In continuous integration, we often reuse the same GitHub workflow for multiple events. For example, we may need the build workflow when we push a new commit, or when someone creates a new pull request, or before we create a new release. However, we may end up having the same workflow multiple times with this approach: both for a push and a pull request or both for a push and a tag. In this post, we present a solution that helps to avoid running unnecessary duplicate jobs.
It is not always convenient to manage the cluster from the console; a web dashboard is sometimes much more convenient. In this post we will learn how to set up automatic certificate renewal with cert-manager, expose the Kubernetes Dashboard to a public Ingress over a secure connection, and configure simple basic authentication as an addition security layer.
OpenTelemetry is an observability framework for cloud-native software to instrument, generate, collect, and export telemetry data (such as metrics, logs, and traces) for analysis. OpenTelemetry provides language-specific integrations automatically that capture relevant traces, metrics, and handle context propagation. For Node.js,
No matter how much you trust in the npmjs package registry in general and in packages you are using in particular, Bad Things™ always happen. They happen to the best of us. Even a small Node.js project may have thousands of dependencies, which makes it virtually impossible for a developer to monitor and audit them all.
An NPM package has two main ways to harm you: the first one is when you install it, and the second one is when you actually use it. The first way is possible because of the so-called “lifecycle scripts” run by npm. And even though one of the earliest attacks exploiting lifecycle scripts dates back to 2017, developers still do not take measures to protect their data.
This post explains how to protect sensitive information (such as authentication tokens) when running CI builds.
In Alpine Linux 3.11, there is an issue with Varnish Cache: reload operation always fails. In this post, I try to analyze why this happens, and provide a patch that solves the issue.
Because large queries can hurt site performance, WordPress caps
per_page REST parameter at 100 records. However, there are situations when you need to override this value. Luckily, this is easy to do, and this post explains how to do that.
When experimenting with Docker Swarm, I decided to set up five more nodes on my local computer. I used Alpine images in the LXC, and tried to use Docker in them. Although docker stared successfully, it was impossible to deploy any services to Alpine nodes, deployment failed with “cgroups: cannot find cgroup mount destination: unknown” error message.
Because I dislike when something that should work, does not work the way I expect it to work, I decided to dig deeper and try to fix the problem.
I needed a small container for experiments to run on my systemd-based machine. LXC and LXD were out of the question. However, systemd has systemd-nspawn tool, which I used to build a container.
The size of the resulting rootfs is around 8.7 MB
This post explains how to configure cssnano when you have to support IE 11, and your CSS contains hacks targeted at it.
Looks like some people on Twitter have just discovered
update-motd and, in particular,
TL;DR: just run this if you want to disable motd-news:
sudo sed -i 's/^ENABLED=.*/ENABLED=0/' /etc/default/motd-news