My stash

For almost three years I am curious about tracking errors in my daily work, there are lot of tools like Data dog, Splunk, Dynatrace etc... available as observability tools. it would have been easy to use those, rather I though why not build one. There is an advantage for projects that are small to rely on tools that are built around them. Standards set by industries are important, what if certain configuration don't align with general market standards. I think some developers agree with this approach. The idea of tracking error is not new, but the way we categorise them is unique to different environments. the nature of these categories depends on infrastructure used, network topology, development strategy. A tool designed to handle them all might be bit over engineered for the purpose, because I think the value it creates by reducing our efforts in identifying problems is not more valuable than the product itself. Again this is my opinion on projects that are small but needs quali...

  We have seen a lot of security scanning tools like Blackduck, Fortify, SonarQube etc.. these tool scan source code and the built binaries, it is all well and good I think they do the best job in their respective feature kits. in a industry where we are shipping the solutions in containers bundled with the binaries, it is relevant if we had a tool that could scan the final product. That is what Trivy an open source project is offering. it is developed by aqua security. I think it is a brilliant little tool that scans for security issues in a docker image for free!! well what and all it will scan? it scans for operating system libraries that support your application and the application itself. it scans for any misconfigurations, secrets as well. only thing it don't have is a dashboard like sonarqube and blackduck. still it generates text and JSON based reports that can be used to create dashboards in grafana or superset. Operating System Libraries : Trivy scans the base image and a...

AWS CodeBuild is a service provided by AWS for all the project build requirements. it is a module which will be part of AWS CodePipeline service.  This below instructions are aimed for beginners and advance configurations are not covered, users are encouraged to explore while understanding the basics. be aware that for each build you will be billed for the resource you use please check the billing calculator. Step 1: Search for CodeBuild service in AWS web console and click on it. Step 2: select "create build project" for creating new build configuration here you can enter the name for your project and also select the platform which contains your source code you want to build. available options are shown below. sample GitHub connection look something like below picture. Step 3: now we have to setup our environment to be used for our build here we can either choose a AWS managed Docker images or our own images for the build. There are different version of images to select from...