As a DevOps engineer, I frequently come across talented developers that underestimate some security aspects of the deployments, for instance, just to name a couple: integrity and authenticity of the code or artefacts that we deploy.
Python and Powershell are powerful languages to develop quick and robust solutions are extremely popular between attackers, for this reason, our ecosystem should take security very seriously.
Security is now far beyond the (old) perimeter of the company’s’ premises and infrastructure, indeed network or systems is abstracted away with or without cloud/hybrid deployments and just the enforcing identity is not enough in most cases.
In my opinion, white-listing applications around code-signing and checking the integrity of our code it’s more effective and less painful than you can think a good habit to build on a daily basis.
Continue reading “How to sign a PowerShell script”
As a DevOps, most of my energies are constantly focused on doing or fixing things right from the start with the intention of creating a simple or at least straightforward processes. But this is not an article on my endless war against technical debt and avoiding shortcuts whenever it’s possible.
the more things change, the more they stay the same
The values and the culture inherited from ITIL, Agile and DevOps massively influenced the whole modern software life cycle. CI/CD extended to code quality/testing/delivery etc.. In these years should have changed most of our daily tasks or our business-as-usual, right? Well… not yet! Continue reading “Application Deployment Troubleshooting with Powershell”
As a DevOps with work experiences as a Developer and System Engineer, I tend to give for granted that all my colleagues or peers have the same background knowledge or simply the same vocabulary.
But I’ve recently discussed with some seasoned sysadmins working for other companies and I was surprised to discover the barrier was around the vocabulary and the design principles (for developers or system engineers) used as a reference point.
Naturally, we try to solve problems with solutions or technologies that we already used in the past, without exploring all the possibilities. Sometimes we simply don’t get some context or benefits of doing it differently or we can’t measure how expensive can be the adoption of different models or strategies.
For instance: Microservices, RESTfulAPI, Webhooks are common terms that most of us are comfortable using every day, but these design implementations and functions are sometimes not so simple to break it down into small independent pieces. Continue reading “How to trigger incoming webhooks in Microsoft Teams with Powershell”
The moment I heard about this book, I wanted to read it. The title is self-explanatory: “How Google Runs Production Systems”. It looked so interesting to me that I immediately purchased it. At that time I had other books waiting in my bookshelf, but I was so impatient to read this one, that I admit I started immediately after the Phoenix Project. This one was the one that I absolutely wanted to read.
The contents in this book are well organised, chapter after chapter it’s easy to accept the challenges that an organisation of this size had to conquer to become successful in managing the infrastructure, processes and people.
Continue reading “Site Reliability Engineering”
There is no such thing as the myth of a “perfect” green-field deployment. But in real life most of the times there is a just room/resources (e.g. time and money) for patches of green on a big brown-field.
What I really mean.. is that we can’t always keep up with the pace of new technologies and just re-design things from ground up following new trends without understanding or maintaining the legacy design or more importantly meeting the business needs.
Starting from the network and I like to create a basic network diagram will outline at glance things that could potentially limit infrastructure growth or expose it to potential risk that we need to mitigate. Designing , re-designing things well or better is based on getting the requirements right and verify that desired targets are met. To speed up this discovery process we use tools to gather the information we need. Continue reading “Powershell: How to perform Ping Sweep and Reverse-Lookup on a private network”