CodeIsGo.com

In this blog, author wants to underscore the urgency around cybersecurity, how it’s evolving, and how companies can use technology to manage risk. By Darryl Willis.

A Microsoft sponsored Poneman Insitute study shows that 68 percent of senior management believe that IT and operational technology (OT) are critical to supporting strategic goals.¹ Business leaders realize that connecting everything from vehicles to power plants can offer unprecedented gains in scale and efficiency. However, digital transformation can be a balancing act of risk and reward. These expanding digital platforms can become targets for increasingly sophisticated attacks—with potentially disastrous impacts. Imagine what could happen if a cybercriminal gains access to an oil field or power grid?

The blog post also covers:

• Getting fearless with cybersecurity
• Fortune 500 American utility secures OT network
• Leading global oilfield services firm protects critical processes

Microsoft Defender for IoT is now a critical component of the company’s security architecture. The solution brings operations and IT teams closer together and protects the interests of the organization and key stakeholders. Good read!

Red Hat Ansible Automation Platform 2 features an awesome new way to scale out your automation workloads: automation mesh. In this blog post, I want to focus on the technical implementation of automation mesh, what network ports it is using and how you can secure it. By Sean Cavanaugh.

We separated the control plane (which includes the webUI and API) from the execution plane (where an Ansible Playbook is executed) in Ansible Automation Platform 2. This allows you to choose where jobs run across execution nodes, so you can deliver and run automation closer to the devices that need it.

The article further discusses:

• How do I protect my automation mesh network?
• Using a Certificate Authority
• Network security considerations

The Ansible Automation Platform installer takes care of configuring all your automation infrastructure firewall ports. This means the firewall policies and rules on Red Hat Enterprise Linux 8 or 9 are automatically configured when you deploy automation mesh. Whether you are beginning your automation journey or are a seasoned veteran, there are a variety of resources to enhance your automation knowledge with links in the article. Good read!

Command Query Responsibility Segregation (CQRS) with Domain Driven Design is more and more popular recently. Its implementation in PHP, which will be the topic of the article, generates some new possibilities, making a process more efficient. For example, it gives you the opportunity to restore the whole system easily. By Michał Żądło.

Before I step to the CQRS and Event Sourcing implementation in PHP - I’ll try to briefly explain what is the general concept behind CQRS. In 1986, Bertrand Meyer came up with an idea of Command Query Separation (CQS). According to the concept - each method in the object in its current state must belong to only one category out of the following two: command - a method which changes an object’s state, query - a method which returns the data.

The article deals with:

• Using Command Query Responsibility Segregation (CQRS pattern)
• What is Event Sourcing and Event Store?
• Pros and cons of Event Sourcing
• What is Broadway and what components it gives us?
• Write Model implementation
• Read Model implementation
• The change in requirements
• Snapshots
• CQRS and event sourcing - summary

… and more. Author advises you to invest some time and try this solution to decide whether or not it’s useful for you. You should also brush up on related topics such as event log, domain model, data store, event driven architecture, event processing or temporal queries. Excellent read full of in depth details about event sourcing with links to further reading!

It’s common to use APIs when working with external data sources on some features in Angular. However, you may occasionally work on a feature in parallel without immediate access to the database or API. By Muhammad Amir.

There are several ways to mock the same results. We will discuss three such approaches in this blog:

• Using json-server
• Using Postman
• Mocking data with a simple JSON file

Postman, which used to be a simple browser extension, is now a full-fledged API development toolkit. You can download it separately and install it on your system. To run the mock servers in Postman, we need an account and a workspace. The workspace allows you to easily share the mock server and other APIs with team members.

It’s easy to get started with json-server, and a basic requirement is a simple JSON file with data. There are also JavaScript libraries like MirageJS or axios-mock-adapter for similar purposes. Good read!

Making use of the existing layer cache as frequently as possible is key to speeding up Docker image builds. The less work we have to redo across builds, the faster our builds will be. By Kyle Galbraith.

In this post, we will look at reducing the overall image size, to improve build time and reduce the amount of data transferred in each image. We will use a popular open-source project, dive, to help analyze a Docker image, stepping through each individual layer to see what files it adds to the image and how it impacts the total image size.

The article consists of the following parts:

• dive into a Docker image
• Reducing image size
• Make use of .dockerignore
• Use smaller base images
• Leverage multi-stage builds
• Smaller images where possible

A multi-stage build allows you to specify multiple FROM statements in a single Dockerfile, and each of them represents a new stage in a build. You can also copy files from one stage to another. Files not copied from an earlier stage are discarded in the final image, resulting in a smaller image size. Nice one!

If you want to build a public landing page with Angular and email signup you likely don’t want to expose any secret keys, and author will show you how with Netlify cloud functions. By Simon Grimm.

In this tutorial we will connect a simple Airtable table as some sort of backend to store emails to our Angular landing page. We do this with the help of Netlify where we will both host our application and also deploy a cloud function!

In this tutorial you will find detailed steps explained for the following:

• Creating an Airtable table
• Creating the Angular project
• Creating the Angular landing page
• Adding a Netlify Cloud Function to the Angular project
• Host our Angular app with Netlify
• Adding Tailwind
• Adding Meta tags
• Teardown

To make this even more secure you could also make the cloud function only callable from your domain, but by preventing access to your key you’ve already taken the most important step to building a landing page with Angular. Good read!

Scenario: much of the staff’s time is spent making sure that the infrastructure as code (IaC) implementation is in compliance with the standards and policies that his company has for cloud resources. This was the reason why he brought me in to run a proof of concept (POC). The POC would validate what would become a Policy as Code solution based on one of the common IaC products. By Tim Coulter @redhat.com.

Policy As Code aligns technical environments, processes and resources to agreed standards. Many of the policies are applied by doing pattern matching or using boolean logic through a policy engine, validating the IaC. For example, checking to make sure that none of the computing resources have a direct route to the Internet (violating a security policy), or limiting the service ports to just HTTPS and SSH. The policy engine stores the policies and uses them to ensure the resource creation will be in compliance. Most of the solutions allow for deny, warn or report based on compliance for business requirements of the specific attribute. This is a simplistic use case, but there can be variations and much more complex policies requiring a greater compliance need in frequency and scale.

The article covers in great detail:

• What is “Policy as Code?”
• Applying Policy As Code to Ansible Automation Platform
• High level details of the tasks
• Resources and tools
• Overview of the solution
• Details

Cloud-based management using Azure Arc + Azure AutomanageWindows Server is the platform for building an infrastructure of connected applications, networks, and web services. As a Windows Server administrator, you’ve probably used many of the native Windows Server Microsoft Management Consoles (MMC) to keep the infrastructure secure and available. By Thomas Maurer and others.

This documentation then covers:

• Cloud-based management using Azure Arc + Azure Automanage
• Deep Windows Server and cluster administration with Windows Admin Center
• Datacenter-scale management with System Center
• Local management tools

As the foundation of many on-premises, hybrid, and cloud native applications, the Windows Server teams have continued to invest in making the management and administration of your Windows Server instances easier by offering management tools like Azure Arc, Azure Automanage, Windows Admin Center, and System Center. These tools are designed to work together, and each have capabilities to meet you where you are in your server management needs. Good read!

Nowadays, Continuous Integration helps developers to automate their own build and test in remote repositories. Moreover, when we work as a team, CI ensures that all the branches on remote repositories will be tested by automated build. By Sahanon Phisetpakasit.

Suppose that we have got 4 services, let’s call it service A, B, C and D respectively. Each service will have its own database system and dependencies between each service.

What is covered on the article:

• Setup Github Actions
• Create Docker compose for building the service container
• Add Docker to GitHub Actions

With the power of GitHub Action and docker it can create the test environment on our remote repository so we don’t need to deploy other services in order to use it in testing. You will also find example configuration and code in the article. Good read!

Monorepos are extremely helpful when working with larger codebases. But they also come with additional management costs. In this article, we will go through the process of managing a monorepo with a tool like Melos and set up our repository for CI/CD with Codemagic. By @codemagic.io.

But what is a monorepo? A monorepo is a single version-controlled repository that can store many different projects. To provide a practical example, we are using the Flutter counter app with a few adjustments.

The article then covers:

• Advantages of a monorepo
• Disadvantages of a monorepo
• Example app
• Tools
• Setting up Melos
• Setting up your Flutter monorepo for CI/CD

… and more. Monorepos are great for larger codebases. However, as you may have noticed in this article, they require a bit more effort to manage. Nevertheless, you should now be able to manage your own Flutter monorepo with Melos and configure your CI/CD. Nice one!