December 2022¶
Overview¶
- I had a lot of fun with Datasette in December.
- This is a tool that got added to my Toolbox for sure: it's awesome and rather versatile.
- I took a quick look at no-code development with AppSheet.
- I improved my tools for authentication-related testing.
- I have some new favorite free web development resources:
- Flowbite
- Tailwind
- Tailwind Palette
- I have some new favorite free Kubernetes development resources: Okteto and Krucible are among my favorites.
- A few quick notes from the Implement DevOps in Google Cloud course and the Cloud SQL quest. CodeLabs
- I'm taking notes as I start working through Building Git: it's fantastic so far and came highly recommended by a trusted colleague.
- one last blog post: https://brie.dev/2022-tools-added-to-toolbox
- Datasette
- I finally got hands-on with
datasetteand it's amazing! It's officially in my Toolbox. ✅ - Datasette is "an open source multi-tool for exploring and publishing data".
- 🚀 My TIL site is built using it! (It's in alpha and may be broken.)
- I finally got hands-on with
- Great
jqnotes: https://hackmd.io/@il-suse/BJ_RoR8u_ - Wickedblocks - A free collection of Tailwind blocks & components
- The Practical Engineering blog
- https://docs.ansible.com/ansible/latest/collections/community/general/pagerduty_alert_module.html#pagerduty-alert-module
- Ansible Integration Guide
- Logfile Navigator -
ssh playground@demo.lnav.organdssh tutorial1@demo.lnav.org - Smokeping
- A goode guide for using Let's Encrypt's DNS challenge that works well today: https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-dns-validation-with-acme-dns-certbot-on-ubuntu-18-04
- Raw Graphs
- OpenTelemetry
Kubernetes¶
- Kubernetes clusters for testing and development
- Like:
krucible create cluster --duration 1to create a cluster that gets cleaned up in one hour.
- Like:
- https://hub.datree.io/
- https://www.devspace.sh/docs/5.x/configuration/deployments/kubernetes-manifests
- Ancientt - A tool to automate network testing tools, like iperf3, in dynamic environments such as Kubernetes and more to come dynamic environments.
- https://gist.github.com/trietsch/46262021ed83431eef9476298af66664
- https://k8s-examples.container-solutions.com/
- Introduction to YAML: Creating a Kubernetes deployment
- Be basic: create a static pod.
- https://microk8s.io/
- Using Log4brains for tracking Architecture Decision Records
GitOps¶
Terraform¶
- Google Cloud standards
SAML¶
Read more on my Authentication page.
- AweSAML
- SAML Test SP
- Test SP
- OneLogin SAML Developer Tools
- Stub IdP
- https://indieauth.net/
- https://sptest.iamshowcase.com/
Unsolicited SAML responses AKA IdP-initiated SSO
- Quick overview of Unsoliticted Responses
- Deep Dive on Unsolicited SSO Configuration
- SAML for Web Developers
- The SAML Python 3 toolkit
- Has a demo Flask app
SAML Python toolkit lets you turn your Python application into a SP (Service Provider) that can be connected to an IdP (Identity Provider).
In production also we highly recommend to register on the settings the IdP certificate instead of using the fingerprint method. The fingerprint, is a hash, so at the end is open to a collision attack that can end on a signature validation bypass. Other SAML toolkits deprecated that mechanism, we maintain it for compatibility and also to be used on test environment.
Hashing algorithms:
OneLogin SAML toolkits work with AD-FS. In order to ensure they work properly, make sure you select SHA1 instead of SHA256 as the hashing algorithm in AD-FS.
https://gitlab.com/gitlab-com/infra-standards/project-templates/okta-developer
Auth¶
- SuperTokens looks interesting
- https://code.stanford.edu/et-public/docker-openldap
SAML SPs...¶
I'm looking for more good examples of SAML SPs that meet these criteria:
- are free/have a free tier
- can be self-hosted (not a hard requirement)
So far, the options that seem to meet my requirements are:
A place to look (that's mostly paid):
There's also:
- https://fusionauth.io/download
- Bookstack