Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
Weaveworks announced that Flux, the original GitOps project, has graduated in the Cloud Native Computing Foundation (CNCF®).
Graduation is the highest level of maturity in the CNCF, which means the project underwent scrutiny and testing for security, longevity, and governance. Weaveworks donated Flux to the CNCF and has built Weave GitOps, their fullstack GitOps platform, on top of Flux. Weave GitOps provides enterprise customers with further benefits including Trusted Delivery, Automated DevSecOps through Policy as Code, Cluster Fleet Management and Progressive Delivery. Companies of all sizes need to deliver more while reducing CapEX and OpEX costs, and GitOps is essential for reducing spend, increasing velocity, and minimizing downtime.
“Weave GitOps with Flux at its core lets us help customers across the spectrum from developers getting started through to large scale enterprises. Our involvement in the CNCF, plus our commitment to empower application and platform teams to securely automate operations, is the driving force for further GitOps innovation," said Alexis Richardson, CEO, Weaveworks.
Open source Flux, and Weave GitOps built on top, provide GitOps to enterprises, providers, financial institutions, federal departments, and SMBs. GitOps is an approach that, with technologies like Flux and Weave GitOps, provides extensive automation to CI/CD, security and audit trails, and reliability through canary deployments and rollback capabilities.
Both Flux and Weave GitOps are at the forefront of movements such as Open Container Initiative (OCI) and Cosign, with which customers can already apply added security and validation to their deployments. Weaveworks is vigilant of the security challenges that have moved into CI/CD, so its products already provide these capabilities today so that customers can minimize business interruptions from security breaches.
Flux was built for other companies and projects to contribute add-on capabilities. Weaveworks built Weave GitOps on Flux as a first-class extension to provide capabilities such as hybrid and multi-cloud management, Progressive Delivery, and Policy as Code with a UI and enterprise support.
In a time when companies need to do more with less, Flux’s extensibility provides popular capabilities such as bringing GitOps to Terraform or doing GitOps management right from Visual Studio Code.
With Weave GitOps, a natural extension to Flux for Application Lifecycle management, developers with little or no experience of Kubernetes can manage:
- Application Operations: manage and automate deployment pipelines
- Platforms: the easy way to have your own custom PaaS on cloud or on premise
- Extensions: coordinate Kubernetes rollouts with eg. VMs, DBs and cloud services
For organizations where scale and flexibility is key, Weave GitOps Enterprise is offered as a set of paid tiers that sit on top of Weave GitOps where fleet management and building automated and secure self-service Kubernetes platforms is required.
Weaveworks would like to congratulate the Flux community on this outstanding achievement as we look forward to the next 5 years of what GitOps brings to the cloud native ecosystem.
Industry News
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.
OpenText™ announced a solution to long-standing open source intake challenges, OpenText Debricked Open Source Select.
ThreatX has extended its Runtime API and Application Protection (RAAP) offering to provide always-active API security from development to runtime, spanning vulnerability detection at Dev phase to protection at SecOps phase of the software lifecycle.
Canonical announced the release of Ubuntu 24.04 LTS, codenamed “Noble Numbat.”
JFrog announced a new machine learning (ML) lifecycle integration between JFrog Artifactory and MLflow, an open source software platform originally developed by Databricks.
Copado announced the general availability of Test Copilot, the AI-powered test creation assistant.