Now that we have a process that automatically builds a container image whenever changes are committed to the git repository, we need a way to get those changes out, either into a development or test environment, or to the production environment. In the gitops world, a deployment is also initiated by a change to the […]
This article is the fourth in the series on how to set up an automated end-to-end workflow for deploying to a Kubernetes cluster. The previous steps accomplished a lot, even if they sound simple. Each involved multiple additional tasks to set up tools and systems, the classic yak shaving scenario. While the first two steps […]
This is the third part of the guide to setting up an automated workflow to deploy code to a Kubernetes cluster following a change in a git repository. The first two parts of this series so far belong in the dev portion of devops. They encompass what most software engineers do to build and test […]
The first article in this series introduced our objective, which is to create an automated workflow that delivers code to a runtime environment once it has been committed to a Git repository. In this part we will look at the next step, which is to package the app so that it can be run in […]
May 2023
As someone who builds and maintains cloud infrastructure, I have always been leery from a security perspective of giving 3rd party services, such as CI/CD platforms, access to the resources. All the service vendors claim to take stringent precautions and implement foolproof processes, but still, vulnerabilities getexploited and errors happen. Therefore, my preference is to use tools […]
Oct 2018
As a Mac user with concerns about privacy and data security, I have used a personal firewall on my laptop for many years. The specific one I use is Little Snitch. Normally I don’t name products but I like it so much that I have no problem making this exception. The way it works is […]
Recently I had to dive into Android app development to fix an issue in an app. Then, while I was testing the app I noticed that the payment process was not working. The app uses Instamojo, a payment gateway provider in India. The process works fine through the Web client, but the Android flow was broken. […]
The immediate reaction of a lot of cyber-security professionals to the news that Microsoft Excel would support Javascript was, “What could go wrong.” The clear implication being that a lot could go wrong, that this is creating a lot of risk and that this was an unnecessary step. It is true, including Javascript support in […]
May 2018
The security dashboard of the world’s most popular sites, SecureTheWeb.info, uses data collected by a Python script that visits the sites. This Python script in turn relies on the underlying OpenSSL implementation on the computer where it is running. This is a limitation because the script cannot check for protocols that Python or OpenSSL don’t […]
So you are traveling to the US, and you’re wondering about the potential search of your electronic devices by Customs and Border Patrol when you enter. You have reason to be concerned. CBP has been going through people’s devices with no declared probable cause, and the numbers have been going up, from 0.002% of all […]