ControlPlane was able to hire (not acqui-) a few of the FluxCD maintainers and other WeaveWorks staff to continue supporting the project — we did what we could, agree this is better for Styra folk than the uncertainty of closing up shop.
The shop (Styra) did get closed. A few of the most senior maintainers were hired by Apple. Many - including anyone not directly involved in engineering of the OSS product - are now looking for jobs.
> bpkg is a lightweight bash package manager. It takes care of fetching the shell scripts, installing them appropriately, setting the execution permission and more.
> You can install shell scripts globally (on /usr/local/bin) or use them on a per-project basis (on ./deps/), as a lazy-man "copy and paste".
Also bash-lib is using bats (Bash Automated Testing System) for verification, which is un-maintained and has been forked should anybody be interested https://github.com/bats-core/bats-core
Markov Chains can be quite amusing when applied to a corpus of similar texts, and often stunningly human-like. I maintain a list of humourous applications: https://github.com/sublimino/awesome-funny-markov
Perhaps counterintuitively (in British English at least) the noun news is uncountable (e.g. referring to a mass rather than something that can be counted), and is singular in grammatical construction (so cannot be pluralised).
If you're enough floors up: descending in an elevator then immediately ascending by the stairs works wonders for the sedentary body, and the mind. I also do this sometimes when hacking through lunch to trick my mind's context, then reverse the journey to start the afternoon.
I assume the benefit is partly the fact you're taking a break for an extended period of time away from the computer, so why wouldn't you just walk down the stairs and get the elevator up?
Exactly - continuous deployment is about moving some/most testing to production, not eliminating it altogether.
Acceptance testing the system once deployed is the cornerstone of organisational acceptance of the CD doctrine - errors will always happen, it's just that they can now be fixed much faster in production.
Using an acceptance test suite as a deployment safety harness should dramatically increase the quality of tests, and hopefully the application too.
https://github.com/ezekg/git-hound - "Hound is a Git plugin that helps prevent sensitive data from being committed into a repository by sniffing potential commits against PCRE regular expressions"
https://github.com/michenriksen/gitrob - "The tool will iterate over all public organization and member repositories and match filenames against a range of patterns for files that typically contain sensitive or dangerous information"
Of note is that an immutable/noexec filesystem doesn't prevent code being downloaded to an environment var/typed out and run - tools like https://github.com/SafeBreach-Labs/pwndsh just pipe source to an interpreter (in that case BASH, which generally isn't installed in smaller base images).
Reducing the attack surface is important, but if a running container is compromised it's imperative a post-mortem is performed immediately - and the issue remediated - to prevent re-exploitation.
> Since the mid-1980s, my mantra for this process is “strong opinions, weakly held.” Allow your intuition to guide you to a conclusion, no matter how imperfect — this is the “strong opinion” part. Then –and this is the “weakly held” part– prove yourself wrong. Engage in creative doubt. Look for information that doesn’t fit, or indicators that pointing in an entirely different direction. Eventually your intuition will kick in and a new hypothesis will emerge out of the rubble, ready to be ruthlessly torn apart once again. You will be surprised by how quickly the sequence of faulty forecasts will deliver you to a useful result.
