Devashish Patil
Cloud Engineer @ Google
Bengaluru, India
Actions
Devashish is an experienced cloud-native developer currently working at Google, and specializing in the design and development of complex systems across diverse cloud platforms. He has successfully tackled projects of varying sizes and technical intricacies throughout his career.
As an active member of the tech community, Devashish frequently shares his insights through blogs, forums and by speaking at technical meetups and local conferences.
Links
Badges
Area of Expertise
Topics
Beyond Red/Green: Deep CI/CD Observability and Reliability Patterns
CICD pipelines are the backbone of modern software delivery, yet they are often treated as fragile black boxes. Failures slow down development velocity, erode trust, and introduce significant operational risk. This session focuses on moving beyond simple pass/fail checks by applying operational rigor and SRE principles to build truly resilient, efficient, and observable CI/CD workflows using open-source tools. Topics covered:
- Deep Pipeline Observability: Instrument CI/CD using OpenTelemetry for metrics, logs & distributed traces. Find bottlenecks & failure causes fast.
- Designing for Reliability: Implement patterns like idempotency, automated retries with backoff, checkpointing, and graceful failure handling to minimize the impact of transient issues.
- Performance Optimization: discuss techniques for reducing pipeline execution time and resource consumption through intelligent caching, parallelization, and optimized artifact management.
- Integrated Security Checks: Treat security scanning/signing as reliable operational gates.
- Data-Driven Deployment Strategies: Leverage OTel insights for automated deployment analysis & rollbacks.
Beyond Network Trust: End-to-End Secure Service Communication with Open Source IAM
In today's dynamic cloud-native environments, relying on network perimeters for security is obsolete. True Zero Trust demands strong authentication and fine-grained authorization for every interaction, especially between microservices. This session explores how to achieve this end-to-end security using complementary open-source projects.
First, we address the challenge of reliably identifying who is making a request. We'll delve into establishing cryptographic, verifiable workload identities using open-source frameworks like SPIFFE/SPIRE. Learn how services can automatically obtain short-lived, platform-agnostic identities (SVIDs), eliminating the need for managing secrets like API keys or passwords for service-to-service authentication.
With a trusted identity established, we then tackle what that service is allowed to do. We'll demonstrate how to leverage these workload identities within open-source authorization engines like Open Policy Agent (OPA). See how to define and enforce granular, context-aware access control policies based on the verified identity of the calling service, rather than just its network location.
Devashish Patil
Cloud Engineer @ Google
Bengaluru, India
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top