2019 April

04-20 AWS achieves HDS certification

At AWS, the security, privacy, and protection of customer data always comes first, which is why I am pleased to share the news that AWS has achieved “Hébergeur de Données de Santé” (HDS) certification.

04-17 Using GitLab Auto DevOps with Kubernetes Through Rancher's Authorized Cluster Endpoint

In this post, we will walk through how to connect GitLab’s Auto DevOps feature with a Rancher-managed Kubernetes cluster, making use of a feature introduced in Rancher v2.2.0 called Authorized Cluster Endpoint.

04-17 The Future of Cloud Providers in Kubernetes

Approximately 9 months ago, the Kubernetes community agreed to form the Cloud Provider Special Interest Group (SIG). The justification was to have a single governing SIG to own and shape the integration points between Kubernetes and the many cloud providers it supported.

04-17 3 Best Practices for Docker Image Security

In this post, I wanted to identify a few high-level security tips and best practices to consider when working with container images. Before diving into that, a very brief summary on the advantages of containers: Containers help organizations become more consistent, agile, and secure.

04-17 Using Google-managed SSL certificates

This is a Beta release of Managed Certificates. This feature is not covered by any SLA or deprecation policy and might be subject to backward-incompatible changes. In Google Kubernetes Engine, you can use Ingresses to create HTTPS load balancers with automatically configured SSL certificates.

04-12 An Introduction to Kubernetes Network Policies for Security People

Many enterprises are currently adopting Kubernetes to run their applications. This is happening to such an extent that some people are referring to Kubernetes as the new data-center operating system.

04-12 tvler/prop-sets

With prop-sets, you don’t need to outsmart your own code when writing tests. Instead of determining fragile points of failure from particular combinations of inputs, simply generate all possible combinations and assert everything. Works with React, Vue, Jest, Mocha, etc. No dependencies.

04-12 Scalify/gitlab-project-settings-state-enforcer

Enforces the settings of a bunch of gitlab repos by reading a config file and talking to the GitLab API. Configuration of project interaction is currently possible via JSON files providing a Config object. The config object has the following fields:

04-12 The foundation for your cloud-powered mobile & web apps

Choose your cloud services and easily connect them to your app with just a few lines of code. Effortlessly create and maintain sophisticated serverless backends for your apps.

04-12 High Performance Data Analytics with Cube.js Pre-Aggregations

This is an advanced tutorial. If you are just getting started with Cube.js, I recommend checking this tutorial first and then coming back here. One of the most powerful features of Cube.js is pre-aggregations.

04-12 edmunds/shadowreader

ShadowReader has the ability to replay production traffic to a destination of your choice by collecting traffic patterns from access logs. It is built on AWS Lambda, S3 and Elastic Load Balancers.

04-09 Stackdriver Sandbox

Stackdriver Sandbox Alpha Stackdriver Sandbox is an open source tool* that helps practitioners to learn Stackdriver. It offers: Demo Service - an application built using microservices architecture on modern, cloud native stack.

04-09 Netlify Dev Beta

Netlify Dev takes hot reloading to whole new level, allowing you to actually stream your dev server to a live URL. Great for collaborative development, you can now share your work as you work, and get instant feedback.

04-08 acquia/acf

Contexual commerce experiences require multiple modes of integration with the CMS. Acquia Commerce Framework (ACF) combines Drupal as the “glass” and a decoupled e-commerce platform to power the commerce engine. The optimal structure is composed of two different approaches:

04-08 Buttercup for Browsers

Strong 256bit AES encrypted vaults that meet today’s security standards. Rest assured that your credentials are safe. Easy-to-use interfaces with basic concepts make storing and finding your login details a piece of cake.

04-05 Anatomy of CVE-2019-5736: A runc container escape!

This post is courtesy of Samuel Karp, Senior Software Development Engineer — Amazon Container Services. On Monday, February 11, CVE-2019-5736 was disclosed.

04-05 HTML attributes Screen reader compatibility

Shows how different HTML attributes behave in commonly used screen readers. All tests were carried out with screen reader factory settings. JAWS in particular has a wide variety of settings controlling exactly what gets spoken.

04-05 Contenu

Retrouvez ci-dessous le contenu de cette journée, qui sera mis à jour progressivement. Vous souhaitez être informés de l’ouverture des pré-inscriptions pour l’AWS Summit Paris 2020 ? Cliquez ici.

04-03 Malicious remote code execution backdoor discovered in the popular bootstrap-sass Ruby gem

On March 26, 2019, a malicious version of the popular bootstrap-sass package, that has been downloaded a total of 28 million times to date, was published to the official RubyGems repository. Version 3.2.0.

04-03 Chef becomes 100% free software

Chef, the purveyor of a popular configuration-management system, has announced a move away from the open-core business model and the open-sourcing of all of its software. “We aren’t making this change lightly.

04-02 git bundle

I had an interesting problem at work the other day. We’d hired some external contractors to build an android app for us, and now we needed to get the code from them and into our private GitHub.

2019 March

03-22 The Missing Introduction To Containerization

Docker is one of the most known containers platforms nowadays and it was released in 2013. However, the use of isolation and containerization started before this date.

03-11 Supersonic Subatomic Java

Quarkus tailors your application for GraalVM and HotSpot. Amazingly fast boot time, incredibly low RSS memory (not just heap size!) offering near instant scale up and high density memory utilization in container orchestration platforms like Kubernetes. We use a technique we call compile time boot.

2019 February

02-25 Mastering the KUBECONFIG file

There is a kubeconfig file behind every working kubectl command. This file typically lives at $HOME/.kube/config. Having written kubectx, I’ve interacted with kubeconfigs long enough to write some tips about how to deal with them.

02-23 Exploiting Drupal8's REST RCE

Once again, an RCE vulnerability emerges on Drupal’s core. This time it is targeting Drupal 8’s REST module, which is present, although disabled, by default.

02-18 Welcome

Terraform is powerful (if not the most powerful out there now) and one of the most used tool which allows to manage infrastructure as code. It allows developers to do a lot of things and does not restrict them from doing things in ways which will be hard to support or integrate with.

02-15 Puppeteer is my new dev server

Last year, my team launched web.dev at Chrome Dev Summit 2018. If you haven’t heard of web.dev, it’s a new educational resource for web developers that focuses on interactive learning. For example, we embed Glitch codelabs so developers can tinker with code as they read through documentation.

02-10 Introducing Drupal Test Traits

The Mass.gov development team is proud to release a new open source project, Drupal Test Traits (DTT). DTT enables you to run PHPUnit tests against your Drupal web site, without wiping your database after each test class. That is, you test with your usual content-filled database, not an empty one.

02-02 How to deploy multi-arch Kubernetes cluster using Kubespray

I recently bought 3 ODROID-HC1 devices to add a dedicated storage cluster to my home Kubernetes. I thought that it’s a good excuse to spend some time redeploying the cluster. Usually, I would’ve gone with CoreOS, since I’m a big fan of their immutable OS.

2019 January

01-30 Little Things I Like to Do with Git

The shortlog gives us summaries of git log; the -s flag will suppress commit description and provide a commit count summary only, and the -n flag will sort output according to the number of commits per author instead of author alphabetic order.