Automation Friendly Find and Replace for Excel (xlsx) files

While struggling with D365 Operations and Finance Testing automation ( the testing tool RSAT uses xlsx files for parameters) I ended up putting together a little C# console app that uses the OpenXML library to find and replace strings in a non destructive manner (most other libraries caused formatting/file corruption).

I made it so its a self-contained, cross platform, single executable, so its easy to add into pipelines:
dkopec/excel-find-replace: A simple cli program to find and replace values in excel xlsx files. (github.com)

Hopefully it comes in handy for someone else.

Happy for feedback and suggestions.

https://redd.it/1emsqin
@r_devops

deploying rails apps using devops workflows

We have a develop managing a ruby on rails app that they want to deploy from their laptop directly to production using capistrano. this isn't how we manage our other apps but frankly we don't know enough about ruby on rails

there has to be a better way.

what's the best way to do this?

https://redd.it/1emv6at
@r_devops

Hiring Freelance Web Developer

Hi guys, we have added a new job on our platform, if you are looking for a job of Freelance Web Developer please check the job link below.



Role - Freelance Web Developer (Remote, Part-Time)



Job Link - https://devloprr.com/jobs#230

https://redd.it/1emyl48
@r_devops

Degree vs AWS Certs for SRE/ Security Engineer Progression?

What would be more ideal for time commitment?

Focusing on finishing a CS from WGU or getting 2 AWS Certs?

https://redd.it/1en0dut
@r_devops

Devops at AWS Shoreditch UK - a suit overkill?

I've been offered a DevOps role at the Shoreditch offices in the UK. When I visited previously, most people I saw wore tech-bro clothing (polo shirt, chinos, loafers). I usually wear a suit to the office, so not sure if I'll stick out like a sore thumb wearing one here?

https://redd.it/1en1f42
@r_devops

Triage bot summary issue in project - GitLab EE.

Hello,

I'm running into something I don't fully understand at the moment and I hope someone can clear it up for me. I think it has to do with best practices, the gitlab repository doesn't clear it up for me or perhaps I'm simply blind.

This is my goal:

Check all projects within a main group "groupname" (or that the token has access to) and create an issue with a summary. I want it to always create a summary in a specific project called "triage-ops", within that "groupname"


This how i've set it up now:

groupname/subgroupname/triage-ops > .triage-policies.yml and .gitlab-ci.yml are in this project.


Within .gitlab-ci.yml I have the following pipeline:

policy:run:
image: ruby:latest
stage: run
script:
- gem install gitlab-triage
- gitlab-triage --token $APITOKENTRIAGE --source projects --source-id groupname/subgroupname/triage-ops --host-url https://domain.com --debug
when: manual
except:
- schedules



The above works fine and it checks the specific project I've mentioned, and also creates an issue there.

So far so good.

I also know that I can reach my actual goal of checking all the issues in the projects by using

- gitlab-triage --token $API_TOKEN_TRIAGE --source groups --source-id groupname --host-url https://domain.com --debug

But when I do that, and run the summary, it always tries to create an issue within "groupname" but it ofcourse can't, because that's a group, not a project.

How would I, in this situation make it so that it does indeed write to a repository I want? Or is this simply not possible to check everything


Or, would I be forced to check everything specifically for the project, and then create a summary within that project, which means I need to run several jobs?


I'm kind of missing the best practice here I think.








https://redd.it/1en2mi2
@r_devops

Could we talk about IBM acquiring Hashicorp for a moment?

So, although it’s been about four months since IBM announced their plans to acquire Hashicorp, I feel like I have seen comparably few posts/mentions of this.

What does your future for IaS look like? Are you going to continue using Terraform etc. with the new licensing model, or are you moving to either open-source solutions like OpenTofu or the complete opposite direction like Bicep?

I feel like we are standing in the middle of a great upheaval and it’s getting really tiring to talk to companies that ask “Ah, so you have NOT worked with X?” when discussing which tools one has experience with.

https://redd.it/1en5mm6
@r_devops

Apono.io is driving a fake marketing campaing on Reddit with fake posts and comments. They are trying to play up their own service while badmouthing alternatives. Here is the evidence:

**TL;DR:** Apono is creating fake posts with fake user review comments, who get vote manipulated, then end up on google, also shit on competitors and block me in an attempt to silence alternatives/critique.

Hi r/devops, I've already commented on a few of their posts and wrote a longer linkedin post on the topics. Feel free to read the full story there:

- [https://www.reddit.com/r/devops/comments/1elp829/db_access_and_all_night_pings/lguk4qs/](https://www.reddit.com/r/devops/comments/1elp829/db_access_and_all_night_pings/lguk4qs/)
- [Linkedin Post](https://www.linkedin.com/posts/jaschabeste_would-you-buy-fake-votes-fake-reviews-and-activity-7226985915125010433-oNqX)

But there is no better place to call them out than on the very communities that they are trying to manipulate, is there?

**Who is Apono.io even?**

Apono.io is a cybersecurity, privileged access management software. That is used to allow developers and other members of an organization, to access restricted resources like databases, servers, etc. at least this is what I got from their web page, correct me if I am wrong.

The only reason I noticed what they are doing is because I tried myself founding a company in a similar space and ended up open-sourcing it. But this isn't a self promotion post, look into my post history if you're interested.

**What are they doing?**

Apono is systematically creating posts on various subreddits where they post a problem statement in on way or another and then comment with another account how Apono was the best solution for a person. Problem is: Neither the original Account, nor the user responding are actually real. Both of them are usually bought accounts with minimal relevant post history. And they never answer anything else, often aren't even used again after this usage.

These threads are also heavily vote manipulated on the thread from wednesday, my comment suggesting my open-source tool went from +6 votes to -4 within half an hour (now it's even at -8 but this could also be the hivemind).

**Why would they do this?**

Developer/Tech People marketing is notoriously difficult. Engineers are well known to be more or less immune to Ads, and hang up on Sales calls. Instead we often rely on social proof (recommendations by friends and colleagues) or user reviews on what we think are somewhat neutral platforms like reddit, hackernews and Github. Additionally Reddit has been ranking very highly on Google since about one year so if you create a reddit post "Alternative to xyz" and the first comment is your tool, this can drive a lot of traffic to your website for cheap.

**Examples**

| Account | Post/Reply | Blocked u/eng_jascha? | Note |
| :--------------------------------------------------------------------------------------------- | :--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :----------------------- | :-------------------------------------------------------------------------------------------------- |
| [https://www.reddit.com/user/MalachiHauck/](https://www.reddit.com/user/MalachiHauck/) | [https://www.reddit.com/r/devops/comments/14xerxk/seeking_alternatives_to_stongdm/](https://www.reddit.com/r/devops/comments/14xerxk/seeking_alternatives_to_stongdm/) | No | |
|

[https://www.reddit.com/user/Canisitwithyou1/](https://www.reddit.com/user/Canisitwithyou1/) | [https://www.reddit.com/r/devops/comments/14xerxk/comment/jrmxzoh](https://www.reddit.com/r/devops/comments/14xerxk/comment/jrmxzoh) | No | |
| [https://www.reddit.com/user/donasapertumz96/](https://www.reddit.com/user/donasapertumz96/) | [https://www.reddit.com/r/devops/comments/1elp829/db_access_and_all_night_pings/](https://www.reddit.com/r/devops/comments/1elp829/db_access_and_all_night_pings/) | Yes | |
| [https://www.reddit.com/user/James_Methew_678/](https://www.reddit.com/user/James_Methew_678/) | [https://www.reddit.com/r/devops/comments/1elp829/comment/lguuuqw/](https://www.reddit.com/r/devops/comments/1elp829/comment/lguuuqw/) | No (but u/SergeantAskir) | |
| [https://www.reddit.com/user/Anassilva](https://www.reddit.com/user/Anassilva) | [https://www.reddit.com/r/devops/comments/1dpkvlq/alternative_to_strongdm/lakopv5/](https://www.reddit.com/r/devops/comments/1dpkvlq/alternative_to_strongdm/lakopv5/) | Yes | StrongDM CEO reply on double rates |
| [https://www.reddit.com/user/DanielWalker12/](https://www.reddit.com/user/DanielWalker12/) | [https://www.reddit.com/r/devops/comments/1dpkvlq/alternative_to_strongdm/](https://www.reddit.com/r/devops/comments/1dpkvlq/alternative_to_strongdm/) | Account suspended | |
| [https://www.reddit.com/user/ehlinkhadif/](https://www.reddit.com/user/ehlinkhadif/) | [https://www.reddit.com/r/devops/comments/1b2gtyt/unifying_access_control_across_cloud_providers/](https://www.reddit.com/r/devops/comments/1b2gtyt/unifying_access_control_across_cloud_providers/) | Yes | |
| [https://www.reddit.com/user/ruhagarvan2/](https://www.reddit.com/user/ruhagarvan2/) | [https://www.reddit.com/r/devops/comments/1b2gtyt/comment/ksnlu4i/](https://www.reddit.com/r/devops/comments/1b2gtyt/comment/ksnlu4i/) | Yes | |
| [https://www.reddit.com/user/alexfoot420/](https://www.reddit.com/user/alexfoot420/) | [https://www.reddit.com/r/devops/comments/18gg1s4/looking_for_alternatives_to_strongdm/](https://www.reddit.com/r/devops/comments/18gg1s4/looking_for_alternatives_to_strongdm/) | No | |
| [https://www.reddit.com/user/plabon353/](https://www.reddit.com/user/plabon353/) | [https://www.reddit.com/r/devops/comments/18gg1s4/comment/kd0e79t/](https://www.reddit.com/r/devops/comments/18gg1s4/comment/kd0e79t/) | No | |
| [https://www.reddit.com/user/bindradugow/](https://www.reddit.com/user/bindradugow/) |

[https://www.reddit.com/r/mongodb/comments/1dtbubh/the_frustrations_of_managing_permissions_in/](https://www.reddit.com/r/mongodb/comments/1dtbubh/the_frustrations_of_managing_permissions_in/) | No | |
| [https://www.reddit.com/user/zahooelviane/](https://www.reddit.com/user/zahooelviane/) | [https://www.reddit.com/r/mongodb/comments/1dtbubh/comment/lb8yg28](https://www.reddit.com/r/mongodb/comments/1dtbubh/comment/lb8yg28) | Yes | |
| [https://www.reddit.com/user/rowlanosht/](https://www.reddit.com/user/rowlanosht/) | [https://www.reddit.com/r/mongodb/comments/18nhggy/options_for_auditing_elevated_permissions/](https://www.reddit.com/r/mongodb/comments/18nhggy/options_for_auditing_elevated_permissions/) | Yes | There is no mention of Apono here, but a deleted comment that could belong to the suspended account |
| [https://www.reddit.com/user/SalvatoreBerz/](https://www.reddit.com/user/SalvatoreBerz/) | [https://www.reddit.com/r/aws/comments/1b8ae4u/how_are_you_handling_pimjit_for_aws_this_topic_is/](https://www.reddit.com/r/aws/comments/1b8ae4u/how_are_you_handling_pimjit_for_aws_this_topic_is/) | Yes | |
| [https://www.reddit.com/user/iqramellouzz/](https://www.reddit.com/user/iqramellouzz/) | [https://www.reddit.com/r/aws/comments/1b8ae4u/comment/ktqa6mx/](https://www.reddit.com/r/aws/comments/1b8ae4u/comment/ktqa6mx/) | Yes | |

As you can see this has been going on for a while, and I think if you check any of the accounts you'll most likely agree that they look quite suspicious. They usually have little history and no activity in any engineering subreddits. Then suddenly come with a production access problem or recommend Apono as the magical solution for such a problem.

One thing that baffles me a bit is: They blocked me from any account that is newer than \~8 months. Which is roughly when I started being active and trying to market my tool. Probably in the hope that I wont see their posts and don't recommend my tool as an alternative. This however lets me tie all of them together in the same scheme and made me suspicious in the first place. I have never interacted with most of the accounts that they blocked me from, so why would these random users put me on their block list?

An additional thing I find extremely scummy is that they are bad mouthing their existing (probably leading) competitor StrongDM continuously in a lot of their posts. In one of them they claimed a double price hike and the StrongDM CEO even commented "that they have never raised prices this much" but of course the OP never answers and there is an Apono recommendation in the post.

**So what? Everyone buys reviews.**

Maybe true, but that doesn't make it right and if you get caught you deserve being shamed for it. Especially selling a cyber security product that relies on trust should not use such scummy marketing campaigns in my opinion. I for my part will recommend people to rather use StrongDM or Teleport if they want to pay for a solution. Maybe we as a community can spread the word and make them stop this.


**Note:** This is not about Aponos product, I have never tried it. It might very well be a good solution. I'm just trying to shine some light on how a company is flooding reddit with fake reviews.

https://redd.it/1en737f
@r_devops

Hardworking devs that are pretty normal and don't drink often, when shit hits the fan and you dont have a solution for production code/DevOps, is day drinking beer like startups do, a good stress solutions to preserve sanity and keep hair from falling out or have you a better solution ?

I am a hardworking developer and have gotten a new role where it's going to be me mostly building new web and mobile apps in the frameworks I am very comfortable in and the job was a blessing at 130k so I couldn't say no in my only 3 years experience.

So the problem is I got handed a production live project handled by a bunch of poor devs that are in another country and were let go and it's literally already broken all over so I'm thrust into the fires of hell trying to resolve that on top of having a staging environment that isn't working because we are using tools that I have no experience in and am having to relearn my whole education and experience.

I didn't understand that our processes were this bad and no documentation but now I gotta back up myself. However I have been clear on Basecamp that I am not a devops expert in certain things.

I'm good and building and debugging and even designing and tests. I just have very little experience with devops SRE and the tools we are using.

Everything is done manual uploads and not using GitHub to push to staging so for a little bug fix all of staging has to get reuploaded which is dumb but hey it's what I got.

Anyway so basically I have worked for startups that had kegs at work and day drank. So I'm thinking to do the same thing just for this high stress time period or when shit hits the fan.

I have tried meditation, audible, headspace, 8 hours sleep, working out all day as I work from home.

NONE of it helps.

Normally I'm a happy dev that works hard and knows what he is doing. Right now I'm like "where is that keg" so is this normal to feel this way?

How many of u guys casually have a beer or 2 during work hours working from home or at ur modern office startup (those that have that option available)?

I don't want to be dependent on drinking but I also don't want my fucking hair to fall out or to have a heart attack at 30 ffs hahaha.

https://redd.it/1en8g7l
@r_devops

To those deploying rabbitmq in kubernetes, how are you handling automation of the rabbitmq config?

Are you using the messaging topology operator? Are you loading a definitions file? Other?

https://redd.it/1enbvbu
@r_devops

Devops from stratch?

Could anyone suggest a structured approach or roadmap for learning DevOps from scratch? I'm particularly interested in free resources like online courses, tutorials, and projects. Any advice on how to combine these tools effectively in a real-world project would be greatly appreciated!

https://redd.it/1end25o
@r_devops

Looking for conversation 🤔

I’m about to make a transition from a permanent position to contracting. One of my main concerns is losing the sense of community and the active engagement I currently enjoy with my engineering team at work. In our Slack tenant, which has about 300 people, we benefit from open office hours sessions, soft skill and culture conversations, as well as highly opinionated technical discussions 😂.

I’m on the lookout for active communities, similar to Slack, that are focused on sys admin, DevOps, and platform engineering, rather than development. If any of you are part of such communities or know of any good ones, I would greatly appreciate your suggestions.

Thanks in advance for your help!

https://redd.it/1end3ds
@r_devops

Use HashiCorp Vault to store only sensitive values or use it for entire app configuration?

Helllo, long time lurker, first time poster here

basically the title - to provide some insight, I manage two k8s clusters at my job (dev and test) and deploy all the containerised apps that come from developers with Kustomize, where all the apps are supposed to be configured through environment variables - that I manage through ConfigMap + all the sensitive stuff is being pulled from Vault with external-secrets operator into Secrets and sprinkled on top with stakater/Reloader

Now I'm trying to figure out if there is more convenient /straightforward/ way for devs to manage app config. Ideally everything would be under at least similar location, so I thought about putting everything under that Vault KV secret and then just using that to include my envs to containers with external-secrets, but it still feels at least a little wrong to me, as secrets should(?) be used to store only sensitive variables so that only some folks have access to them while rest of the team can view non-sensitive envs in Kustomize builds. I was also considering SOPS back in the day when I was designing this little thingy, but Vault just felt superior at the time as I didn't want to manage all the encrypted values in files and needed its PKI engine anyway. Or maybe I'm just overthinking it and should keep it the way it is?


Still consider myself a novice with a lot to learn (actually I'm still a student, but my hobbies set me up on this adventure), so if anyone could give me some insight, I would greatly appreciate it!


edit: clarification

https://redd.it/1engh6g
@r_devops

VsCode extension that do cost estimates for Terraform

Found a question posted in this subreedit 2 years ago about this functionality.

Now, i made this extension that can do it.

Globally, the idea of the tool is to generate graph of objects from any programming language (including terraform) and navigate the graph. With a extension system to includes extra data to the graph, the cost analysis is one the functionality that we included to it.

Try it on: https://marketplace.visualstudio.com/items?itemName=Archikoder.lens

https://redd.it/1enhrhp
@r_devops

What did you learn this week?

DevOps is such a large field, every day we are googling things and working on setting up different things, difficult and easy. Maybe it's common knowledge, but you just didn't know. Or you found a unique solution to an obscure problem -- anything, share it, so the rest of us can benefit.

https://redd.it/1enja2c
@r_devops

How to sell containers over VMs to non technical people?

So I work in a team that primarily supports a line of business that does financial modeling. Generally its desktop application support with some SQL server jobs but they just started experimenting doing production with python.

So they came to us asking for a python development environment. Their idea is that we should stand up some windows EC2s that they can remote into and work. One for everyone or one per developer, that is unsure. Of course we will have to keep these machines patched and scaled etc etc.

They started hinting at wanting to run python a while ago and I've developed java before at this same company so I'm used to the standards and practices we already have.. I'm familiar with the path of least resistance to production. I say this because our security advisors are always present and for me using pre-approved architecture just makes things easier.

So I had time to write a pipeline that uses buildpacks to build and push their code and images to eventually be deployed on a shared EKS that everyone uses already. This has been running and works well already for a few small projects. One namespace per non production env with another cluster used for production. Istio in place. Totally legit and all managed by someone else.

I've explained the concept of containers multiple times and essentially have abstracted away everything about building and running their code.. they have logs in Splunk. All they need to know is git, one ssh-keygen command and to structure their repo in a certain way... Maybe how to get to Jenkins and look at build logs.. They can't seem to grasp the concept at a management level although I've had success with the actual developers! They themselves are still afraid of docker. But they can git push and keep their commit history relatively clean. They open pull requests even.

If their bosses whine enough they will eventually get their VMs because they've got pull and they will also be paying for them... Doesn't mean we shouldn't be pushing for a better solution that won't give us more support work

https://redd.it/1enkm1z
@r_devops

Running sonarQube Server on Azure Container instance

I've successfully deployed SonarQube on an Azure Container Instance (ACI) and can access it via Port 9000 with a public FQDN. I created a GitHub app, generated a token from SonarQube, and integrated them. Despite granting all necessary permissions to the GitHub app, when I try to import a project from GitHub in SonarQube, I'm redirected to a page showing "You're not authorized to access this page. Please contact the administrator.", and I can't figure out why.
note that the github App is from a personal account and the repo is a private repo owned by the same account .
Ran another container locally to be able to better debug , still the the same page occurs but at least I could see a warning on the console :
```
2024-08-09 00:28:11 2024.08.08 21:28:11 WARN web[\][o.s.a.c.GenericApplicationHttpClient\] GET response did not have expected HTTP code (was 404): {"message":"Integration not found","documentation_url":"https://docs.github.com/rest","status":"404"}
```
but I guess that's only a warning

https://redd.it/1enhixu
@r_devops

How do devops team do cloud provisioning?

Hi everyone, just looking to learn from the community how devops team do cloud provisioning/access management for engg teams. Some questions i had:

* do you provision using IaC like Terraform or does your company use an IGA to do this?
* how much work is it creating workflows, managing, approving permissions around provisioning/deprovisioning?
* any other insights you can share would be so helpful.

Many thanks in advance.

https://redd.it/1eno522
@r_devops

Job Hiring Senior Web Developer

Hi, we have listed one more Web Developer job on our platform so if you are interested in Senior Web Developer job kindly check the below link



Role - Senior Web Developer (Remote, Contract Basis)



Apply - https://devloprr.com/jobs#233

https://redd.it/1enqt2b
@r_devops