Alle Beiträge in der Kategorie 'VoH'

VoH – Are you hacking yet or are you still safe?

Last but not least, after Spectre and Meltdown, the question arises: „Would I already be hacked or have I just not noticed it yet? So why not make a virtue out of necessity and adopt your own systems? The learning curve is steep, but it helps to recognize and minimize risks.
It is essential that security know-how is built up in the team. The first step is to create an awareness of the problem. Especially for agile teams it is therefore important to establish different control points with automatic security tests. In addition to static code analyses, however, it helps enormously to get yourself into the role of the attacker.

Read more at medium.

VoH – Using Molecule and Docker to test Ansible Playbooks

In the DevOps lifecycle, configuration management has always been an integral part of maintaining the desired system state. Many common tools such as Chef, Puppet, Ansible, SaltStack were used for configuration management. But before the configuration can be used in production, it has to be tested because different systems behave differently with the same configuration. So we have to be aware that our desired configuration state goes through every test scenario before it is applied to production. This is where Molecule comes into play.

Read more at medium.

Fat jar CH 53e

VoH – Don’t build fat jars for Docker applications

In unserer Artikelreihe voices of holistikoenner/innen (VoH) bei wurde ein Artikel von mir publiziert. Darin geht es recht techniklastig um das Problem des Bauens von sogenannten „fat jars“.

Meiner Meinung nach sollte das Ziel von Java-Entwicker*innen sein, keine „fat jars“ zu erzeugen, sondern beim Erstellen von lauffähiger Java-Software auf schlauere Mechanismen zurück zu greifen.

Warum das sinnvoll ist und wie es funktioniert, erläutere ich bei Medium: Don’t build fat jars for Docker applications.