DevOps

Git Archeology

Most people will start with using “git blame” (or the respective functionality within their IDE/editor).

But on most non-trivial projects, you usually end up with a refactoring commit, a rename, or a trivial cross-project fix like switching to another assertion library. At first glance, we only see the most recent changes, not the most important ones.

We need to carefully remove layer by layer of sand and dirt that has been swept over the real changes to unearth them.

Looking For Free Docker Registries

Since Docker announced that it would remove unused images from Docker Hub, I’ve been interested in listing places where I could host mine.

As it’s for personal purposes, I’m interested in free plans. Here’s what I found!

SolarWinds Hack And The Executive Order Of Cybersecurity: What Does This Mean For Us?

In the past two years, we have had to learn a lot about cybersecurity. New attack vectors are becoming more and more sophisticated and are directed more and more against the value chain in general.

But what does that mean for us? What can be done about it, and what reactions have the state already taken?

Updating Data Files: Commits vs. Pull Requests?

I decided to switch to an alternative approach in GitHub Actions.

Instead of committing, I updated the script to open a Pull Request. If I need to run the demo, I’ll merge it (and pull locally); if not, it will stay open. If an opened PR already exists, the action will overwrite it.

Now, I can schedule the action more frequently.

SAST, DAST, IAST and RASP

In this article, we’re going to look at the differences between the various cybersecurity defence techniques.

My personal opinion on these different approaches is that if you start with DevSecOps or security in IT in general, the SAST approach makes the most sense. This is where the greatest potential threat can be eliminated with minimal effort.

Here you can identify four main groups, which we will go through briefly one after another to illustrate the advantages and disadvantages.

GitLab: Your Continuous Deployment One-Stop Shop

This article shows how one could offload the Docker part of your build pipeline from your local machine to GitLab using the Kaniko image.

It saves on time and resources.

The only regret I have is that I should have done it much earlier as I’m a huge proponent of automation!

JReleaser 0.6.0 Released!

JReleaser is a tool that streamlines creating releases for [Java] projects.

It can create a GitHub/GitLab/Gitea release, while also packaging binaries for Homebrew, Snapcraft, Docker, Chocolatey, Scoop, JBang and, more than that, announces releases to Twitter, SdkMan!, e-mail, Zulip, Discord, Gitter, Slack, Teams, and more!

SKP’s Definitive Primer: Failures, Pitfalls, and Disadvantages of Microservices

Microservice adoption has almost become the norm in most software product and IT services organizations.

Below, I take the opportunity to make you aware of real-world issues faced by organizations of all sizes in migrating or adopting microservices.

Since learning from others’ mistakes and knowing pitfalls upfront can be helpful in preparing and planning better, this overview will be of help to those planning a shift to a microservices strategy.

CVSS 101: First Steps with Common Vulnerability Scoring System

What is the Common Vulnerability Scoring System (CVSS), who is behind it, what are we doing with it, and what does a CVSS Value mean for you?

With CVSS, we have a value system for evaluating security gaps in software. Since there are no alternatives, the system has been in use worldwide for over ten years and is constantly being developed, it is a defacto standard.

The evaluation consists of three components.

The Lifecycle of a Security Vulnerability

Again and again, we read in the IT news about new security gaps that have been identified.

Most of the time, you don’t even hear or read anything about all the security holes found that are not as well known as the SolarWinds Hack, for example.

But what is the typical lifecycle of such a security gap?

Jakarta EE Application Deployment to Kubernetes Cluster in Jelastic PaaS

Recently, Jelastic were asked to sponsor cloud hosting of a Jakarta EE project, called Cargo Tracker.

Being a member of Jakarta EE Working Group, Jelastic wanted to support the community and thus we started to run this application at one of our service providers (Scaleforce).

In this article, we would like to show how to deploy the Jakarta EE projects to the Kubernetes cluster within Jelastic PaaS using Cargo Tracker as an example.