A place for non-work-related flimflam, faffing, hodge-podge or jibber-jabber you’d prefer to keep out of more focused work-related channels.
Ever wondered how top companies scale their software delivery seamlessly? Our latest blog post unravels the secrets of continuous delivery, the hurdles in the scaling journey, and the role of Cloudsmith in ensuring a smooth sail. https://cloudsmith.com/blog/scaling-software-delivery-continuous-delivery-overcoming-challenges-and-the-power-of-cloudsmith/
Explore the intricacies of scaling software delivery, from the nuances of continuous delivery to overcoming common challenges. Dive deep into how Cloudsmith can be the game-changer in your DevOps journey, ensuring agility, security, and efficiency in every release.
|KCL Biweekly Newsletter (2023 08.24 - 09.06)||Kubernetes Operator, IDE Extensions and v0.5.6 are out! https://kcl-lang.io/blog/2023-09-06-biweekly-newsletter/|
KCL is an open-source, constraint-based record and functional language that enhances the writing of complex configurations, including those for cloud-native scenarios. With its advanced programming language technology and practices, KCL is dedicated to promoting better modularity, scalability, and stability for configurations. It enables simpler logic writing and offers ease of automation APIs and integration with homegrown systems.
Frontend/Backend communities are fighting back against Typescript, what can we learn from them?
What’s wrong with typescript? Why are people fighting it? How do you fight a language?
This might be the context you seek: https://devclass.com/2023/09/07/ruby-on-rails-creator-removes-typescript-from-turbo-framework-upsets-community/
Ruby on Rails creator David Heinemeier Hansson has removed TypeScript from the forthcoming version 8 of the Turbo […]
This is the 2nd post I came across today about ditching Typescript…
I’m not sure two posts makes something a trend. And in this particular article the only thing I’d consider “fighting” is people arguing to keep typescript.
Why would people ditch typescript
apparently more people are fed up with M$, I heard many people didn’t like M$ 20 years ago and I didn’t know why but now I knew after OpenAI’s sneak attack
People have been bashing MS for decades, and much of it has been deserved. Especially given their embrace, extend, extinguish strategies.
That said, I’ve never seen anyone say they were ditching/avoiding typescript because they don’t like MS (though it very well could happen).
I vividly remember seeing dozens of “java is dead” articles in the early 2000s. Clearly it was not. Saying that people are fighting against typescript feels like a modern iteration of that kind of thing.
it may or may not be the trend but the industry is more cautious about what M$ is doing after OpenAI
Perhaps, but that’s not going to drive a large migration away from MS created tech by engineering teams. If a team chooses something because it’s the cool new thing and then moves away from it as soon as anything negative comes out about the creator of the tech, that team isn’t going to get much actual work done.
Are people abandoning Visual Studio, VS Code, MS Office, .Net in large numbers because of this stuff? Nah. We may bitch and whine about it, but in the end we’ll keep using the tools that we believe get the job done.
I believe a lot of the migration has been for library/framework maintainers
As in, the burden of maintaining typescript isn’t really needed. Especially with jsdoc annotations.
Svelte is a much better example of a rational choice than whatever twitter vomit DHH makes.
Why would we need to care about such kind of silly things? I will use any tool that works and I feel comfortable with, I don’t care about what others think of it.
Hey folks! We’re happy to invite you to DevOpsDays Ukraine: Disaster Recovery at scale on September 14-15th
Get ready for a two-day DevOps journey: Fireside Chat with the co-founder of DevOpsDays, Patrick Debois. Cultural Talks by top experts Charity Majors, Iaroslav Molochko, Manuel Pais, Adriana Villela just to name a few.
Check out agenda & register https://www.devopsdays.com.ua When? September 14-15 Where? Online Can’t wait to see y’all!
Meet the second day of DevOpsDays Ukraine: Disaster Recovery! We will go live at 6:00 pm by Kyiv time. If you’re not with us yet, you still can register and join the second day of DevOps talks. Also after event we’ll send all participants records https://www.devopsdays.com.ua/
Someone asked about Contributor license for Crossplane provider, https://crossplane.slack.com/archives/CEG3T90A1/p1694438229575689. no answers yet
What terminal are linux folks using these days that has sixel support?
OMG I haven’t thought of Sixel for decades.
Does it have to be Sixel? iTerm2 supports rendering images to the screen, see
imgcat (macOS only, alas)
Lol. I just got used to being able to pipe vegeta attack output onto jplot…. there’s probably a Linux way, but I haven’t looked into it yet.
Just need something to make an active chart in the term…
Often I’ll do something like this, where “makeplot” will render plot to
while sleep 30 ; do date ; ./makeplot.sh ; imgcat plot.png ; done
In editor, update data and makeplot script. Results will be shown in terminal 30 seconds later.
Nice. I’ll see about it soon. Have some load tests to do.
Upjet - Generate Crossplane Providers from any Terraform Provider
https://medium.com/@xpf6677/the-kcl-programming-language-v0-6-0-released-%EF%B8%8F-d2fb67282457 We have released KCL Programming Language v0.6.0! For this version, we have written a blog to describe the updated content. Welcome to read and provide feedback!
Plandek LiveView - A game changer for software delivery teams
Effective product delivery is paramount in today’s rapidly evolving software landscape. Plandek has intelligently designed LiveView to revolutionise how teams keep track of and manage their Sprints and Epics. It allows product delivery teams to track the delivery of their work across the entire toolchain…
I wanted to share some exciting news with you. From September 25th to October 1st, KodeKloud have a special event lined up - a Free Week of learning.
During this event, you will have exclusive access to:
• 65+ Industry-leading DevOps Courses
• 500+ Interactive Hands-on Labs
• KodeKloud Engineer 2.0
• A Vibrant DevOps Community with over 1M+ enthusiasts
• Role and Domain-Based Learning Paths You can find more details and register for the Free Week here: https://kodekloud.com/pages/free-week
And I, for one, saw it coming…
An exploration of Kubernetes Resource Manager and the Google Config Connector
I’m not the best bash/zsh scripter. Would love a tip if anyone knows what I’m doing wrong in my script to build a dynamic command. Spent a little time on this a few months back and couldn’t get it working. Will watch for any comments if anyone has any tips.
gist - watching for comments https://gist.github.com/sheldonhull/b30c52cb236965da8cc43ab48f4fecdb
Hey I’ve been looking at dependency management and stumbled on tools like dependabot/renovate. However, we use sonarcloud (SAAS) for code-quality, static code analysis. I’d like to ask if there is a way in sonarcloud for performing dependency management?? I’d be more interested to know how it can be enforced on the repos, like dependabot / renovate. I am not very sure if sonar is right tool for the job, just trying best to avoid a tool sprawl.
sonarcloud - to the best of my knowledge - does not nor do they plan to implement SCA, and choose to focus on the sast side of the product.
For self-hosted, there used to be plugins, but that configuration is not supported by sonarcloud.
the toolchain aboove is what i refer to as legacy sast, and although it has its place, i personally feel it raises too many false positives to be really useful.
have you considered a tool change? tools such as snyk (what i would refer to as nextgen sast) offer both sca and sast in the same tool, although they dont highlight code quality, they offer licensing compliance, sca, sast, and iac scanning in a single pane of glass.
I’ve checked on synk, but it seems quite costly & I’m looking at solving somewhat same problem using open source. I’ve come down to following tools in my research so far
• SCA - Dependabot / Renovate
• SAST - SonarCloud
• DAST - Currently WIP. Not sure yet Let me know if you’ve any other suggestions for me
Sast - semgrep Dast - golismero, zap, burpsuite, nikto
Have you seen fossa ?
Nope I haven’t heard about fossa yet.
I’m assuming above tools can be integrated in CI/CD pipelines easily, We use circleci in our environments
I’ll check out the tools & also share some findings here! Thanks @Allan Swanepoel
gimme a shout anytime, this is one of my speciality domains
(both oss and app-sec)
Crossplane will become a standard among DevOps soon, but I found very difficult to automate creating of EKS OIDC provider and working with IRSA in general, which I’ll cover in the next video. (1/2)