Articles

Articles








How to Manage Application Secrets (7 Levels of Credential Management)

November 11, 2020
Categories:
Tutorial
Tags:
Vault, Security

TL;DR: If you develop web applications, inevitably you will have secrets (database credentials, 3rd party API keys, etc…) that you need to manage. I have seen a variety of approaches used here and wanted to walk through them, from least secure to most.

There are always trade-offs when writing software, and in this case the tradeoff is between convenience and security. The ideal solution will establish convenient developer workflows while also protecting user data.

cosmic-brain-progression



Static Site Hosting Using Google Cloud Storage and Cloudflare (with SSL!)

October 5, 2020
Categories:
Tutorial
Tags:
GCP, GCS, Cloudflare

TL;DR: I used to host my site on a virtual machine running Caddy webserver, but recently migrated it to Google Cloud Storage with Cloudflare in front of it as a proxy/cache/SSL termination solution. It’s pretty awesome! 😎

I also recorded a video about this setup on YouTube. ← Check out the video and subscribe if you are into this sort of thing 🙏

GCS Bucket Website Does this count as serverless?



Doing Stupid Stuff with GitHub Actions

July 25, 2020
Categories:
Impractical
Tags:
GitHub, GitHub Actions, CI, CD

TL;DR: DevOps doesn’t have to be all work and no play. I built 5 stupid (but fun!) GitHub actions… because why not?

The full code for these actions can all be found in this GitHub repo. I encourage you to fork and/or add issues/PRs with impractical actions of your own!

I also recorded a video about this project on YouTube. ← Check out the video and subscribe if you are into this sort of thing 🙏

Whiteboard Screenshot



© DevOps Directive 2020