For eighteen years, I have been involved in technology, one way or another. It's now time to redefine my focus.
Categorizing focus areas:
Discipline is needed here. I need to focus on less, not more.
When it comes to real-world projects (for myself or others) my focus will be on Python and Django. Python 3 is a beautiful language and the richness of the Django Framework is well known, as are its Security-First credentials. Critically, it lends a near-perfect set of tools that drastically reduce Time to Market. An ideal choice for SaaS and ecommerce applications today.
Time to say goodbye to Node.js. You were fun to play with. Deno shall be investigated.
Till then, I make sensible, lightweight, minimal JS apps. Hopefully, little or no dependencies.
Everything else: Mobile, Embedded, Desktop & Systems
Hands off. I will no longer be involved hands on with mobile development. Will continue my experiments with IoT and embedded, but that's just me having fun on weekends. Desktop development is a weekend hobby for me. As is Systems. Nothing much to add.
It's surprising how many organizations don't realize the power and need for automation. Not just small and mid-sized businesses but even large enterprises aren't automating as much as they should.
Regardless of scale, the benefits of automation are immense for everybody. While traditional view of DevOps is the automation of builds, packages and deployments, GitOps / Infra as Code is challenging established methods of managing IT infrastructure.
While container orchestration platforms such as Kubernetes add an additional layer of abstraction, they do simplify automation in their own way. This space will rapidly evolve and large enterprises need to stay nimble.
Small and mid-sized businesses should be wary of Kubernetes or Containerization. It's not required for a majority of your use-cases and comes with a cost (i.e. implementation time and Kubernetes abstraction complexity) that doesn't always justify value.
GitLab is very good choice for a DevSecOps platform, regardless of size or scope. It has best-in-class Kubernetes integration, and it suitable for on-prem and multi-cloud situations.
Furthermore it is open-source and let's you implement ops in the "UNIX way". By that I mean Operations are decoupled from the pipeline execution platform (CICD platform). This makes them reusable - be it containerized builds, executable scripts, cluster deployments, security scans or just routine health checks.
My approach to DevSecOps is to create standalone executables, scripts and containerized jobs depending on the scope and nature of your operations, automatically executed via GitLab Pipelines or on-demand manually.
Jenkins continues its slow decline. All indications are Azure DevOps is being shelved in favor of GitHub Actions.
Disappointed with GitHub Actions' marketplace approach. They are bound to run into the same problems as Jenkins. Marketplace Actions will be buggy, won't be properly maintained, leaves you dependent on the competence of the individual third party author and you are locked in to the GitHub Actions ecosystem.
Watching out of Source Hut.
Industry: Financials & Fintech
Since 2015, I have either worked with banks (most notably ING - a leading European bank headquartered in the Netherlands) or worked with companies that make products for financials. Currently I work with GitLab which also boasts of a rather large financial clientele.
Time spent in a specific industry in vital. While my knowledge of the defense and energy verticals is certainly significant, the grasp I have on the financial industries is much stronger. Certainly my personal interests in trading financial instruments and blockchain / distributed ledger technologies have aided my decision in narrowing down to focus on Financials.
Security requirements of Financials are immense. Things must be secured at all levels and at all stages. Earlier the better.
Implementing GitLab for large enterprises has shown me how a strong DevSecOps focus can intrisincally promote best practices for a Secuity Organization and elevate the security culture amongst Engineering Teams.
As technology and processes evolve in enterprises, how Security Organizations adapt to these is critical. Open source has forever led security tooling and that remains the case. New tooling will emerge as Container Orchestration / Kubernetes gain mass adoption and new threat vectors are reaslised.
As with any regulated industry, there are compliance requirements for Financials. Most notable frameworks are GDPR and FSRA (and its local variants). Depending on the nature of financial service offered, other frameworks might additionally apply.
Having developed working knowledge of these frameworks, and how organization processes / systems must be designed to comply by default ... this lends me a unique perspective with which to consult and influence technology organizations. This is as an asset I must continue to develop.
I made the case to be more selective in what I do, how I do it and where I do it. Now, let's stay disciplined.