DevOps and security
OWASP Kubernetes Top Ten
“When adopting Kubernetes, we introduce new risks to our applications and infrastructure. The OWASP Kubernetes Top 10 is aimed at helping security practitioners, system administrators, and software developers prioritize risks around the Kubernetes ecosystem. The Top Ten is a prioritized list of these risks. In the future we hope for this to be backed by data collected from organizations varying in maturity and complexity.”
Securing CI/CD Pipelines with 1Password Service Accounts
“1Password announced that 1Password Service Accounts are now generally available. Service accounts offer a secure, automated way to access infrastructure secrets from CI/CD workflows.” (from CloudSecList)
Makefile tricks for Python projects
“This post has a bunch of handy tricks for writing more powerful Makefiles for Python projects.” (from DevOps Weekly)
Migrating Netflix to GraphQL Safely
“An interesting architecture evolution and migration post, looking at the move to GraphQL at scale.” (from DevOps Weekly)
Implement DevSecOps to Secure your CI/CD pipeline
“A thorough introduction which provides a step-by-step guide to implementing DevSecOps in a CI/CD pipeline.” (from CloudSecList)
Web and mobile design
CSS Custom Properties Beyond the :root
“Matthias Ott digs deeper into this matter and explains why generically this is a good idea but you can use on different levels individually and use this feature for you.” (from WDRL 312)
Automated accessibility audits in Xcode 15
I love that Xcode 15 allows you to get an accessibility audit from any UI test and report issues as test failures. How? There’s a WWDC video or this post from Pol Piella where he also talks about integrating these tests into your CI process. (from iOS Dev Weekly)
Before your next frontend pull request, use this checklist
“Frontend pull requests often contain common mistakes. Avoid them with this list of 7 small (but crucial) rules.” (from Web Design Weekly)
Leave a Reply