TLDR DevOps 2026-05-20

IBM Bob is the AI Development partner built for the modernization work you need to get done. • Java upgrades• COBOL refactors• RPG• Mainframe modernizationBlue Pearl compressed a 30-day Java upgrade to 3 days with zero post-deployment defects. Bob ingests your codebase, your standards, and the unglamorous work of refactoring legacy. You can direct IBM Bob to dynamically route tasks to a suitable model based on accuracy, performance, and cost, drawing on a mix of frontier models including Anthropic Claude, Mistral, IBM Granite and others for you.

Visit the IBM Bob Site and Start Your Free Trial Today!

Terraform Enterprise 2.0 introduces Stacks for orchestrating multi-environment infrastructure as unified systems, plus project-level notifications, SCIM 2.0 automation, stronger governance, diagnostics, migration tools, and lifecycle support improvements to scale operations securely and consistently.

Terraform 1.15 adds dynamic module sources with const variables, deprecation warnings for module variables and outputs, inline type conversions via convert(), typed outputs, enhanced testing mocks, and validation blocks for Stacks variables. Additional improvements include Windows ARM64 support, AWS login authentication for S3 backends, and better CLI deprecation diagnostics to improve usability, testing, and enterprise-scale workflows.

Cloudflare and Anthropic integrated Claude Managed Agents with Cloudflare's infrastructure, allowing developers to run AI agents with enhanced security features like customizable proxies, private service connectivity, and the option to use lightweight V8 isolates instead of full microVMs for faster, cheaper scaling. The integration includes out-of-the-box tools like browser control with session recording, email capabilities for each agent, and connections to Cloudflare services like Workers AI and R2 storage, with a deployment template available for developers to get started in minutes.

AWS detailed how to use Velero on Amazon EKS to back up and restore Kubernetes resources and persistent volume data with Amazon S3, Amazon EBS snapshots, and least privilege IAM roles using EKS Pod Identity. The tutorial demonstrates deploying a stateful application, creating namespace-scoped backups, restoring workloads across namespaces, and securing Velero with restricted Kubernetes permissions.

Rising AI-driven development activity is inflating CI costs as every commit triggers long, compute-intensive test suites, making test execution a major source of infrastructure waste and slower developer feedback. Intelligent test selection tools like CloudBees Smart Tests reduce runtime, cloud spend, flaky reruns, and release delays by running only the most relevant tests for each code change.

Kyverno, a Kubernetes-native policy engine, can now automate the deployment of Confidential Containers (CoCo) workloads by automatically injecting required security configurations and validating inputs at admission time, solving the operational complexity that previously required developers to manually manage infrastructure-heavy details. The integration maintains CoCo's zero-trust security model—where the Kubernetes control plane is treated as untrusted—by using Kyverno purely for deployment automation while remote attestation remains the final security checkpoint.

Gordon is an AI agent by Docker that goes beyond typical coding assistants by actually reading your running containers, logs, and compose files to debug issues, containerize apps, and optimize Dockerfiles—then proposing and executing fixes with your approval. Gordon is available for free in Docker Desktop 4.74 and the CLI, with context about your entire Docker environment already loaded, so it can diagnose problems like missing environment variables or networking failures in minutes instead of hours.

A CISA contractor reportedly exposed credentials for highly privileged AWS GovCloud accounts, internal systems, plaintext passwords, logs, and deployment-related files in a public GitHub repository. The leak is a stark reminder that secrets scanning, org-level GitHub policy enforcement, short-lived credentials, and least-privilege cloud access are not optional controls, especially when repositories are used as informal scratchpads or sync mechanisms.

Amazon EKS now supports Amazon ARC zonal shift and zonal autoshift with Karpenter, enabling Kubernetes clusters to automatically redirect traffic and stop provisioning in impaired availability zones during outages.

CDK Mixins is a new feature in the AWS Cloud Development Kit that allows developers to apply reusable infrastructure capabilities to any construct type (L1, L2, or L3) without being locked into specific implementations.