-
Building a code assessment tool but in Kubernetes
Container based security measures Smaller images for code execution platform Not running the container as root Kubernetes related Run the deployment in different namespace Setting up a new Service account in kubernetes Ensuring service account token is not mounted in potentially vulnerable pods Ensuring that the container is started with non-root access Ensuring resource limits are set Set security context Setting network policy Using a stricter seccomp/apparmor profile Tool related Ensure limited logs sniffed Ensure that there is a time limit of code executions Future efforts I had previously attempted to build a code assessment tool in docker.
Read more… -
Connect Slaves Jenkins configured with JCasC - Docker
This is a continuation of the previous blog post for automating Jenkins server setup. The previous setup only created a setup for a single node Jenkins build server farm. This definitely won’t be sufficient for larger teams where they would be building applications and running workflows on a more frequent basis.
Read more… -
Automating Jenkins Initial Setup
Jenkins, a pretty popular Continuous Integration/Continuous Deployment (CI/CD) build tool, plays a pivotal role in automating the software development/deployment process. Over the years, Jenkins has evolved to become an extremely versatile automation server that facilitates continuous integration and delivery by orchestrating the building, testing, and deployment of code.
Read more… -
Building RPMs and storing it in Artifact Registry
Introduction When one mentions about application packaging - the usual first thought that can cross a person’s mind is how the application would be packaged in docker containers. That is a somewhat fair thing to think about - containers have gotten pretty common in developer circles.
Read more… -
Github actions for shopping list application
I have a basic shopping list application that is available in the following code base: https://github.com/hairizuanbinnoorazman/Go_Programming/tree/master/Apps/shopping-list. This is a simple Golang application that also embeds a generated javascripts that has been transpiled into Javascript files.
Read more… -
Using Terraform for deploying databases and applications in Google Cloud
Over the past few months, I have been toying with the idea of going all in with Ansible or all in with Terraform. Both tools are pretty popular tools when it comes to application and tools deployment.
Read more… -
Nginx as API Gateway - focusing on auth_request directive
On virtual machine How to “protect” api requests https://www.nginx.com/blog/deploying-nginx-plus-as-an-api-gateway-part-1/ Mostly is the auth_request directive Microservices are a software architectural style that structures an application as a collection of loosely coupled, independently deployable services.
Read more… -
System Design Notes
General framework for system design interviews From the following website: https://www.youtube.com/watch?v=i7twT3x5yv8 Specify Requirements Design High Level Functional Components Deep dive to specific “interesting” pieces of the components
Read more… -
Access Cloud SQL from Google Cloud Run without Serverless VPC Access Connectors but via VPC
Introduction Previously, Serverless VPC Access connector is a commonly used solution to connect Cloud Run to Cloud SQL securely. This option is still available for use today but with all the previous blog posts that cover how we can:
Read more… -
Multiple Database Support - MySQL and SQLite support
I intend to try out the Turso service in order to see if there is any other potential serverless database that would have pretty decent type of billing for small projects.
Read more…