#office-hours (2019-10)
“Office Hours” are every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers! https://cloudposse.com/office-hours
Public “Office Hours” are held every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers!
https://cpco.io/slack-office-hours
Meeting password: sweetops
2019-10-02
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@here public #office-hours starting now! join us to talk shop https://zoom.us/j/508587304
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Terraform module for provisioning an EKS cluster. Contribute to cloudposse/terraform-aws-eks-cluster development by creating an account on GitHub.
![cool-doge](/assets/images/custom_emojis/cool-doge.gif)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Terraform module that provision an S3 bucket to store the terraform.tfstate
file and a DynamoDB table to lock the state file to prevent concurrent modifications and state corruption. - cloudposse…
![Matthew Cascio avatar](https://avatars.slack-edge.com/2019-10-02/781093360100_260415ea78021dbad72e_72.png)
AWS Container Hero / Maintains kube-aws, eksctl, helmfile, helm-diff, brigade, awsbeats / Wanna be a paid OSS dev someday - mumoshu
![Matthew Cascio avatar](https://avatars.slack-edge.com/2019-10-02/781093360100_260415ea78021dbad72e_72.png)
His Variant project looks very cool
AWS Container Hero / Maintains kube-aws, eksctl, helmfile, helm-diff, brigade, awsbeats / Wanna be a paid OSS dev someday - mumoshu
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
A Kubernetes operator that automatically creates and updates Kubernetes secrets according to what are stored in AWS Secrets Manager. - mumoshu/aws-secret-operator
![Matthew Cascio avatar](https://avatars.slack-edge.com/2019-10-02/781093360100_260415ea78021dbad72e_72.png)
CLI for managing secrets. Contribute to segmentio/chamber development by creating an account on GitHub.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Kubernetes controller for synchronizing secrets & config maps across namespaces - mittwald/kubernetes-replicator
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Populates Kubernetes Secrets from AWS Parameter Store - cmattoon/aws-ssm
![rms1000watt avatar](https://avatars.slack-edge.com/2023-12-08/6318001875107_13986079d7f8cfbeeec7_72.jpg)
Maesh is a straight-forward, easy to configure, and extremely non-invasive service mesh that allows visibility and management of the traffic flows inside any Kubernetes cluster.
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
Handle secrets in Docker using AWS KMS, SSM parameter store, Secrets Manager, or Azure Key Vault - s12v/exec-with-secrets
![Matthew Cascio avatar](https://avatars.slack-edge.com/2019-10-02/781093360100_260415ea78021dbad72e_72.png)
Do you know if this is a good PID 1? (killing things that need killed, etc.) Could always start with something like https://github.com/Yelp/dumb-init
A minimal init system for Linux containers. Contribute to Yelp/dumb-init development by creating an account on GitHub.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Local Kubernetes development with no stress
![rms1000watt avatar](https://avatars.slack-edge.com/2023-12-08/6318001875107_13986079d7f8cfbeeec7_72.jpg)
A script to Hack the Helm state (configmaps). Contribute to calm/helm-hacker development by creating an account on GitHub.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
The “Cloud Posse” Distribution of Kubernetes Applications - cloudposse/charts
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Comprehensive Distribution of Helmfiles. Works with helmfile.d
- cloudposse/helmfiles
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
An operator to fetch secrets from cloud services and inject them in Kubernetes - ContainerSolutions/externalsecret-operator
2019-10-03
![mfrohberg avatar](https://secure.gravatar.com/avatar/b46b37cc991e0a10cd818a2d33f5dd39.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0006-72.png)
Example application for CI/CD demonstrations of Codefresh - cloudposse/example-app
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
It’s not really needed. It is so you can define the business logic of how into deploy the application.
Example application for CI/CD demonstrations of Codefresh - cloudposse/example-app
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
For example how to do blue green
![Sharanya avatar](https://avatars.slack-edge.com/2019-08-28/730147904066_371d42477a79b1177fc2_72.jpg)
2019-10-07
![oscar avatar](https://avatars.slack-edge.com/2019-08-22/729046633025_ec6984778c640b0e709e_72.jpg)
What’s that website that was shared before where you can see what other companies are paying for a SaaS?
![oscar avatar](https://avatars.slack-edge.com/2019-08-22/729046633025_ec6984778c640b0e709e_72.jpg)
We’re looking at terraform cloud
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
SaaS pricing is opaque and complex, increasingly hidden behind enterprise pricing and sales calls. It’s impossible to know what software really costs. We’re building a price transparency community to level the playing field.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
You’re paying too much for business software. Let’s fix it together.
![Alex Siegman avatar](https://avatars.slack-edge.com/2019-04-10/592429074434_cea95e800f54d8ea3544_72.jpg)
Right now it’s mostly just a newsletter it seems like, and to join (at least when I did a month or two ago) you have to give them a certain number of pricing stories, but I’m interested to see where this goes.
You’re paying too much for business software. Let’s fix it together.
![oscar avatar](https://avatars.slack-edge.com/2019-08-22/729046633025_ec6984778c640b0e709e_72.jpg)
Thanks - a shame it isn’t widely adopted though
2019-10-09
![Matthew Cascio avatar](https://avatars.slack-edge.com/2019-10-02/781093360100_260415ea78021dbad72e_72.png)
Will there be a an office hours meeting today?
![oscar avatar](https://avatars.slack-edge.com/2019-08-22/729046633025_ec6984778c640b0e709e_72.jpg)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Sorry guys! Had to go to emergency hospital to pick up doggie and totally spaced
![Matthew Cascio avatar](https://avatars.slack-edge.com/2019-10-02/781093360100_260415ea78021dbad72e_72.png)
No problem at all. Is your dog doing better?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![Robert avatar](https://secure.gravatar.com/avatar/3fbe136a12776f5be5f78e7fb59d3ce0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0014-72.png)
Hope he get’s better soon.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Will be back next week, same time and place
2019-10-10
2019-10-15
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
I have a question for tomorrow’s Office Hours. How to maintain a single source of truth and updating a secrets manager (AWS SM or HashiCorp Vault) while having some audit and using a CI?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Good question!
2019-10-16
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
Office hours today?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Yep!
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@oscar bump
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@here public #office-hours starting now! join us to talk shop https://zoom.us/j/508587304
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
An operator to fetch secrets from cloud services and inject them in Kubernetes - ContainerSolutions/externalsecret-operator
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
Cloud Environment Inspector - mlabouardy/komiser
![Alex Siegman avatar](https://avatars.slack-edge.com/2019-04-10/592429074434_cea95e800f54d8ea3544_72.jpg)
a nodes
group per az, equivalent to an eks worker pull i believe
Validating cluster us-east-1.staging.spoton.sh
INSTANCE GROUPS
NAME ROLE MACHINETYPE MIN MAX SUBNETS
bastions Bastion t3.small 1 1 utility-us-east-1c,utility-us-east-1d,utility-us-east-1a
master-us-east-1a Master t3.medium 1 1 us-east-1a
master-us-east-1c Master t3.medium 1 1 us-east-1c
master-us-east-1d Master t3.medium 1 1 us-east-1d
nodes-us-east-1a Node t3.medium 1 3 us-east-1a
nodes-us-east-1c Node t3.medium 1 3 us-east-1c
nodes-us-east-1d Node t3.medium 1 3 us-east-1d
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Autoscaling components for Kubernetes. Contribute to kubernetes/autoscaler development by creating an account on GitHub.
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code - GoogleCloudPlatform/terraformer
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
awesome turn out! thanks everyone for joining and sharing what your working on. hope we answered your questions
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
make sure to check out the links that were shared
2019-10-23
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
I have one thing I’d like to review today with those on the call.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
We are working on releasing our official “code of conduct” for SweetOps
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Would love your feedback.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
This code of conduct governs the SweetOps Slack Community and related Open Source Projects. SweetOps is operated by Cloud Posse, a DevOps …
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@here public #office-hours starting now! join us to talk shop https://zoom.us/j/508587304
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
/conf/$region/$project
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
/conf/$cloud/$region/$project
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
/conf/$project
, and then in project, you define each environment.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
environment ~ workspace
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
workspace ~ account
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
unclutter your .profile
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Example Terraform service catalog of “root module” blueprints for provisioning reference architectures - cloudposse/terraform-root-modules
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
terraform cli_arg_init var?
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
terraform init --from-module
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
Sourcegraph is a free, self-hosted code search and intelligence server that helps developers find, review, understand, and debug code. Use it with any Git code host for teams from 1 to 10,000+.
![tamsky avatar](https://avatars.slack-edge.com/2019-10-31/817094217669_6e765cea39b456597957_72.jpg)
A vault for securely storing and accessing AWS credentials in development environments - 99designs/aws-vault
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![Julio Tain Sueiras avatar](https://secure.gravatar.com/avatar/ae8dd22144ec05342181f30748bad052.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
LSIF example
![Julio Tain Sueiras avatar](https://secure.gravatar.com/avatar/ae8dd22144ec05342181f30748bad052.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
Microsoft and Alibaba Cloud have created the Open Application Model (OAM) project under the Open Web Foundation.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
Do not ask questions in #announcements. Search channel instead or suggest one, if you can’t find one.
You should be able to limit people’s ability to post in general, That’s better than trying to enforce a rule
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
Usually when I see that as the situation what people have done is completely disable/delete general, create an #announcements channel, and go from there
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Yea, not a bad suggestion. I do like that people can welcome each other in #announcements though
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
questions asked in zoom
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
As a general rule of thumb, If I am able to automatically enforce something, I’ll always try to do that rather than try to make sure people are following a rule. A perfect example is - don’t use a coding style document, use Prettier
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
and reject if it changes files
![tamsky avatar](https://avatars.slack-edge.com/2019-10-31/817094217669_6e765cea39b456597957_72.jpg)
and reject if it changes files
I’d offer that it’s even more blissful to have the CI update and commit fmt
changes for you if you forget.
![tamsky avatar](https://avatars.slack-edge.com/2019-10-31/817094217669_6e765cea39b456597957_72.jpg)
I wish that was done more.
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
I’m not a big fan of CI making commits to my code. There are minor exceptions like Weave Flux updating versions, but other than that I want commits to my codebase to be coming from developers.
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
Pre-commit hooks take care of automating it from the developer’s standpoint
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
pre-commit git hooks to take care of Terraform configurations - antonbabenko/pre-commit-terraform
![tamsky avatar](https://avatars.slack-edge.com/2019-10-31/817094217669_6e765cea39b456597957_72.jpg)
I’d suggest that’s still playing favorites to a tool git
– those hooks won’t get run if you create a commit using any other tool
![Blaise Pabon avatar](https://secure.gravatar.com/avatar/6540d57ecbbbebc740a33d507aa085ad.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0004-72.png)
there are other tools ?
![tamsky avatar](https://avatars.slack-edge.com/2019-10-31/817094217669_6e765cea39b456597957_72.jpg)
- open a commit + pr from the github web ui
- use another compatible tool, like
hg
/mercurial
![tamsky avatar](https://avatars.slack-edge.com/2019-10-31/817094217669_6e765cea39b456597957_72.jpg)
plus commit hooks fall afoul of the local-workstation-configuration problem
now you need tooling to maintain versions of tools used by your hooks
![Blaise Pabon avatar](https://secure.gravatar.com/avatar/6540d57ecbbbebc740a33d507aa085ad.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0004-72.png)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Thank you @Blaise Pabon!
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
I did not get too far into the weeds with my project. I’m happy I asked about this. I’m going to start using geodesic
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
@Erik Osterman (Cloud Posse) I took a closer look at how you are using geodesic and what you had explained during office hours, I can’t wait to get home and start testing this.
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
I think piecing it together as you did today helped a great deal.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@dalekurt that’s great news! let me know how it goes….
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
I was just having some fun with using a Makefile
for pulling remote modules
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
here’s a demo:
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Recovered Recording at Wed Oct 23 2019 1524 GMT-0700 (Pacific Daylight Time)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Here’s the Makefile
: https://sweetops.slack.com/archives/CB84E9V54/p1571871423051800?thread_ts=1571850575.042600&cid=CB84E9V54
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Here’s the video from today’s “office hours” (from when we hit “record”)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
2019-10-24
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
@Erik Osterman (Cloud Posse) Could you re-iterate the strategy and pros for deploying a kubernetes node pool within a single AZ opposed to deploying across multiple AZs?
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
The Kubernetes Cluster Autoscaler automatically adjusts the number of nodes in your cluster when pods fail to launch due to lack of resources or when nodes in the cluster are underutilized and their pods can be rescheduled onto other nodes in the cluster.
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
AWS calls them Node Groups
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Yep, I second this.
2019-10-25
2019-10-29
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
Little show-and-tell I can do tomorrow at office hours if people are interested. We’re using the tool pre-commit heavily in most of our projects. This is an example from the state backend project I set up for one of our stacks.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
2019-10-30
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
@roth.andy I’m looking forward to that, I was reading about it earlier this morning on a reddit post - https://github.com/antonbabenko/pre-commit-terraform/blob/master/README.md
pre-commit git hooks to take care of Terraform configurations - antonbabenko/pre-commit-terraform
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
my boss just pushed back a meeting that now conflicts with the first half of office hours, so i might miss the first half. We’ll see how long the other meeting lasts
pre-commit git hooks to take care of Terraform configurations - antonbabenko/pre-commit-terraform
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
Hope you make it, would love to see what you have done.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@here public #office-hours starting now! join us to talk shop https://zoom.us/j/508587304
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
I’m stuck in a meeting still, might have to miss this one. we’ll see.
![Alex Siegman avatar](https://avatars.slack-edge.com/2019-04-10/592429074434_cea95e800f54d8ea3544_72.jpg)
Was lookin’ forward to your show-and-tell!
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Extend your AWS IAM switching roles. You can set the configuration like aws config format
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
Read: Securing Environment Variables with 1Password
When I received my new laptop at Hashicorp, I began personalising it as we all do. I used dotfiles to configure iTerm, and quickly pulled down Brew to get (almost) everything I needed installed.
![Julio Tain Sueiras avatar](https://secure.gravatar.com/avatar/ae8dd22144ec05342181f30748bad052.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
this ?
![Julio Tain Sueiras avatar](https://secure.gravatar.com/avatar/ae8dd22144ec05342181f30748bad052.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
Interactive visualizations of Terraform dependency graphs using d3.js - 28mm/blast-radius
![mmarseglia avatar](https://secure.gravatar.com/avatar/c8ab1832c60fbfb4ad8d53b64cbeabc9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0003-72.png)
thank you
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
Static analysis powered security scanner for your terraform code - liamg/tfsec
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
Read: terraform-compliance
https://github.com/eerkunt/terraform-compliance/blob/master/README.md
a lightweight, security focused, BDD test framework against terraform. - eerkunt/terraform-compliance
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Security, Compliance and Informational Dashboard System - forward3d/garrison
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![attachment image](https://www.verygoodsecurity.com/theme/img/meta-logo.png)
Very Good Security (VGS) lets you operate on sensitive data without the cost or liability of securing the data. VGS also helps you achieve PCI, SOC2, and other compliance certifications. VGS is a sensitive data custodian that provides turnkey security with no changes to existing products or systems. We accelerate your time to market and simplify the use of sensitive data while eliminating the risk of breaches. After all, hackers cannot steal what isn’t there.
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
![attachment image](https://www.azuredevopslabs.com/images/azuredevopslabs.png)
Learn how you can implement modern DevOps practices with Azure, Azure DevOps Services and Team Foundation Server.
![dalekurt avatar](https://avatars.slack-edge.com/2022-06-16/3703363393968_abccd57f2124dd3b0f25_72.jpg)
Know what’s inside your software. Nexus Repository - The world’s best way to organize, store, and distribute software components.
![Julio Tain Sueiras avatar](https://secure.gravatar.com/avatar/ae8dd22144ec05342181f30748bad052.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
An open source trusted cloud native registry project that stores, signs, and scans content. - goharbor/harbor
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
We’ve been working with Jetstack, the authors of cert-manager, on a series of fixes to the client. Cert-manager sometimes falls into a traffic pattern where it sends excessive traffic to Let’s Encrypt’s servers, continuously. To mitigate this, we plan to start blocking all traffic from cert-manager versions less than 0.8.0 (the current semver minor release), as of November 1. We’ll be sending out notifications to cert-manager clients that meet those criteria over the next two months. Version 0…
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Amazon EKS now allows you to assign IAM permissions to Kubernetes service accounts, which in-turns makes it possible to give pod level…
![davidvasandani avatar](https://avatars.slack-edge.com/2019-10-02/784259469622_7d9e31719822afd94ef8_72.jpg)
@kareem.shahin
![kareem.shahin avatar](https://secure.gravatar.com/avatar/e3523be2d3654c14fff5c08f953e9fc7.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
@kareem.shahin has joined the channel
![roth.andy avatar](https://avatars.slack-edge.com/2019-09-18/753707271651_6f58c1cbab3c77754f58_72.jpg)
Sorry I missed office hours! If people still want to see the pre-commit stuff I can definitely show it at the next one