CodeIsGo.com

This post is my attempt to illustrate a Proof of Concept (PoC) author built to try out some ideas. Primarily author wanted to understand more about how to create great product experiences. By TK.

When we say high-quality software, this can mean so many different things. But we wanted to focus on three parts:

• Clean Code: Strive to write human-readable code that is easy to read and simple to maintain. Separate responsibility for functions and components.
• Good test coverage: It’s actually not about coverage. It’s about tests that cover important parts of components’ behavior without knowing too much about implementation details.
• Consistent state management: The need to build with software that enables the app to have consistent data. Predictability is important.

Library called tsdx was used to sey up all the Typescript configuration. It’s mainly used to build packages.

This is the first part of this project to learn more about user experience, native APIs, typed frontend, and tests. Project is centered around building 2 pages - home page and the search page displaying product lists. Plenty of links to further resources together with many code examples documenting the whole journey. Nice one!

Web Components are a newly supported standard. They’re a great match for Design Systems because they’re futureproof and work with any framework. Building proper UI Web Components can be quite a task though, especially if you want them to be accessible. By Erik Kroes.

The article does a great job of explaining what Web Components are and how to use them with accessibility in mind.

Web Components are a set of standards:

• Custom Elements: A way to create your own HTML elements
• ES Modules: Self-contained modules of JavaScript code that can be reused and extended
• HTML Templates: Reusable fragments of DOM
• Shadow DOM: Encapsulation of DOM

Together these standards enable “Reusable extendable encapsulated self-contained components for the web”. That’s quite a mouthful, but not very clear.

In practice, this means you can create your own HTML elements. These elements have their own bit of encapsulated DOM. In this, and many web-related cases, DOM stands for Document Object Model. …It means the HTML element you make can’t be touched or influenced by whatever is outside of the element. They can’t be accidentally styled, and they won’t mess with your global styles either. And because it’s an ES Module, the whole element can be distributed and extended. All these aspects together make up a Web Component.

You will also get code examples, explanation what is shadow DOM, and light DOM, overview of aspects that need special attention when creating an accessible user interface control, what are accessible UI components and plenty of links to further reading. Great job!

This is the inside view of how exactly a router operates. You only need to know this if you are poking inside a router implementation. If that is the case, my condolences. By Kamila Součková.

The packet has a destination IP address. This is matched in the routing table, using a longest-prefix match (LPM), i.e. it matches IP address prefixes. It may either be for a host the router is directly connected to (on some interface), or it may need to be sent further, through a gateway (through some interface). Therefore: The routing table maps a prefix to either a next hop through a gateway and an interface, or a direct connection through an interface.

The guide is split into:

• Some terminology
• The data plane: life of a packet
  • It needs to be routed: L3/router
  • It needs to be passed down: L2.5/ARP glue
  • It needs to be forwarded: L2/switch
  • The logic: Applying the tables
• The control plane: how to fill the tables
  • L3 / routing table
  • L2.5 / ARP table
  • L2 / MAC table

You will also get code (in P4 - P4 programs specify how a switch processes packets.) accompanying the explanations and demonstrating implementation. The author promises to provide the complete source code to a functional router in near future. Good read!

In this tutorial, authors propose a way to “mimic” group memberships - which can be either by team, project or any other aggregation you may need - using stock Kubernetes authorization features. By Juanjo Ciarlante @cncf.

As Kubernetes group membership is handled externally to the API itself by an Identity Provider (IdP), the cluster administrator needs to interact with the Identity Provider administrator to setup those group memberships, making the workflow potentially cumbersome.Identity Providers may not provide group membership at all, forcing the cluster administrator to handle access on a per-user basis, i.e. Kubernetes RoleBindings containing the “full” list of allowed end-users.

Source: https://www.cncf.io/blog/2020/09/17/simplify-kubernetes-resource-access-control-using-rbac-impersonation/

The article then does a good job explaining:

• Assumptions and prerequisites
• Overview of Kubernetes authentication
  • ServiceAccounts (SAs)
  • Users (external Personas or Bot users)
• Overview of Kubernetes Authorization and RBAC
• Using impersonated “virtual-users” to control access
• A working example with RBAC rules

… and much more. Extensive and detailed article useful for anybody working with Kubernetes. Great read!

This is a starter guide for UX Designers about delivering accessible websites. As a UX Designer you’e an advocate for the user. You’re responsible for making sure the product is useful and usable for all users, including those with disablities. By Peter van Grieken.

Your role as a UX Designer is to help the team approach accessibility as a facet of user experience rather than a checklist of requirements.

The article is split into multiple resources, including:

• Don’t design for mouse interactions alone
• Design what keyboard interactions look like
• Use of colour
• Colour contrast
• Be consistent - elements should be identified the same on all pages.
• Think about communication
• Video and audio content need text alternatives
• List of books about accessible UX desig

A big section is also dedicated to accessibility issues and how to find them. When you design and build websites properly, disabled people can use them. Unfortunately, many websites are designed in a way that makes them difficult or impossible for some people to use. Excellent read!

Watch this two-part video series on understanding root inside and outside of containers and how user namespaces work. By Brian Smith (Red Hat).

The first video, Overview of Rootless Podman: Part 1—Understanding Root Inside and Outside a Container, author covers the four different options when running containers with podman:

• Running podman as root, with processes in the container running as root
• Running podman as root, with processes in the container running as non-root
• Running podman as an unprivileged user (rootless), with processes in the container running as root
• Running podman as an unprivileged user (rootless), with processes in the container running as non-root (also known as rootless as a non-root user)

In the second video, Overview of Rootless Podman: Part 2—How User Namespaces Work in Rootless Containers, I dive deep into how user namespaces work in rootless podman, and demo the following topics:

• Running a container with rootless podman
• View user namespaces with the lsns command
• Review the /etc/subuid file, which defines subordinate UID ranges
• Review the /proc//uid_map file, which shows the UID map for a process
• Calculate the UID number that a process will use on the host
• Use the podman top command to view the mapping of users between the container and the host
• Use the podman unshare command to run a command within a container’s user namespace

Excellent series, in total about 20 minutes of high quality video tutorial. Well done!

Observability is an application state that gives you both the insight you need to understand what went wrong, and the tracing and tracking capabilities that help you understand why an error occurred. By Emrah Samdan.

In any application, high observability is a prerequisite for high availability. And to achieve observability in serverless applications, it’s important to get a complete picture - not just the snapshots of a single function call that most providers focus on.

The article content is split into:

• Defining observability
• Observability challenges in serverless applications
• Observability using AWS tools
• Observability with open source software
• Fully automated observability with Thundra
• The journey toward ultimate observability

Open source tools let you build on top of these limitations, yielding a more complete and customizable picture of your application. Open source tools, however, tend to be labor-intensive when implemented at scale, and simple customizations can run into issues as they are spread throughout your organization. Good read!

Flutter is based on Google’s programming language called Dart. In fact, it is a typed and object-oriented programming language that can be compiled to machine code or transpiled to JavaScript. By Marwa Mejri – Mobile Software Developer @Proxym.

In fact, Dart is a typed and object-oriented programming language that can be compiled to machine code or transpiled to JavaScript. Moreover, Dart can be run as like an interpreted language on its own VM using JIT Compilation. In reality, JIT compilation holds both of the speed of compiled code and the flexibility of interpretation. In fact, the source code is compiled at runtime as bytecode, then it is interpreted (executed) using the Dart virtual machine.

The article then read about:

• What makes flutter a good choice?
• How does flutter work?
  • Flutter framework architecture
  • Flutter engine
  • Flutter base component
  • Flutter widget lifecycle

… and more. You will also be provided with great explanatory charts and code examples to demonstrate the functionality Flutter provides. Good read!

A service mesh is an architectural pattern that provides common network services as a feature of the infrastructure. This typically includes features such as service discovery and policy enforcement to control how services within the mesh can communicate with each other. By Luke Addison.

In addition to the core features, Istio also supports powerful extension points, as well as the ability to apply custom configuration to the Envoy sidecars. Here we will describe how Istio can be configured to manage the OpenID Connect (OIDC) authentication flow for applications running within the mesh to allow both authentication and authorisation decisions to be offloaded to Istio. There are a number of ways to achieve this with Istio however here we look at two solutions and how their integration points have been affected by changes to Istio’s architecture.

The article main parts are:

• OIDC - an identity layer built upon the OAuth 2.0 protocol
• Istio 1.4
• Istio 1.5 and Above
• Authentication
• oauth2-proxy

As we have demonstrated, a really powerful aspect of this is that our backend service can be completely unaware that OIDC is being used and does not need to support it itself. However, if the service has support for parsing the JWT, then it can also be used to authorise granular access to different features of the service.

All the code is explained and you will get plenty of links to further reading. With the provided configuration in place, you will be able to make further authorisation decisions based on the attached JWT and corresponding claims. Nice one!

NoSQL databases enable you to store data with flexible schema and a variety of data models. These databases are relatively easy for developers to use, and have the high performance and functionality needed for modern applications. NoSQL databases can hold large volumes of data while still providing low latency. By Yifat Perry.

As part of AWS database offerings, there are six types of NoSQL databases you can select from along with a variety of managed and self-managed database services. These database services are designed to support your cloud-native workloads and smoothly integrate with existing AWS resources.

The article then reads about:

• A Brief History of the NoSQL movement
• Models of NoSQL databases offered on AWS
• AWS NoSQL databases services
• AWS NoSQL with NetApp cloud volumes ONTAP

You will learn a bit about each database which will hopefully enable you to choose whatever is best in your circumstances. Nice one!