DEV Community: Andreas Heil

Better Security Architecture Diagrams

Andreas Heil — Sun, 16 Jun 2019 09:24:43 +0000

For the last couple of years, I have seen many so-called “architecture” diagrams including those suffering from inconsistent notation, unclear depiction lack of information and ambiguity.

The worst scenario was in my last role, where I dealt with company-wide application integration. Each and every team had their own way to draw (or not to draw) security architectures. Guidelines? Nope. Nervous breakdowns n a daily base if something went wrong? Definitely.

So he/she who’s name is not known created a quite comprehensive PDF guideline which helps you to draw more precise security related architectural diagrams. Definitely worth a look.

Link: https://github.com/chaocipher/JunkDrawer/blob/master/Security%20Diagramming%20Guidance%20(2019).pdf

Subtle change the Colors of your Visual Studio Code

Andreas Heil — Sat, 15 Jun 2019 18:16:02 +0000

While I was just writing about using different color schemes for multiple VS Code instances, I just learned about a VS Code extension called Peacock by John Papa which does this job for you.

A Visual Studio Code extension that subtly changes the workspace color of your workspace. Ideal when you have multiple VS Code instances and you want to quickly identify which is which.

I’ll probably give it a try as VS Code is used on my machine meanwhile for almost anything I write.

Docker Compose UI – Almost a Thing

Andreas Heil — Thu, 30 May 2019 14:30:27 +0000

I currently manage all my Docker containers in my servers via Ansible. However, either for setting up new containers, testing new images or debugging in the case of emergency, I ssh into my server and fiddle a lot with the shell.

Promising Web-based Docker Compose Management?

I came along Docker Compose UI which provides a nice web-based user interface to work with Docker Compose.

Docker Compose UI is a web interface for Docker Compose.

The aim of this project is to provide a minimal HTTP API on top of Docker Compose while maintaining full interoperability with Docker Compose CLI.

The application can be deployed as a single container, there are no dependencies nor databases to install.

It comes as Docker image itself, which again makes it really easy to deploy. To test it locally, just check out the GitHub repository and run docker-compose up.

To get the demo project running was quite easy. But…

There is a Catch

When I rolled out Docker Compose UI to one of my servers it still showed the demo projects even I changed the overall config
To do so, the documentation of the project is not the best
After grepping through the entire files, I did not find anything that gave me a hint where the demo projects might come from
To me (I might be wrong) it looks like the demo information is built into the Docker image
The GitHub project was updated the last time about 12 months ago

Conclusion

Docker Compose UI would be a very useful project. However, the project looks very abandoned to me. Although there are 12 contributors, the very last pull request is open since 2017. The readme was updated the last time in 2018. I might have a closer look into the project or fork it at one point. Until then, it has to stay on the bench.

Link: https://github.com/francescou/docker-compose-ui

Semantic Versioning

Andreas Heil — Mon, 27 May 2019 18:20:05 +0000

In my current team (actually the whole company) we end up within the dependency hell day by day. Not only that many teams just don’t do any versioning, if they do there are no clear rules how they should do.

Semantik Versioning specificationprovides a great introduction of how and when to use (semantic) versioning. Definitely worth a read.

In the world of software management there exists a dreaded place called “dependency hell.” The bigger your system grows and the more packages you integrate into your software, the more likely you are to find yourself, one day, in this pit of despair.

In systems with many dependencies, releasing new package versions can quickly become a nightmare. If the dependency specifications are too tight, you are in danger of version lock (the inability to upgrade a package without having to release new versions of every dependent package). If dependencies are specified too loosely, you will inevitably be bitten by version promiscuity (assuming compatibility with more future versions than is reasonable). Dependency hell is where you are when version lock and/or version promiscuity prevent you from easily and safely moving your project forward.

Link: https://semver.org/

Automatically close GitHub Issues

Andreas Heil — Mon, 27 May 2019 06:33:23 +0000

As you might now, I am currently working on a small Docker project to containerize ttrss.

I am using GitHub and Docker just for the sake of keeping up to date with the features of both platforms.

Although this might be an old feature, well known in the Git and/or GitHub community, I “accidentally” wrote a commit message _ fixed #2: … _

Well, GitHub automatically closed this issue during the process of creating the pull request and merging it into the master. What an awesome feature, especially when found this way!