2019 April

04-05 Anatomy of CVE-2019-5736: A runc container escape!

This post is courtesy of Samuel Karp, Senior Software Development Engineer — Amazon Container Services. On Monday, February 11, CVE-2019-5736 was disclosed.

04-05 HTML attributes Screen reader compatibility

Shows how different HTML attributes behave in commonly used screen readers. All tests were carried out with screen reader factory settings. JAWS in particular has a wide variety of settings controlling exactly what gets spoken.

04-05 Contenu

Retrouvez ci-dessous le contenu de cette journée, qui sera mis à jour progressivement. Vous souhaitez être informés de l'ouverture des pré-inscriptions pour l'AWS Summit Paris 2020 ? Cliquez ici.

04-03 Malicious remote code execution backdoor discovered in the popular bootstrap-sass Ruby gem

On March 26, 2019, a malicious version of the popular bootstrap-sass package, that has been downloaded a total of 28 million times to date, was published to the official RubyGems repository. Version 3.2.0.

04-03 Chef becomes 100% free software

Chef, the purveyor of a popular configuration-management system, has announced a move away from the open-core business model and the open-sourcing of all of its software. “We aren’t making this change lightly.

04-02 git bundle

I had an interesting problem at work the other day. We'd hired some external contractors to build an android app for us, and now we needed to get the code from them and into our private GitHub.

2019 March

03-22 The Missing Introduction To Containerization

Docker is one of the most known containers platforms nowadays and it was released in 2013. However, the use of isolation and containerization started before this date.

03-11 Supersonic Subatomic Java

Quarkus tailors your application for GraalVM and HotSpot. Amazingly fast boot time, incredibly low RSS memory (not just heap size!) offering near instant scale up and high density memory utilization in container orchestration platforms like Kubernetes. We use a technique we call compile time boot.

2019 February

02-25 Mastering the KUBECONFIG file

There is a kubeconfig file behind every working kubectl command. This file typically lives at $HOME/.kube/config. Having written kubectx, I’ve interacted with kubeconfigs long enough to write some tips about how to deal with them.

02-23 Exploiting Drupal8's REST RCE

Once again, an RCE vulnerability emerges on Drupal's core. This time it is targeting Drupal 8's REST module, which is present, although disabled, by default.

02-18 Welcome

Terraform is powerful (if not the most powerful out there now) and one of the most used tool which allows to manage infrastructure as code. It allows developers to do a lot of things and does not restrict them from doing things in ways which will be hard to support or integrate with.

02-15 Puppeteer is my new dev server

Last year, my team launched web.dev at Chrome Dev Summit 2018. If you haven't heard of web.dev, it's a new educational resource for web developers that focuses on interactive learning. For example, we embed Glitch codelabs so developers can tinker with code as they read through documentation.

02-10 Introducing Drupal Test Traits

The Mass.gov development team is proud to release a new open source project, Drupal Test Traits (DTT). DTT enables you to run PHPUnit tests against your Drupal web site, without wiping your database after each test class. That is, you test with your usual content-filled database, not an empty one.

02-02 How to deploy multi-arch Kubernetes cluster using Kubespray

I recently bought 3 ODROID-HC1 devices to add a dedicated storage cluster to my home Kubernetes. I thought that it’s a good excuse to spend some time redeploying the cluster. Usually, I would’ve gone with CoreOS, since I’m a big fan of their immutable OS.

2019 January

01-30 Little Things I Like to Do with Git

The shortlog gives us summaries of git log; the -s flag will suppress commit description and provide a commit count summary only, and the -n flag will sort output according to the number of commits per author instead of author alphabetic order.

01-24 PagerDuty Security Training

We run two internal employee security training courses at PagerDuty; one for everyone covering a variety of general security topics relevant to all employees, and one for engineers covering more technical security concepts relevant to those in our engineering department.

01-21 How-to deploy Drupal interface translations

At LimoenGroen we build mostly Dutch websites and sometimes multilingual sites. We therefore need a solid and developer friendly solution to deploy interface translations.

01-18 Entreprise.data.gouv.fr

Informations sur les entreprises en opendata

01-15 On Infrastructure at Scale: A Cascading Failure of Distributed Systems

At Target, we run a heterogeneous infrastructure in our datacenters (and many other places), where we have multiple different backend hosting infrastructure for workloads.

01-14 The Life of a GitHub Action

I thought it might be fun to write a blog post on “The Life of a GitHub Action.” When you go through orientation at Google they walk you through “The Life of a Query” and it was one of my favorite things. So I am re-applying the same for a GitHub Action.

01-14 101 Bash Commands and Tips for Beginners to Experts

Big news in open source/cloud. IBM will acquire open-source cloud software com…

01-08 mkcert: valid HTTPS certificates for localhost

The web is moving to HTTPS, preventing network attackers from observing or injecting page contents.

01-07 Innersource: A Guide to the What, Why, and How

In recent years innersource is a term that has cropped up more and more. As with all new things in technology, there has been a healthy mix of interest and suspicion around what exactly innersource is (and what it isn’t).

01-06 Teleport becomes the universal gateway for SSH and Kubernetes with v3.0

Today we are bumping the major version number of Gravitational Teleport to 3.0 and for good reason. One of our beta testing customers said it best: This is too easy, now I can now authenticate once and access both my Kubernetes clusters [via kubectl] and the underlying servers [via SSH]!

01-04 Adding CVE scanning to a CI/CD pipeline

A Docker image contains an application and all its dependencies. As it also contains the numerous binaries and librairies of an OS, it’s important to make sure no vulnerabilities exist in its root filesystem, or at least no critical or major ones.

01-04 Bitnami Kubernetes Production Runtime 1.1

At Bitnami we have been working on the Bitnami Kubernetes Production Runtime, a curated collection of services needed to deploy on top of your Kubernetes cluster (currently supporting GKE and AKS) to enable logging, monitoring and certificate and DNS management.

01-04 From Jenkins to Jenkins X

At dailymotion, we strongly believe in devops best practices, and are heavily investing in Kubernetes. Part of our products are already deployed on Kubernetes, but not all of them.

01-01 Persistent Data for StatefulSets with Containership.io Kubernetes on DigitalOcean

01-01 How we supercharge Continuous Integration (CI) tools at Viki!

Some time ago, my colleague and manager of our platform team at Viki, Omkiran, started a company-wide conversation on re-hauling most of our entire infrastructure.

2018 December

12-25 Building Scalable Analytics with AWS — Part I

Disclaimer: I'm taking into account that you more or less know many of the AWS concepts in EMR, IAM, S3; together with what is Zeppelin and Spark. How to start with a project involving big data at your enterprise?