Everything as Code

About

IBM Cloud

Jaric Sng

Technology Architect
IBM Cloud Integration (ASEAN)
sngtpj@sg.ibm.com

Landscape

Business Challenges

• Industrial 4.0
• Disruption
• Stay ahead of competition
• Innovation
• Cost optimization

Operation as Code

Examples of Operation as Code

• Ansible Runbook
• Use of Operator in Kubernetes

Project Scaffolding as Code

Examples of project Scaffolding as Code

• Yeoman
• Angular
• LoopBack
• kabanero
• and many others the generate project codes

Documentation as Code

Examples of Documentation as Code use of markup languages

• markdown
• Mermaid live editor
• html
• sphinx
• language specific pydoc, javadoc
• mkdocs generate documentation from markdown
• LaTeX document preparatio system for report, article, thesis, presentation

graph TD
A[OCP 311 Cluster/OCP 4.3 Cluster] -->|Step 1: Provision IBM Cloud Pak| B(Ibm cloud Pak)
B --> |Step 2: deploy cam|C[IBM Cloud Automation Manager]
B -->|Step 3: deploy  app mgmt|D[IBM Cloud App management]
B -->|Step 4: Optional component| G[Cloudforms]
B -->|Step 5: Optional component| H[Redhat Ansible Tower]

Infrastructure as Code

Examples of Infrastructure as Code

• terraform for many providers: IBM, AWS, Google, Azure and many more providers
• vagrant
• Heat Orchestration Template (HOT) for OpenStack
• vApp Templates only for VMware
• CloudFormation for AWS
• chef
• ansible
• puppet
• Serverspec

Configuration as Code

• ansible and ansible playbook
• chef
• saltstack
• puppet

Container as Code

• dockerfile with docker or Podman & Buildah

Presentation as Code

• beamer with latex use modern theme metropolis
• write with markdown and convert to beamer with Pandoc

Diagram as Code

• yuml - extension for VS Code.
• Diagrams
• online
  • draw.io
  • yuml.me

Security as Code

Security as Code best practices include:

• Automating feedback loops
• Automating scans and security testing
• Executing script tests
• Implementing monitoring functions
• Performing routine security policy checks

Some tools

• SonarQube static analysis
• Inspec
• CIS Docker benchmark
• CIS Kubernetes Benchmark
• OpenSCAP
• List of Docker Security tools
• kube-hunter - kubenetes security tool
• sysdig
• aqua
• anchore

OWASP Security Knowledge Framework Security Knowledge Framework is an expert system application that uses the OWASP Application Security Verification Standard with detailed code examples (secure coding principles) to help developers in pre-development and post-development phases and create applications that are secure by design.

Pipeline as Code

• Apache Airflow
• Jenkins
• Tekton
• Travis
• CircleCI

AI as Code

• Apache Airflow