michaellihs

package main

import (
	"bufio"
	"bytes"
	"encoding/json"
	"flag"
	"fmt"
	"github.com/danicat/simpleansi"
	"log"

michaellihs

Audax Suisse Tipps & Tricks

Bike

Maschine

• Übersetzung / Ritzel
• 32er mit Kompaktkurbel - sicher ist sicher

michaellihs

Feedback Cheatsheet

Initiating 1:1s

Questions you can ask regarding giving feedback:

• Are there any topics about which you want to receive feedback from me?
• Is there something I can watch out for (and give you feedback upon later on)?

michaellihs

STRIDE

STRIDE is a method to categorize security threats:

• Spoofing identity. Can someone spoof an identity and then abuse its authority? Spoofing identity allows attackers to do things they are not supposed to do.

• Tampering with data. How hard is it for an attacker to modify the data they submit to your system? Can they break a trust boundary and modify the code which runs as part of your system?

• Repudiation (Nichtanerkennung). How hard is it for users to deny performing an action? What evidence does the system collect to help you to prove otherwise? Non-repudiation refers to the ability of a system to ensure people are accountable for their actions.

michaellihs

Container Security

Overview of Container Security Threats

• Image Development
  • Installing SW without proper configuration, e.g. default passwords...
  • Exposed credentials in Dockerfiles
• Malware in 3rd party resources used to build the image

michaellihs

Concepts

Journey Map

User journey map is a visualization of an individual’s relationships with a product/brand over time and across different channels.

• commonly it’s represented as a timeline of all touch points between a user and a product
• timeline contains information about all channels that users use to interact with a product
• visualizes how a user interacts with a product and allows designers to see a product from a user’s point of view

michaellihs

jsonnet

CLI usage

• Output result in YAML

michaellihs

Gradle OSS Dependencies

Read OSS licenses for Gradle Dependencies. The script outputs a JSON file with the dependency, its URL on mvnrepository.com and the OSS license to STDOUT.

DISCLAIMER: if you use this script too extensively, your IP address might get blocked by mvnrepository.com!

Put this script into a file gradle-oss.sh and make it executable:

#!/usr/bin/env bash

michaellihs

DevOps Meetup Karlsruhe - Concourse CI

Abstract

Some years ago, Continuous Integration (CI) or at least Continuous Delivery (CD) was the "latest and greatest". If you managed to set it up for your project you were playing amongst the cool kids. Nowadays having a CI/CD pipeline can be considered mainstream and without a fully automated delivery workflow in place, you are likely to lose important competitive advantage.

One can argue that CI/CD pipelines became a key driver for a team's software delivery performance. They evolved from some hacky shell scripts - that were created once and never ever touched again - to a critical component of your software project that need to be maintained and scaled...

michaellihs

Molecule Learnings

Setting up a Vagrant Box

 vagrant init ubuntu/bionic64
 vagrant up
 vagrant ssh