Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Andrey Devyatkin
    @Andrey9kin
    so is it a some kind of wrapper around argocd?
    Julien Bisconti
    @veggiemonk
    It seems like it, but with better default configuration
    Julien Bisconti
    @veggiemonk
    Mattias Hemmingsson
    @mattiashem
    Nice have a hackday so will start looking on devtron.ai looks nice.
    Julien Bisconti
    @veggiemonk

    Devops vs Security - where do they intersect?

    Cyber Security & Devops With Zaid Sabih & Brett Fisher

    OH:

    A: "Just use Terrible to deploy it."
    B: "What?"
    A: "Terraform and Ansible."
    B: "Oh. Yeah. Terrible."

    Mattias Hemmingsson
    @mattiashem
    hahah
    Nice to talk some IDS next time
    And how new tools are taking over :-)
    Julien Bisconti
    @veggiemonk
    Cool
    I heard Wazuh was quite popular.
    Julien Bisconti
    @veggiemonk
    Jacob Lärfors
    @jlarfors

    Hey! So I’ve been part of a team developing an open source tool for capturing as much data as possible to do with software development/release (test results, task management, ci pipelines, etc.). It is basically a data pipeline language in HCL with a graphql backend for data storing, querying, mutation, subscribing, notifications... At least I am super excited about this project, codenamed “bubbly”
    Andrey suggested that we could do an episode on this, and discuss similar tools like Eiffel or even tekton.

    Thoughts_

    12 replies
    Andrey Devyatkin
    @Andrey9kin
    1 reply
    Support not only vault but AWS Secrets Manager as well
    though useful for GitOps approach I wouldn’t pull secrets from Vault to k8s secrets since then auditing becomes harder
    it is better to have application to read it directly from vault (or using some startup script)
    making sure we have a tracable access log wiht actual id
    Jacob Lärfors
    @jlarfors
    “that would be an interesting show” <— maybe too interesting :D
    Mattias Hemmingsson
    @mattiashem
    Sounds great 👍 i can send invites. I want to hear more about that project
    I use this for getting vault secrets to my pods
    Andrey Devyatkin
    @Andrey9kin
    have you seen this one https://github.com/hashicorp/vault-k8s ?
    official mutating webhook from HashiCorp
    Mattias Hemmingsson
    @mattiashem
    Yeee but you get the secret as a secret then in the pod mounted as a file. And want them as env
    Andrey Devyatkin
    @Andrey9kin
    Understood
    Mattias Hemmingsson
    @mattiashem
    Doing 12 faktor and the nice part it's lock the secret to the precess so if you exec into the pod and do a env you only se the path to the secret
    Well the pod has access to pull it so you can curl and get the secret from the pod 😂
    Andrey Devyatkin
    @Andrey9kin
    Do not want to break it for you but /proc/$pid/environ ….
    In linux everything is a file
    though you need a root or sudo to read that one
    not sure if the same user can read one of its processes environ
    Mattias Hemmingsson
    @mattiashem
    Yeee it's not a protection. :-)
    Andrey Devyatkin
    @Andrey9kin
    Number 20 is out
    Jacob Lärfors
    @jlarfors
    Hey guys, sadly I have to decline today's session... I have a lot of work (build up before xmas) and so I have to prioritise myself a little bit :) Hope it's not a problem, I'd love to join another time and have a great one!
    Andrey Devyatkin
    @Andrey9kin
    no worries
    Life happens
    Julien Bisconti
    @veggiemonk
    The ikea deliveries is coming in 10 min, I'll will be late
    Julien Bisconti
    @veggiemonk
    it's delivered! Those guys were so fast
    Julien Bisconti
    @veggiemonk
    Andrey Devyatkin
    @Andrey9kin
    just announced during the keynote https://aws.amazon.com/fis/
    Julien Bisconti
    @veggiemonk
    Talking about Chaos Engineering, I've done a few talk about it: One of the earliest is https://www.youtube.com/watch?v=ukc5mvZkxDI with Sylvain (author of Chaos Toolkit)
    Andrey Devyatkin
    @Andrey9kin
    that is cool
    will add it to the show notes
    Henrik René Høegh
    @HenrikHoegh_twitter
    Hi. Me and Jonas (a colleague) are creating an open source tool on GitHub. Mostly to try and set s proper project up, and because a customer of ours need it. Its done in our free time, and we would love some feedback. It's still work in progress, but the major functionality is more or less in place.