Input needed from someone who's built a chrome extension for Gmail or Gmail Add-on

Hello beautiful people :)

If you've built a chrome extension for Gmail or a Gmail Add-on. I'd like to know if it's possible to parse user data from my web app and show this data inside an email when a user from my site sends an email to someone.

So basically my extension or Gmail add-on will check the email of the user who sends the email, and fetch the data from my site relating to that sender's email address , then finally populate the email with that data.

The receiver of the email can see certain information relating to the sender (perhaps next to the sender's name). For example, the receiver can see a hyperlinked image displaying the rank of the sender (fetched from my website). Then when the receiver clicks on the image, they'll be re-directed to the sender's profile page on my website.

Is this possible?

https://redd.it/t38cdg
@r_devops

What do you use for Storing and distributing software builds to customers

Hi all, asking here about your solution on distributing your software builds to customers.
I'm pretty curious about pricing and authentication process.
Cheers!

https://redd.it/t2t3pe
@r_devops

DevOps Bulletin Newsletter - Issue 40

Hey folks,
My weekly DevOps newsletter aka DevOps Bulletin -  Digest #40 is out. Check out a sneak peek of the topics covered on this weekly issue:

🧪 "Integration testing with Docker and AtomicJar" - Control your testing in containers with your code! A hands-on demo that walk you through testcontainers.org, AtomicJar and how to use API's to control Docker from Go, Java, Python, Node, Rust, Scala, and more.
🤯 "Discovering thousands of open databases on AWS" - this post covers a security researcher journey on finding public databases hosted on AWS with sensitive data about Fortune-500 companies, Hospitals, Crypto platforms, Startups during due diligence, and more.
😅 "Can you get pwned with CSS?" - not really, a basic Content Security Policy can save you from the possible harm caused by inline CSS.
🔒 "How to migrate from Amazon Cognito" - If you're interested in migrating away from Cognito due to the horrible UX or lack of features, then this guide is for you.
🎮 "How I got Kubernetes to run on a PS4" - The title says it all 🤯
⭐️ "Building for the 99% Developers" - a must read, it covers why there's a huge gap between developer-influencers are writing about and the daily reality of most developers.

Complete issue: https://www.devopsbulletin.com/issues/running-kubernetes-on-a-ps4

Feedback is welcome :)

https://redd.it/t3bldi
@r_devops

Transitioning from Infosec to DevOps

I hope this isn't redundant but is there any advice you'd give someone who's considering transitioning from Infosec to DevOps?


I've been in infosec for the past 3 years as part of a red team. My main role was in 'infra' which was usually infrastructure deployment and management of web servers, mail servers etc. I taught myself rudimentary Ansible, Terraform and Docker just so I could automate some of that work and I really had a thrill doing it. I also really enjoy other parts of security - the research, pentests, the community. I really enjoy everything I do in the infra role more than I do the security stuff - although it's really cool too. I've looked into the DevOps roadmap and I have most of the skills required - other than the DevOpsy ones (Terraform, Prometheus, Jenkins, K8) since security also requires a bit of the skill and knowledge posted (OS basics, bash/python scripting, networking, living in the terminal etc). DevOps as a career seems really intriguing while challenging in a way I think I'd really enjoy. So, I suppose my questions are:


1. Are there any certs required? (infosec is pretty anal about certs)
2. What would you say are the key/fundamental technologies I should look into learning first?
3. Other than the resources posted here, are there tools/sites/courses I could learn from? (smth like TryHackMe for infosec)

https://redd.it/t3h87p
@r_devops

Company had some internal changes and I ended up doing devops work

I don't have a devops background or any jenkins experience and I feel like I'm plain stupid looking at those pipelines written in groovy that have over 300 lines. I hope it will get better. I just got moved to this team and I feel like I won't be able to resist. Any advices? Thanks

https://redd.it/t3hlut
@r_devops

Do you trust SAS Github?

EDIT: Title should be Gitlab, not Github. It's early.

We've got some multi-org collaborations and tenancy expansion to some of our platforms coming up, and our VPN'd private Gitlab instance isn't ideal. We're also looking to leverage cloud CI toolsets like NVIDIA Air CI in the future, which require a publically-available repo.

So we have two options... to harden our self-service Gitlab instance and stick our org's SSO in front of it, or move to cloud Gitlab.

We're not idiots and clearly secrets and private detail are already encrypted with a vault key living outside the repo, public access would ideally be source-ip scoped and/or behind MFA SSO etc, but if Gitlab cloud were compromised, even internal IP address ranges, server names, etc in our repos would be icky to have out in public (and burdensome to encrypt every little thing). And if they're compromised as a whole (rather than our specific repos/account), it might not matter what external security measures we have in place.

But securing our own might be more of a risk. 🤷‍♂️

Does your org trust its internal code in cloud repos like Gitlab, assuming sensible security measures are taken? Not picking on Gitlab here of course, as the question is broader-- they're just who we're looking at using.

Thanks in advance.

https://redd.it/t3jzpj
@r_devops

Learning about Azure DevOps, does it looks like a solid pipeline for AKS?

Does below look like a solid pipeline for Kubernetes deployment? QA and PROD environments are built using the same Terraform configs.

​

1. Build Docker Images on Agent
2. Integration Test with Minikube on Agent
3. Push images to ACR
4. Provision AKS QA environment with Terraform
5. Deploy to QA Environment
6. Smoke Test
7. Destroy QA Environment
8. Approval
9. Provision AKS PROD environment with Terraform (on subsequent runs nothing happens if no changes made to Terraform config, if there are changes these were already tested as part of the QA since it deploys from same config. This is a stage I'm not to sure about. Should PROD provisioning be part of CI/CD or is it risky?)
10. Deploy to PROD environment

https://redd.it/t3mfd4
@r_devops

What technologies do you find the most challenging to use in your jobs?

I'm looking to find common challenges so I can improve in those areas and speak to them during interviews.

https://redd.it/t3ipt0
@r_devops

How do you use ArgoCD to deploy applications and infrastracture related components?

Hi there, how is everyone?

Lately I switched to GitOps and I decided to use ArgoCD for that.. I am a software engineer that really like DevOps and I am looking to find ways to impement GitOps in good practices.

Currently I have a single repository to hold all the components related to k8s and then other repos to hold the source code of the microservices.

In the repos that I have the source code I have a CI with github actions where I test, build the docker image, and then update the image tag (in the other repo) for that specific application in the repo that I hold the manifest for each application, then argo grabs the changes of the tags and stuff, and automatically updates my appication.

I use kustomize to separate the environments with a base and overlays pattern.

If you can please share your practices on how are you handling/implementing GitOps with Argo.

I am mostly interested in these:
- What do you store in the repo that you have for gitops?
- What are your practices to automate as much as possible
- How do you deploy other third party apps (charts, etc)
- Do you automate the provisioning of the ArgoCD with IAC tool like Teraform?

I am asking these questions as I want to
leave everything on that Git Repository, and to automate as much as possible.

Thank you very much in advance.

https://redd.it/t3ug45
@r_devops

Does any arbitrary Domain Name provider support round robin DNS load balancing, or do you need a specific provider to do that?

Does the DNS protocol do round-robin by default, or is it something you need to set up in a particular provider's workflow, like cloudflare? I.e: if I use some simple provider like namecheap or google domains and just create multiple A records, is it part of the protocol to do round-robin?

https://redd.it/t3td8f
@r_devops

Where would you host/store programs that are not actual web apps but some background jobs in linux server?

so typically on linux server if we host webapp we put into /var/www dir


but where should I place a program that is supposed to be run as background job. Is ok to put it in /var/www dir as well?

https://redd.it/t43uv7
@r_devops

Getting Started With Kubernetes Ingress Controllers

Do you want to learn about the Kubernetes Ingress Controller and how to use it? 🤔

Check out this excellent article by Farhan. It covers everything you need to know to get started with Kubernetes Ingress Controllers. 👇

https://blog.getambassador.io/getting-started-with-kubernetes-ingress-controllers-f3b669d19b31

https://redd.it/t47b88
@r_devops

Terraform recreating private endpoint for sql database

Hi all,

I have upgraded azurerm version to 2.91.0 and since then all my private endpoints are getting destroyed and recreated. The resource forcing replacement is not getting changed. I tried to look around for this issue but couldn't find anything. I also manually removed from state and imported it again just in case something on the state was messed up but the problem persists.

Any idea why this might happen? What could cause a resource to be recreated on each plan when it hasn't been modified.

​

Thanks!

https://redd.it/t48nhp
@r_devops

In E2EE, do all TLS certs from the edge to the LBs and origins need the same certificate?

We use CloudFlare, AWS ELB and EC2. At the edge we have a custom wildcard TLS cert for our domain. The same certificate is replicated to AWS ACM (for ELB) and EC2 servers. The origins have the private key as well to decrypt traffic. These certificates expire yearly and it’s a pain to replace them throughout our entire infrastructure.

Here’s where my E2EE understanding isn’t clear. I wondered if we actually needed the same certificate replicated like this and instead leverage AWS-issued ACM certs that are auto-renewed and Cloudflares Origin Certificates that have a longer expiry. I replaced the certs at the LB and origins to use these certs and we still have encryption from what I see at the edge.

Is everything still encrypted? Or is encryption only happening at the edge and not E2EE? Accessing the LB directly shows it’s not encrypted so I assume we’re not doing E2EE. How could we be more efficient with the renewals of TLS certs across our infrastructure?

https://redd.it/t4bpsv
@r_devops

Would you use Portainer as your gitops engine?

Portainer isnt a CI or CD tool, but instead a gitops tool. it means all deployment configuration manifests that describe the "desired state" are held in git, automation is triggered by changes that occur in git, and as a result, this dramatically reduces developer tool context switching as they can trigger deployment updates from within the tool they use every day.

benefits:

Portainer's capability exists for Docker, Docker Swarm, and Kubernetes, so if you run a hybrid environment, we are the obvious choice.
ZERO load on your clusters, and nothing to install or maintain.
"enforce" mode, which overrides the running deployment with what's defined in Git
"change window" option, which disables automation outside of a preset time window (which is brilliant if your apps are not fully capable of rolling updates, but you still want the benefit of Gitops).

Portainer as part of your CIDC Pipeline

​

For those who are interested in GitOPs with CICD, you use Portainer as your gitops engine?

https://redd.it/t4cp02
@r_devops

Monthly 'Shameless Self Promotion' thread - 2022/03

Feel free to post your personal projects here. Just keep it to one project per comment thread.

https://redd.it/t4fo08
@r_devops

Monthly 'Getting into DevOps' thread - 2022/03

**What is DevOps?**

* [AWS has a great article](https://aws.amazon.com/devops/what-is-devops/) that outlines DevOps as a work environment where development and operations teams are no longer "siloed", but instead work together across the entire application lifecycle -- from development and test to deployment to operations -- and automate processes that historically have been manual and slow.

**Books to Read**

* [The Phoenix Project](https://www.amazon.com/Phoenix-Project-DevOps-Helping-Business/dp/1942788290) - one of the original books to delve into DevOps culture, explained through the story of a fictional company on the brink of failure.
* [The DevOps Handbook](https://www.amazon.com/dp/1942788002) - a practical "sequel" to The Phoenix Project.
* [Google's Site Reliability Engineering](https://landing.google.com/sre/books/) - Google engineers explain how they build, deploy, monitor, and maintain their systems.
* [The Site Reliability Workbook](https://landing.google.com/sre/workbook/toc/) - The practical companion to the Google's Site Reliability Engineering Book
* [The Unicorn Project](https://www.amazon.com/Unicorn-Project-Developers-Disruption-Thriving-ebook/dp/B07QT9QR41) - the "sequel" to The Phoenix Project.
* [DevOps for Dummies](https://www.amazon.com/DevOps-Dummies-Computer-Tech-ebook/dp/B07VXMLK3J/) - don't let the name fool you.

**What Should I Learn?**

* [Emily Wood's essay](https://crate.io/a/infrastructure-as-code-part-one/) - why infrastructure as code is so important into today's world.
* [2019 DevOps Roadmap](https://github.com/kamranahmedse/developer-roadmap#devops-roadmap) - one developer's ideas for which skills are needed in the DevOps world. This roadmap is controversial, as it may be too use-case specific, but serves as a good starting point for what tools are currently in use by companies.
* [This comment by /u/mdaffin](https://www.reddit.com/r/devops/comments/abcyl2/sorry_having_a_midlife_tech_crisis/eczhsu1/) - just remember, DevOps is a mindset to solving problems. It's less about the specific tools you know or the certificates you have, as it is the way you approach problem solving.
* [This comment by /u/jpswade](https://gist.github.com/jpswade/4135841363e72ece8086146bd7bb5d91) - what is DevOps and associated terminology.
* [Roadmap.sh](https://roadmap.sh/devops) - Step by step guide for DevOps or any other Operations Role

Remember: DevOps as a term and as a practice is still in flux, and is more about culture change than it is specific tooling. As such, specific skills and tool-sets are not universal, and recommendations for them should be taken only as suggestions.

**Previous Threads**
https://www.reddit.com/r/devops/comments/ru3zhm/monthly_getting_into_devops_thread_202201/

https://www.reddit.com/r/devops/comments/r6myz4/monthly_getting_into_devops_thread_202112/

https://www.reddit.com/r/devops/comments/qkgv5r/monthly_getting_into_devops_thread_202111/

https://www.reddit.com/r/devops/comments/pza4yc/monthly_getting_into_devops_thread_2021010/

https://www.reddit.com/r/devops/comments/pfwn3g/monthly_getting_into_devops_thread_202109/

https://www.reddit.com/r/devops/comments/ow45jd/monthly_getting_into_devops_thread_202108/

https://www.reddit.com/r/devops/comments/obssx3/monthly_getting_into_devops_thread_202107/

https://www.reddit.com/r/devops/comments/npua0y/monthly_getting_into_devops_thread_202106/

https://www.reddit.com/r/devops/comments/n2n1jk/monthly_getting_into_devops_thread_202105/

https://www.reddit.com/r/devops/comments/mhx15t/monthly_getting_into_devops_thread_202104/

https://www.reddit.com/r/devops/comments/lvet1r/monthly_getting_into_devops_thread_202103/

**Please keep this on topic (as a reference for those new to devops).**

https://redd.it/t4fozq
@r_devops

Am I too old to get into devops

Just sharing my worries. I just got 38 and I have been doing a Sysadmin job for the past 11 years. That said, I'm done with Sysadmin and I want to get into devops. I am currently learning what I need to do this move. My goal of to do it before I reach 40. My worry tho is that I will get bypassed by younger people in their 20s and early 30s. I just feel so old right now and kind of in a middle life career crisis. Need some advice on this.

https://redd.it/t4m9is
@r_devops

What's your celebration ritual ( dance, sounds, whatever) that you do when you find the solution ?

As me ,right now, James brown dance after a huge terraform refactor that ran on the first run changing 79 resources perfectly.

​

So, What you do when you solve that nasty issue or your code works on the first try?

https://redd.it/t4n7er
@r_devops

Am I being unrealistic with my salary expectations?

I'm currently working as a Principal DevOps engineer in Austin, Tx making $145k/yr. My salary hasn't changed in a couple years, so I have been looking elsewhere. I started as a SysAdmin with a Linux background and moved into the DevOps field for about 8 years now. I've been looking for other jobs in my area and gotten offers at almost every place I've interviewed. However, the salary for these positions seems to be very low for the position being advertised. For instance, I applied for 3 senior roles asking for 7+ years experience and got contingent offers from all of them at $120-$135/k range, no other comp besides your normal benefits and remote 100%. Another was for principal role similar to mine but at $115k/ yr, to include total comp, it would be $165k. These are mid level to established fortune companies I've applied at. I'm planning to apply to other companies in different states as well due to the salaries not meeting my expectations. Am I being unrealistic here, or are these normal salaries in Texas for senior roles?

https://redd.it/t50wph
@r_devops

If you were an experienced DevOps engineer, joining a company with inexperienced people doing the devops, how would you go about "fixing" things?

We use AWS as our cloud provider, and Jenkins as our CI/CD tool.

Most of our infra is a mix of manually spun up stuff from the AWS console, and some stuff created using terraform.

Most of the stuff that was spun up, our devs learnt how to do on the fly. Then at some point we hired a devops contractor to help us transition to using IaC (terraform), but he left after a few months without completing it, so we only had some of the infra represented in terraform. Then after that, we spun up some more stuff manually because we needed to. The jenkins jobs follow a similar story.

Basically, our stuff is a mess. We get by, but we feel this is one area that could probably be optimized. We're looking at hiring an experienced Devops/sysops engineer next quarter, but naturally we're not entirely sure how to put them to work.

If you were the engineer joining such a company, how would you go about rectifying their state of affairs.

https://redd.it/t533gr
@r_devops