#random (2023-09)
Non-work banter and water cooler conversation
A place for non-work-related flimflam, faffing, hodge-podge or jibber-jabber you’d prefer to keep out of more focused work-related channels.
Archive: https://archive.sweetops.com/random/
2023-09-01
Ever wondered how top companies scale their software delivery seamlessly? Our latest blog post unravels the secrets of continuous delivery, the hurdles in the scaling journey, and the role of Cloudsmith in ensuring a smooth sail. https://cloudsmith.com/blog/scaling-software-delivery-continuous-delivery-overcoming-challenges-and-the-power-of-cloudsmith/
2023-09-06
| KCL Biweekly Newsletter (2023 08.24 - 09.06) | Kubernetes Operator, IDE Extensions and v0.5.6 are out! https://kcl-lang.io/blog/2023-09-06-biweekly-newsletter/ |
2023-09-07
Frontend/Backend communities are fighting back against Typescript, what can we learn from them?
What’s wrong with typescript? Why are people fighting it? How do you fight a language?
This is the 2nd post I came across today about ditching Typescript…
I’m not sure two posts makes something a trend. And in this particular article the only thing I’d consider “fighting” is people arguing to keep typescript.
Why would people ditch typescript
apparently more people are fed up with M$, I heard many people didn’t like M$ 20 years ago and I didn’t know why but now I knew after OpenAI’s sneak attack
People have been bashing MS for decades, and much of it has been deserved. Especially given their embrace, extend, extinguish strategies.
That said, I’ve never seen anyone say they were ditching/avoiding typescript because they don’t like MS (though it very well could happen).
The reason I’ve seen has been that JavaScript is good enough now, and doesn’t require a build step. Both valid points, but typescript isn’t going anywhere.
I vividly remember seeing dozens of “java is dead” articles in the early 2000s. Clearly it was not. Saying that people are fighting against typescript feels like a modern iteration of that kind of thing.
just came across this video published in 24 hours https://www.youtube.com/watch?v=5ChkQKUzDCs
it may or may not be the trend but the industry is more cautious about what M$ is doing after OpenAI
Perhaps, but that’s not going to drive a large migration away from MS created tech by engineering teams. If a team chooses something because it’s the cool new thing and then moves away from it as soon as anything negative comes out about the creator of the tech, that team isn’t going to get much actual work done.
Are people abandoning Visual Studio, VS Code, MS Office, .Net in large numbers because of this stuff? Nah. We may bitch and whine about it, but in the end we’ll keep using the tools that we believe get the job done.
ThePrimeTime joined, https://www.youtube.com/watch?v=Bv3YhGku92w
I believe a lot of the migration has been for library/framework maintainers
As in, the burden of maintaining typescript isn’t really needed. Especially with jsdoc annotations.
Svelte is a much better example of a rational choice than whatever twitter vomit DHH makes.
2023-09-08
2023-09-09
Why would we need to care about such kind of silly things? I will use any tool that works and I feel comfortable with, I don’t care about what others think of it.
The trend is like kinda ripple effect, toolings heavily backed by VCs will be ditched more and more if it is not open enough or it takes a fake-open strategy. Not only for Terraform but also others, Javascript/Typescript is another example
I don’t think ThePrimeTime saw this in his new video, https://www.youtube.com/watch?v=Bv3YhGku92w
2023-09-11
Hey folks! We’re happy to invite you to DevOpsDays Ukraine: Disaster Recovery at scale on September 14-15th
Get ready for a two-day DevOps journey: Fireside Chat with the co-founder of DevOpsDays, Patrick Debois. Cultural Talks by top experts Charity Majors, Iaroslav Molochko, Manuel Pais, Adriana Villela just to name a few.
Check out agenda & register https://www.devopsdays.com.ua When? September 14-15 Where? Online Can’t wait to see y’all!
Meet the second day of DevOpsDays Ukraine: Disaster Recovery! We will go live at 6:00 pm by Kyiv time. If you’re not with us yet, you still can register and join the second day of DevOps talks. Also after event we’ll send all participants records https://www.devopsdays.com.ua/
Someone asked about Contributor license for Crossplane provider, https://crossplane.slack.com/archives/CEG3T90A1/p1694438229575689. no answers yet
2023-09-12
What terminal are linux folks using these days that has sixel support?
OMG I haven’t thought of Sixel for decades.
Does it have to be Sixel? iTerm2 supports rendering images to the screen, see imgcat (macOS only, alas)
Lol. I just got used to being able to pipe vegeta attack output onto jplot…. there’s probably a Linux way, but I haven’t looked into it yet.
Just need something to make an active chart in the term…
Often I’ll do something like this, where “makeplot” will render plot to plot.png file:
while sleep 30 ; do date ; ./makeplot.sh ; imgcat plot.png ; done
In editor, update data and makeplot script. Results will be shown in terminal 30 seconds later.
Nice. I’ll see about it soon. Have some load tests to do.
2023-09-13
2023-09-15
2023-09-17
https://medium.com/@xpf6677/the-kcl-programming-language-v0-6-0-released-%EF%B8%8F-d2fb67282457 We have released KCL Programming Language v0.6.0! For this version, we have written a blog to describe the updated content. Welcome to read and provide feedback!
2023-09-19
Plandek LiveView - A game changer for software delivery teams
Effective product delivery is paramount in today’s rapidly evolving software landscape. Plandek has intelligently designed LiveView to revolutionise how teams keep track of and manage their Sprints and Epics. It allows product delivery teams to track the delivery of their work across the entire toolchain…
Read more: https://plandek.com/blog/enhanced-liveview-for-sprints-and-epics/
2023-09-20
Hi all,
I wanted to share some exciting news with you. From September 25th to October 1st, KodeKloud have a special event lined up - a Free Week of learning.
During this event, you will have exclusive access to:
• 65+ Industry-leading DevOps Courses
• 500+ Interactive Hands-on Labs
• KodeKloud Engineer 2.0
• A Vibrant DevOps Community with over 1M+ enthusiasts
• Role and Domain-Based Learning Paths You can find more details and register for the Free Week here: https://kodekloud.com/pages/free-week
Sweeeet. I went from PoC to Production after taking Mumshad’s course on k8s 5 years ago.
That’s awesome!
2023-09-21
I’m not the best bash/zsh scripter. Would love a tip if anyone knows what I’m doing wrong in my script to build a dynamic command. Spent a little time on this a few months back and couldn’t get it working. Will watch for any comments if anyone has any tips.
gist - watching for comments https://gist.github.com/sheldonhull/b30c52cb236965da8cc43ab48f4fecdb
2023-09-25
Hey 
I’ve been looking at dependency management and stumbled on tools like dependabot/renovate. However, we use sonarcloud (SAAS) for code-quality, static code analysis. I’d like to ask if there is a way in sonarcloud for performing dependency management?? I’d be more interested to know how it can be enforced on the repos, like dependabot / renovate. I am not very sure if sonar is right tool for the job, just trying best to avoid a tool sprawl.
sonarcloud - to the best of my knowledge - does not nor do they plan to implement SCA, and choose to focus on the sast side of the product.
For self-hosted, there used to be plugins, but that configuration is not supported by sonarcloud.
the toolchain aboove is what i refer to as legacy sast, and although it has its place, i personally feel it raises too many false positives to be really useful.
have you considered a tool change? tools such as snyk (what i would refer to as nextgen sast) offer both sca and sast in the same tool, although they dont highlight code quality, they offer licensing compliance, sca, sast, and iac scanning in a single pane of glass.
I’ve checked on synk, but it seems quite costly & I’m looking at solving somewhat same problem using open source. I’ve come down to following tools in my research so far
• SCA - Dependabot / Renovate
• SAST - SonarCloud
• DAST - Currently WIP. Not sure yet Let me know if you’ve any other suggestions for me
Have you seen fossa ?
Nope I haven’t heard about fossa yet.
I’m assuming above tools can be integrated in CI/CD pipelines easily, We use circleci in our environments
Sonar community have confirmed that they don’t do any Software composition analysis (SCA). Ref
Github.com/fossas Yeah, im aware that sonarcloud doesnt plan to step into the sca market.
Yes, many of the tools i mentioned above can be automated, but you would have to do the work on getting a good result and centralised systems that can handle the information results
I’ll check out the tools & also share some findings here! Thanks @Allan Swanepoel
gimme a shout anytime, this is one of my speciality domains
(both oss and app-sec)
Seems like fossascli needs a signup too. I’ll look at some alternatives to it.
2023-09-26
Here is a cool tool called KXD my team wrote (completely open source) for managing multiple KUBECONFIG files and contexts. Please ️ it if you like it. https://github.com/radiusmethod/kxd