.
πŸš€

Opinions & Tutorials

The AI Gold Rush Is Forcing Us to Relearn a Decade of DevOps Lessons (4 minute read)

DevOps transformed software development by proving that speed and quality can coexist, driving widespread adoption of automation, continuous testing, and shared responsibility. The rise of AI is eroding this balance as leadership pressure for rapid deployment outpaces quality assurance, leaving most companies struggling with failures, skill gaps, and a culture of blame instead of building the infrastructure needed to sustain safe, high-velocity innovation.
How to set up an Internal Developer Platform: An implementation guide (8 minute read)

This post outlines a four-phase framework for successfully implementing an Internal Developer Platform (IDP) within eight weeks that emphasizes an MVP-first approach to prove value quickly. Teams are guided to strategically select a pioneering team, implement self-service patterns, and avoid common pitfalls, focusing on the backend infrastructure before considering a portal. The framework includes an 8-week MVP, an 8-week Production Readiness Program, and an Adoption Program, with technical, business, and security tracks running in parallel.
πŸ§‘β€πŸ’»

Resources & Tools

OpenTelemetry For Dummies: Dash0 Special Edition (Sponsor)

Traditional monitoring makes you chase symptoms. OpenTelemetry for Dummies reveals how OpenTelemetry-native observability helps you trace issues end-to-end and fix them faster.

Stop scrambling for answersβ€”download the free ebook.
Memori (GitHub Repo)

Memori, an open-source SQL-Native memory engine, allows LLMs to remember conversations and maintain context using standard SQL databases with the simple addition of "memori.enable()". The tool works with existing SQL databases and LLM frameworks through LiteLLM's callback system, using modes like Conscious, Auto, and Combined for context injection and recording.
Openspec (GitHub Repo)

OpenSpec aligns AI coding assistants and human developers with spec-driven development so teams can agree on what to build before writing code. The framework adds a specification workflow that locks intent before implementation, ensuring deterministic and reviewable outputs without needing API keys.
🎁

Miscellaneous

A closer look at Python Workflows, now in beta (5 minute read)

Cloudflare has introduced Python Workflows, bringing full parity with JavaScript Workflows and enabling developers to build multi-step applications directly in Python on Cloudflare Workers. Workflows automate sequences of idempotent steps with built-in retries, durable state, and error handling, which now leverage Python's strength in data pipelines, AI/ML orchestration, and task automation.
3 strategies that reduce security friction in developer workflows (6 minute read)

Security is evolving from control to collaboration by embedding safeguards directly into developer workflows through automation and real-time feedback. Teams can reduce friction by integrating early security scanning in developer tools, replacing enforcement with in-workflow enablement, and building continuous visibility through IDE guidance, ecosystem monitoring, and centralized secrets management.
External Secrets Inc. is winding down operations... but we have exciting news to share! (2 minute read)

External Secrets Inc. is shutting down but has open-sourced its proprietary code under the MIT license, including tech for managing Non-Human Identity (#NHI) Credentials. The company hopes its work will benefit the community for years to come. Its open-source repositories can be found on GitHub.
⚑

Quick Links

How Uber migrated 1M lines of JUnit 4 tests to JUnit 5 in just two weeks (Sponsor)

4,000 pull requests in two weeks? Uber's platform engineering team pulled it off with OpenRewrite, Shepherd, and AI-driven static analysis. Hear how at this Moderne webinar. Save your seat
How Falco and Stratoshark close the gap between open source runtime detection and deep forensic analysis (4 minute read)

Falco and Stratoshark now integrate to bridge the gap between real-time runtime threat detection and deep forensic analysis in open source environments.
How to Choose an AI SRE Solution (6 minute read)

The expanding AI SRE market demands careful evaluation of solutions that balance innovation with enterprise reliability, integration breadth, and continuous learning.
Grafana 12.3 release: Interactive learning experiences, new and improved logs visualizations, and more (11 minute read)

Grafana 12.3 has new features focused on easier data exploration, including interactive learning resources within the platform, a rebuilt logs visualization, and the ability to export dashboards as PNG images.

Love TLDR? Tell your friends and get rewards!

Share your referral link below with friends to get free TLDR swag!
https://refer.tldr.tech/fc7198a6/10
Track your referrals here.

Want to advertise in TLDR? πŸ“°

If your company is interested in reaching an audience of devops professionals and decision makers, you may want to advertise with us.

Want to work at TLDR? πŸ’Ό

Apply here or send a friend's resume to jobs@tldr.tech and get $1k if we hire them!

If you have any comments or feedback, just respond to this email!

Thanks for reading,
Kunal Desai & Martin Hauskrecht


Manage your subscriptions to our other newsletters on tech, startups, and programming. Or if TLDR DevOps isn't for you, please unsubscribe.