CodeIsGo.com

An annual “Container Usage and Security Report” published today by Sysdig finds there has been a significant shift in terms of the types of container engines organizations are employing. By Mike Vizard.

Based on an analysis of 2 million containers that Sysdig continuously analyzes on behalf of customers, the survey results show reliance on Docker has dropped to 50% from 79% a year ago. In its place, IT organizations are making greater use of the containerd (18%) and the Container Runtime Interface (CRI) for container images that comply with the Open Container Initiative (OCI).

From a cybersecurity perspective, however, issues remain. More than half (58%) of containers configured are running as root, which makes them prone to being compromised by cybercriminals that have found a way to gain access to credentials used to deploy them.

At the same time, containerd is gaining traction as a lighter-weight alternative to Docker that is being advanced under the auspices of the Cloud Native Computing Foundation (CNCF), which also oversees the development of Kubernetes.

The Quay container registry developed by Red Hat has seen a 60% increase in adoption, while the Golang programming language jumped 66% in terms of usage for building applications, according to the report. Interesting!

What is neuromorphic computing? Everything you need to know about how it is changing the future of computing. By Jo Best.

Neuromorphic computing could completely transform everything about the technology industry from programming languages to hardware. As the name suggests, neuromorphic computing uses a model that’s inspired by the workings of the brain. The brain makes a really appealing model for computing: unlike most supercomputers, which fill rooms, the brain is compact, fitting neatly in something the size of, well… your head.

Brains also need far less energy than most supercomputers: your brain uses about 20 watts, whereas the Fugaku supercomputer needs 28 megawatts – or to put it another way, a brain needs about 0.00007% of Fugaku’s power supply.

The article tries to answer following questions:

• Why do we need neuromorphic systems?
• So how can you make a computer that works like the human brain?
• What uses could neuromorphic systems be put to?
• Are there neuromorphic computer systems available today?
• What are the challenges to using neuromorphic systems?
• Do we know enough about the brain to start making brain-like computers?

Most hardware today is based on the von Neumann architecture, which separates out memory and computing. Because von Neumann chips have to shuttle information back and forth between the memory and CPU, they waste time (computations are held back by the speed of the bus between the compute and memory) and energy – a problem known as the von Neumann bottleneck.

For compute heavy tasks, edge devices like smartphones currently have to hand off processing to a cloud-based system, which processes the query and feeds the answer back to the device. With neuromorphic systems, that query wouldn’t have to be shunted back and forth, it could be conducted within the device itself. Good read!

Firebase authentication makes it easy to add user identities to your app. When combined with Firestore, it can help to secure user data. By Steve Marx.

Firebase authentication is a slick service for user identity management. It handles creating accounts, logging users in and out, verifying email addresses, and resetting passwords via an emailed link. There’s even prebuilt UI in the form of FirebaseUI Auth. Firebase authentication supports five different auth providers.

The article describes:

• Firestore data
• Firebase authentication
• Listening for authentication changes
• Logging in
• Upgrading anonymous accounts
• Using authentication in Firestore security rules
• Bonus security rules

Firebase Authentication helps you to manage user identities. Email/password, social logins, and custom back ends can be used to log users in. You will also get links to further reading and code examples. Good read!

Sai Upadhyayula wrote this piece about Junit. Junit 5 is one of the popular testing frameworks in the Java Development World. Even though JUnit 5 is a successor for Junit 4, the architecture of the framework is completely different, so let’s have a look at the Architecture of Junit 5.

The tutorial explains the following:

• Junit 5 architecture
• Junit platform
• Junit Jupiter
• Junit Vintage
• Understanding test lifecycle
• Implementing lifecycle annotations in our test
• Assumptions
• Parameterized Tests
• ValueSource
• Running tests using Maven Surefire plugin

… and much more. There is a GitHub repository with the code so you can follow the steps in the article. Nice one!

There are many strategies for data exchange. Here’s a primer on four essentials. By Bob Reselman.

An architecture is wishful thinking until we understand how information is transferred across systems. That means whether you are an Application Architect or an Enterprise Architect, it’s essential that you understand the tradeoffs at hand when considering a particular method for moving information between systems.

Source: @redhat.com https://www.redhat.com/architect/apis-soap-rest-graphql-grpc?sc_cid=70160000001273HAAQ

The article tries to explain following:

• Understanding APIs as data exchange
• SOAP
• The Structure of a SOAP Message
• Specifying Behavior in SOAP
• REST
• GraphQL
• gRPC
• Which API format is for you?

Choosing the right API format for an enterprise architecture is a big decision. The choice will determine how the architecture works and the talent and budget that will be needed to implement and maintain the application through its lifetime. Nice one!

Surprising examples of using for-comprehension in Elixir. For comprehension provides a very elegant syntax to loop over collections and an effective way to transform the given enumerable. By Kamil Lelonek.

A special for form gives you syntactic sugar to iterate, filter, and map the given structures. The entire expression consists of three parts:

• generators — produce the data for comprehension. Usually, from an enumerable like a list, a map, a range, or even a bitstring. In the form of: element <- collection
• filters — select only particular elements from an enumerable based on the given condition. In the shape of a function, e.g. x > 2, any_function(element), or even anonymous_function(element)
• collectables — the result of comprehension. Data structures that implement the Collectable protocol, a list by default

Apart from the answer on what are the elixir comprehensions question, the article also provides robust information on Generators. Generators produce values to be used in comprehension. Any enumerable can be given on the right side, and the left side is used to catch a single element. The article goes over useful tricks to use with generators, including pattern matching, skipping, ignoring … Good read!

Nx is a suite of powerful, extensible dev tools that help you develop, test, build, and scale with React and React frameworks like Gatsby, Next.js, React Native, etc. Co-authored by Max Koretskyi, Victor Savkin & Juri Strumpflohner.

Nx has high-quality VSCode and GitHub plugins to provide a more integrated dev experience. It also have a powerful build system that uses distributed computation caching to reduce build and test times.

Although Nx works just as well with plain React, Next.js or React Native, this blog post focuses on Gatsby. Here’s what we’ll explore in this article:

• Creating a new Nx workspace
• Generating new Gatsby and React applications
• Generating and using a shared library of UI components
• How code change analysis, computation cache, and other features of Nx

You will learn how to start with an empty Nx workspace and add a new Gatsby application. Then serve, build, and test your application. Also, how to seamlessly generate new pages and components. You then add a second application written in React, and share some UI components between the two applications. The video tutorial is also available and link provided. Good article!

In this article we will focus on the Docker container security aspects related to building a Docker image, reducing the security vulnerabilities count introduced by Docker base images as well as Dockerfile security best practices. By Liran Tal and Omer Levi Hevroni.

Docker security refers to the build, runtime, and orchestration aspects of Docker containers. It includes the Dockerfile security aspects of Docker base images, as well as the Docker container security runtime aspects—such as user privileges, Docker daemon, proper CPU controls for a container, and further concerns around the orchestration of Docker containers at scale.

Let’s get started with our list of 10 Docker security best practices:

• Prefer minimal base images
• Least privileged user
• Sign and verify images to mitigate MITM attacks
• Find, fix and monitor for open source vulnerabilities
• Don’t leak sensitive information to Docker images
• Using multi-stage builds
• Using Docker secret commands
• Use fixed tags for immutability
• Use COPY instead of ADD

Docker defaults to running containers using the root user. When that namespace is then mapped to the root user in the running container, it means that the container potentially has root access on the Docker host.

We liked: Use an alpha feature in Docker for managing secrets to mount sensitive files without caching them. Excellent!

Whatever your 2021 business goals are, adopting no-code apps can bring you one step closer (many steps closer, if we’re being honest) to reaching them — especially if you’re managing a mobile workforce. By Sam Puckett.

All businesses collect information to some degree. Whether it’s hours worked by their employees, incident reports and other information related to safety, or the condition of their assets at any given time.

Here are the top 10 reasons to adopt no-code development software in 2021:

• Reduce data-collection errors
• Work more efficiently
• Engage and empower your teams
• Save money
• Get better documentation and analytics
• Improve situational awareness
• Automate workflows

Whether you’re conducting inspections, surveys, or completing a process checklist, data collection is often just the first step of the process. In order for data to be effective, something needs to happen with that information, and in most cases, the sooner that data is extracted and analyzed, the better. With a no-code development platform, you can build automated workflows into your apps that move things along faster. Short and sweet!

How do you use SSH to enter a Docker container? The traditional approach consists of two step. By Debdut Chakraborty.

With some efforts, you can actually SSH into a running container directly, without logging into the host system first. The article then guides you how to:

• SSH into a Docker container: But why?
• Setting up SSH access for Docker containers
• Set up the SSH daemon in the container
• Log into the container via SSH
• How does this work?
• Deploy the service

The article then explains how to use the _docker compose and reproducible, configurable way of deploying an SSH server container on your remote host. Since you will be accessing the server via SSH keys, you need to add the public SSH key of your local system to your host Linux server’s directory where docker-compose file is located and keep the name “id_rsa.pub” just to be sure. Good read!