All Posts

Setting up Git with SSH on Windows with PowerShell

When you activate 2FA on your GitHub account using HTTPS becomes a little more difficult because you can’t simply use your password anymore. The simple solution is to use a PAT token as your password when prompted from the command line. But managing these tokens can be a bit of pain. You can also clone using SSH. For our Mac and Linux friends, we know it’s easy, it should be on windows, but it isn’t yet…

BlackDuck Docker image scanning from within a docker container

Docker is a great tool for build pipelines, without a doubt it allows you to create isolated and reproducible builds. Not just of docker images themselves, but also for artefacts that you might extract and use outside of the container. When you are building Docker images security should be one of the concerns you can take care of in your CI pipeline. This varies from simple linting of your dockerfiles using something like hadolint to a more complex scanner that can scan the internals of your images and give you some clues as to where you might need to address security concerns.

Configuring JWT Authentication in Envoy Proxy

When creating APIs it can be useful to separate out the concern of validating JWT tokens to some downstream service. This has a number of benefits Testing becomes easier as you do not have to create valid JWTs for each API call Less configuration needs to be distributed to the API at runtime You can still pass and make use of JWTs and their payloads within the API but you just offload the task of actually validating that payload to something else.

Docker as a build system - with Windows containers

Whilst I am familiar with linux containers I havent had the chance to use windows containers much so this is part of a series where I explore the features and differences of windows container. These posts are written for someone who is fairly new to the docker experience. Docker doesnt just have to be used just to build, package and deploy applications. Its ability to provide an isolated environment that you have control over is great for build systems in general.

Kubernetes Mutating Webhook Configuration

Sometimes in Kubernetes you want to have some control over what is allowed into your cluster and even some control over the properties. With a Mutating Webhook Configuration you can do this. Essentially you can subscribe to different sorts of admission events on the API and each time an even happens it will forward it thought a webhook you can configure. I this way you can change the config before it is submitted to the nodes.

Cloudflare #InternetSummit

I only use Cloudflare for this blog so you can imagine I was quite surprised when I got an invite to their first European #internetSummit hosted in London. I signed right up and was pretty curious about the topics. Compared to some conferences it was a simple single track conference that consisted entirely of panel discussions rather than your more traditional speaker/talk arrangement. This is by no means a bad thing at all.

Application Insight in a cloud native world

APM products aren’t part of your solution - they are part of your problem Don’t get me wrong - they are for the most part great products and they do absolutely serve a purpose. But, as we move towards a much more distributed world with lots of smaller interconnected applications that are frequently updated and dynamically scaled, I’m not sure that these traditional products are the solution. Certainly not in the product format they are in currently where you pay per “host” or “agent”.

AzureChallenge Leeds

This week I attended the Azure Challenge in Leeds hosted by Microsoft at the Hilton Leeds City. This was a 2 day event focussing on Kubernetes in Azure. There was very little information about the format and content and it felt like it was being kept under wraps! The only info we were given was Install the Azure CLI 2.0 Install Docker Install Kubectl Install Postman - this is optional but useful I arrived a bit late and sat down with Team 8 that consisted of Lee Dyche, Paul Latham and David Betteridge.

Aggregating application deployment data (Part 1)

Any company of a decent size and age that creates software at any scale will have gone through a number of “technical evolutions”. These come along as you hire new people, create new products or just better ways of doing things come along. The kind of changes I’m talking about are the adoption of different technologies over time and the introduction of new ones. This cuts right across different aspects of software, from languages to frameworks to techniques to tooling.

Unit testing complex LINQ statements

LINQ is amongst the greatest features of c# and when it was released people instantly took to using it. It forms the basis of may ORMs and other object manipulation tools. It can form a great abstraction when loading and manipulating data. It can however like a lot of great tools be horrendously misused by a lot of people. I have seen 10+ line LINQ statements dropped into the middle of large blocks of business logic.