Thanks for sharing! I definitely hadn’t seen that plugin. We definitely use helm, even though I hate it lol. I will take a look when I get around to looking at external secrets since I still haven’t had a chance to (you know how it goes… priorities made up by some random PM or whatever)

best way:

$(pwd)/ngnix.conf:<container path>

I find it very difficult to recommend generative ai as a learning tool (specifically for juniors) as it often spits out terrible code (or even straight up not working) which could be mistaken as “good” code. I think the more experienced a dev is, the better it is to use more like a pair programmer.

The problem is it cannot go back and correct/improve already generated output unless prompted to. It is getting better and better, but it is still an overly glorified template generator, for the most part, that often includes import statements from packages that don’t exist, one off functions that could have been inline (cannot go back and correct itself), and numerous garbage variables that are referenced only once and take up heap space for no seemingly no good reason.

Mainly speaking on GPT4, CoPilot is better, both have licensing concerns (of where did it get this code from) if you are creating something real and not for fun.

I prefer Sealed Secrets over sops since it has the namespace scoping element and can also be stored in repo (once encrypted). I also generally prefer having a controller deployed rather than forcing devs to learn kustomize (which we don’t widely use yet) so I guess less of a support burden for me.

I can’t believe I haven’t seen external secrets before. Sealed secrets are cool, but such a pain as you described. Gonna be setting up external secrets next week sounds like. Thanks for the great post

I have been using “gaming” keyboards for coding for ~10 years now. The only thing to be wary of imo, is keebs that have “extra customizable keys” on them and break conformity from a standard layout. Depends on the device, but Logitech will call them “G keys”, for example, and often stick them on the far left of the board, left of tab/caps/L shift. Makes life a lot more difficult if not gaming.

Outside of that, I think calling something a “gaming” keyboard is more of a marketing tactic to up the price. It’s hard to not recommend mechanical, but that sounds out of budget and often hard to do wireless/bluetooth, but personally I think mech is the top priority.

What I have seen a lot of peers do is wait to see whatever keyboard the get in office, then buy the same one for home for consistency, rather than dragging a personal one back and forth. Often companies will offer basic boards like logitech K270, K350, or K650. Not amazing, not terrible, and most likely fit in your described criteria.

Im a bit late to the show, but I personally feel like you are heading down the wrong path. Unless you are trying to completely host locally, but for some reason want your backups in the cloud, and not simply on separate local server, you are mixing your design for seemingly no reason. If you are hosting locally, you should back up to a separate local instance.

If you indeed are cloud based, you SHOULD NOT be hosting a DB separately. Since you specified S3, you are using AWS, and you should rather use RDS managed mySQL and should use the snapshot feature built in. ref

Laughs in object

I am not as familiar with Cloud Native DevOps Newsletter but I do enjoy the podcast

December 8th, 2009 - Motorola Droid successfully rooted … [granting] root access on the phone using a terminal emulator. This is how I learned bash which inevitably pushed me into pursuing proper Computer Science.

wiki ref

I believe in GitHub branch protection rules, you can set required review by a code owner, as well as set an amount of reviews required.

You are also able to structure codeowner files and assign codeowners to certain paths within the repo that they “own”, rather than all or nothing.

You are able to set bypass rules for certain individuals, and as repo admin there is a little checkbox on PRs that will appear by default to allow you to ignore the requirements, although it is generally not recommended, but I won’t harp on the reasons others have already pointed out.

disclaimer: I mainly work on a GHES instance, which may be function slightly different than public GH

December 8th, 2009 - Motorola Droid successfully rooted … [granting] root access on the phone using a terminal emulator. This is how I learned bash which inevitably pushed me into pursuing proper Computer Science.

wiki ref

I prefer a similar workflow.

I am a major advocate of keeping CI as simple as possible, and letting build tools do the job they were built to do. Basic builds and unit/component testing. No need for overcomplicating things for the sake of “doing it all in one place”.

CD is where things get dirty, and it really depends on how/what/where you are deploying.

Generally speaking, if integration testing with external systems is necessary, I like to have contract testing with these systems done during CI, then integration/e2e in an environment that mimics production (bonus points if ephemeral).

The most difficult generalisation step is going from one to two. Once you’ve generalised to two cases, it’s much easier to generalise to three, four, or n cases.

🥇

Although it seems to ignore things like sidecar containers to support the application locally (rather than needing to do a full install of a database tech, for example), I really like the point being driven.

I think Go is good to learn. Many vetted open source Go tooIs use Makefiles (e.g. kustomize) which may be a good point of entry for DevOps in Go.

Just make sure to test the regex instead of blindly slapping it in assuming it works 🙂

It covers each and every line of the source code, each and every conditional statement in the program and every loop otherwise known as iteration in the program.

I think it is important to note 100% code coverage (“covers each and every line”) does not mean the tests are good tests.

The myth of 100% code coverage

Yes, I write SpringBoot microservices and IntelliJ plugins using Kotlin. Any new code is Kotlin, but there is still a ton of Java, which I don’t consider “legacy”, since it works, and if I can sanely add Kotlin when necessary, I don’t see the need for “full rewrite”.

You may get more traction by asking the Kotlin community

In my opinion, it really depends on what type of place you would want to work. There are a lot of options out there, but (specifically for SRE) “cloud knowledge” is a must most places.

I would consider someone with an SRE title more ops than dev, and wouldn’t expect much in terms of writing code. I would more expect things like advanced knowledge of availablility, reliability, performance and observability on whatever cloud provider is being used. A Site Reliability Engineer is responsible for realiability of the deployed site, so it is dependent on the site/company on what the actual day to day would look like.

This isn’t to say you wouldn’t have a place in DevOps with your current skills. However, it may be an easier route to start more on the dev side than the ops side as, in my experience, ops are harder to learn generically because every shop has different processes and operations.

The dev side includes things like you mentioned (e.g. build/test execution/package/artifact publish/code release) and then mixes heavy into ops during deployment which then turns into SRE type stuff when the app is deployed to a real place. Often the dev side is done by people with Software Engineer type titles (potentially a DevOps team), and may even be done directly by the developers themselves.

A lot of these processes include a developer needing to execute locally as well as repeatable execution by an automated system of some type (CI). Linux and bash knowledge is very useful for these types of things, as most of the time end deployment will be on a Linux distro, although development happens on OSx or Windows.

The industry is already trying to change buzzwords, from DevOps to DevSecOps, so it is never bad to know security as well. Things like security vulnerability detection and remediation are very valuable and part of the “shift left” in terms of software delivery.

You are welcome to read my comment history to see my feelings about python in DevOps, but they are not positive, and should just use bash, unless it is actually a python shop and other people know how to use python, or else it will most likely become a security vulnerability in and of itself.

The most simple way of explaining the cloud computing is storing, accessing, and processing data over the internet instead of using a traditional client server architecture.

Just because your compute is “in the cloud” doesn’t mean it isn’t a server, and it definitely can still be client/server architecture

Cloud provider hosted server accessed by client = client/server architecture