Need advice on deployment and dev ops

Built a simple wrapper around chatgpt for an internal audit my company and now they want it deployed company wide. I’ve never deployed something at a company, never even knew what a Linux box was until my IT team asked if I would be able to manage it which I obviously said yes too.

Looking for advice on how to best host and deploy because I’m going to have to be the one to manage it.

I have a python app wrapped in a fast api, that sends PDFs to OpenAI api for analysis and then returns the response on a basic streamlit UI. 2000-4000 6-10 page PDFs needs to be run through it monthly at scale. What’s the best way to get there. I’ve used render, but only on the free plan to demo it, now I’m pretty lost.

Any help would be great! My outsourced IT team says the solution is a Linux box which will take 10-14 days to set up. Company is ~90mm ARR, 300 employees.

I have no formal swe experience, I still have to ask the AI in cursor to run the commands to push things to GitHub. Please explain like I have basic knowledge, I will look up anything I don’t know.

https://redd.it/1oopug3
@r_devops

Insecure Direct Object References (IDOR): The $1 Billion Authorization Bug 🔢

https://instatunnel.my/blog/insecure-direct-object-references-idor-the-1-billion-authorization-bug

https://redd.it/1oossag
@r_devops

I wrote zigit, a tiny C program to download GitHub repos at lightning speed using aria2c

Hey everyone!
I recently made a small C tool called zigit — it’s basically a super lightweight alternative to git clone when you only care about downloading the latest source code and not the entire commit history.

zigit just grabs the ZIP directly from GitHub’s codeload endpoint using aria2c, which supports parallel and segmented downloads.

Check it out at : https://github.com/STRTSNM/zigit/

https://redd.it/1oownb2
@r_devops

Stateful or Stateless IaC?

I've been debating this topic relentlessly. What is better? Infra as Code, which maintains states or stateless that work directly with the resources?

View Poll

https://redd.it/1ooxi57
@r_devops

Feedback

We’re two founders building an AI system that automatically detects, predicts and fixes website/app errors in real time, think Tesla Autopilot for debugging in DevOps. 

We’d love to learn from you, engineers, founders or DevOps folks for 10 minutes about how you currently debug issues. 

Not selling anything, just trying to validate if this could save teams a significant amount time. 

Happy to share a summary of what we learn + offer early access! 

https://calendly.com/aarittaparia/30min 

If you don’t have time, we would appreciate if you could fill this form: https://rc60edu0zkd.typeform.com/to/YixyC7S7 

Thanks so much! 

https://redd.it/1ooyk0s
@r_devops

Any tips on places where i can train as aspiring devops?

Hi, currently working in small company and finishing my college degree in few months.

I got interested in devops around half year ago and trained linux, git, github, github actions + Jenkins, docker hub. Built pipelines on simple projets, even did some tests.
Also got my hands on deployment with kubctl but there is a lot i have to learn yet.

Back to the question. Coders have codewars and leetcode. I wonder if there is any site for devops?
I found Qwiklabs for GCP however i was wondering what about the rest? Like solving problems or using part of the knowledge to try fixing something more difficult?

I kind of want commercial experience..

https://redd.it/1oozs5r
@r_devops

Live Coding session for the community. Who is in? (Beginners friendly)

Wanted to give something back to the tech community, so I’ll be hosting a live coding session with cameras and mics on. Been coding for 12+ years, and the last 3 fully into AI.

We’ll code together, learn, talk about workflows, answer questions, and just have fun with it.

Tech stack (most probably):

n8n
Airtable
Apify
OpenRouter

Interested in joining?
Drop a comment saying interested or whatever you want <3
=> We’re organizing everything in a WhatsApp group to pick the best time.

Oh and yeah… the call is FREE of course.

P.S. - yesterday’s session was f****ing amazing and super fun :-)

Talk soon,
GG

https://redd.it/1op040q
@r_devops

Reduce CI CD pipeline time strategies that actually work? Ours is 47 min and killing us!

Need serious advice because our pipeline is becoming a complete joke. Full test suite takes 47 minutes to run which is already killing our deployment velocity but now we've also got probably 15 to 20% false positive failures.

Developers have started just rerunning failed builds until they pass which defeats the entire purpose of having tests. Some are even pushing directly to production to avoid the ci wait time which is obviously terrible but i also understand their frustration.

We're supposed to be shipping multiple times daily but right now we're lucky to get one deploy out because someone's waiting for tests to finish or debugging why something failed that worked fine locally.

I've tried parallelizing the test execution but that introduced its own issues with shared state and flakiness actually got worse. Looked into better test isolation but that seems like months of refactoring work we don't have time for.

Management is breathing down my neck about deployment frequency dropping and developer satisfaction scores tanking. I need to either dramatically speed this up or make the tests way more reliable, preferably both.

How are other teams handling this? Is 47 minutes normal for a decent sized app or are we doing something fundamentally wrong with our approach?

https://redd.it/1op2qri
@r_devops

Building control planes is part of devops

Hi all,

I'm a developer who loves operations. My take on DevOps is that any GitOps solution based on Terraform or Ansible could become a control plane. I think we should write our own control planes instead of gluing together off-the-shelf products, and DevOps engineers are developers with a broader understanding compared to backend engineers.

I've written a library in Clojure to prove my point, and this blog article outlines it.

https://bigconfig.it/blog/demystifying-the-control-plane-the-easy-upgrade-path-from-gitops-with-bigconfig/

https://redd.it/1oozepi
@r_devops

Terraform AWS "Bootstrap" Project

So i've seen a few people recommend a module or separate project that handles "bootstraping" Terraform. I'm still new to TF but from my understanding this would set a local state and create resources when you then migrate the local state to.

What would be a minimal example for this needed? I'm trying to sort of create a "base" bootstrap project for Terraform and AWS.

Seems like for a "base" level module I would only need the s3 resource for storing state, but I am sure there is more I am missing that would be "good to have".

I haven't really used modules, but I am guessing I could use them in some fashion to have a sort of "template" for different aws resources? (IE: I have 4-5 different .net projects that can use the same module?)

Thanks

https://redd.it/1op6xci
@r_devops

Terraform code review tool github

Hi Experts,
Are you using any tool which auto reviews the terraform code? Since our team is growing and lot of changes are coming in daily, I am looking for a free tool which can be integrated with github actions that auto reviews and comment on my PR.

Right now I am trying windsurf bot, since its already been used by developers. Works ok but not the best.

If you all are using any, what are those?


https://redd.it/1op7h8b
@r_devops

PyPIPlus.com 2.0 — explore Python packages better: full dependency trees, reverse dependents, OSV CVEs, licenses, offline bundles

I built **PyPIPlus.com** a tool to explore Python packages in depth and I’d love your feedback. In the past, two of my posts about this project went viral, and the feedback from the community helped shape it into what it is today.

Below is what the site currently does: **PyPIPlus.com** can be used to check a python package dependencies (incl. extras), reverse dependents, OSV CVEs, licenses, health score, purity, and to generate offline ready to install bundles.

Dependency tree: direct + transitive deps, extras, env markers
Reverse dependents: what other packages use this package
Security: OSV CVEs per version, affected/fixed ranges, CSV exports/copy
Licenses: per package and each sub-dependancy in a full tree view
Health score: 0–100 + A–F (last updates, security vuln, docs, etc.. )
Purity: pure-Python vs compiled via analysis wheel tags/build metadata (only marked pure python if the package and all dependancies are pure)
Offline bundles: all wheels + SBOM + licenses, reproducible and air-gapped

Bundle contents:

wheels/ → all dependency wheels
requirements.txt → pinned versions
install.py → universal installer (Windows/macOS/Linux)
sbom.cdx.json → CycloneDX SBOM for security scans
LICENSES.md → license summary for all packages
NOTICE → attribution (when required)

Install: `python` [`install.py`](http://install.py)
Scan: `osv-scanner --sbom sbom.cdx.json`

Live: [https://pypiplus.com](https://pypiplus.com)
Example (flask v2.3.1): [https://pypiplus.com/project/flask/2.3.1/](https://pypiplus.com/project/flask/2.3.1/)

Previous Posts:

If you’re new to the project:

I made PyPIPlus.com — a faster way to see all dependencies of any Python package


P.S: I hope I've added enough value in this project to be useful, my last attempt at sharing it in r/devops received some rough audience. Regardless, any feedback is better than no feedback.

https://redd.it/1op61jy
@r_devops

Demo Day (feat. Murphy’s Law)

This happened to me mere hours ago. Three hours before a feature demo, I did the usual prep and deployed the app to our IDP-enabled namespace. IDP was down.
I pinged the teammate who owns it; they kicked off a fresh rollout. While that was happening, we found out another team had quietly added new namespace restrictions. Few extra steps we didn’t know about. So my teammate went hunting for the docs.
As a contingency plan, my lead shared a kubeconfig for another cluster with an IDP-enabled namespace. Switched over, tried again… IDP problems there too.
Forty-five minutes to go, and the original namespace came back up with the support services. I deployed immediately only for the deployment to fail. Same version I’ve shipped many times. Logs were of no help either. Quick triage and there it was: values drift. Someone had changed the deployment values. I reverted, redeployed, everything turned green. Ten minutes before the demo, I was finally ready.

Then the meeting got postponed.

Murphy’s Law didn’t write code today, but it definitely sat in on the stand-up.

https://redd.it/1opaw04
@r_devops

Anyone else drowning in static-analysis false positives?

We’ve been using multiple linters and static tools for years. They find everything from unused imports to possible null dereference, but 90% of it isn’t real. Devs end up ignoring the reports, which defeats the point. Is there any modern tool that actually prioritizes meaningful issues?

https://redd.it/1opdlhz
@r_devops

SCM to Devops?

Hello, I (24m) graduated last december from university with a supply chain and logistics management degree. I took a job with Enterprise as a Management Trainee purely for the money. I am looking to learn a new hard skill, that I could pursue to specialize myself in someway. Graduated with the intention of getting into procurement, but a month after I graduated I took the AWS cloud practitioner essentials and cloud interested me. I read online how Dev-ops is like digital supply chain, given how the main objective is making sure things run smoothly and efficiently.
Planned on taking the essentials again to then take the practitioner exam. Thoughts?


https://redd.it/1opkg3y
@r_devops

Looking for DevOps/SRE/Platform Engineer opportunities since past 3 months

Im a DevOps / Sre Engg looking for a switch in organisation since past 3 months and there has been hardly any calls (2-3 calls at max) and these calls also get turned away after hearing about my 90 days NP or 2 interviews which I cleared were offering only a mere 30% hike which I think I way below par for my current CTC. also I have seen the requirements have got very specific with tools even though you explain them some other tool does the same thing,
Also what should be the avg CTC for DevOps, SRE, Platform roles for 6 YOE???

My experience and expertise include - AWS Cloud, Jenkins, GitHub actions, Ansible, Python, bash, Monitoring and dashboard with Cloudwatch (self study of Prometheus+Grafana), K8 (ECS, EKS) experience is limited to 10-12 months

I would be happy to share my resume anonymously for some reviews.
Are there no jobs in the market or am I following a wrong path? Need suggestions/guidance.

https://redd.it/1opmflj
@r_devops

Datadog question - split Jenkins job name on "/"?

I'm using the Jenkins plugin to feed jenkins job data into datadog. When I pull up a Jenkins log entry, there are attributes associated with it, one being jenkins.job_name. However, I want to split this into folder and job as most of our Jenkins jobs are foo/baz and bar/baz.

It seems to me this should be a custom processor under the Jenkins pipeline configuration. But I've tried getting it to work with a Grok processor as well as a Category processor and I'm out of ideas. Anyone know how best to do this? Thank you!

PS: I plan to use this to build a status dashboard grouping by job type (in this example, baz).

https://redd.it/1opo6q2
@r_devops

Where did RabbitMQ send our data?

Need some help from the community... We simply did a systemctl stop and start on our rabbitmq servers one at a time. After it came back up we lost nearly 200k messages from some but not all queues. All queues are set to persistent. Any clue what may have happened to the messages and where we can look to recover them?

We have tried all of your common stuff, reboots, service restarts, tons of spelunking through logs/data files... The servers are up and running and processing fine, just missing a ton of data. Thanks so much for any help!

https://redd.it/1opmx3y
@r_devops

Blind XXE: Exfiltrating Data When You Can't See the Response 👁️

https://instatunnel.my/blog/blind-xxe-exfiltrating-data-when-you-cant-see-the-response

https://redd.it/1opoocl
@r_devops

GitLab: Wait for other pipelines to finish?

Hi,

just got asked whether it is possible for a pipeline to wait for another pipeline to finish? The idea is that there are several repositories (3 in that case) with pipelines that somewhat interfer during a step (deploy to a server). The person would like the pipeline to know whether a certain other pipeline is running.

Is this possible in GitLab?

We would still like to have concurrent runners - so using a tag and just have one runner for this tag, is not the ideal option.

https://redd.it/1opsmbq
@r_devops

What do you look for in node metrics?

Hey folks

I’m currently working on a little hobby project to get to know logging and observability - something us developers tend to ignore a lot.

When you’re looking at node/server metrics, what do you find most useful/required when it comes to your dashboards showing node health, resource utilisation etc?

I’m in the process of configuring my Prometheus stack and I don’t want to be bombarding myself with extra data I don’t need/isn’t really useful in the real world.

Thanks!


https://redd.it/1opv8og
@r_devops