Atorico

Managing Images from Google Drive

I use Google Drive to store just about everything. One thing that bothered me was how difficult it is to view or embed images stored in GDrive on other websites. Getting StartedThe first trick is, finding the url template from Google, which allows itself

Keycloak

Keycloak - Custom Browser Flow

In today's world, we expect OAuth2 and OIDC compatibility. Sadly, there are many flavours of OAuth2/OIDC, both server and client side. Keycloak makes their interopability possible, but can be tough to configure. On the same hand, Keycloak's greatest strength, arguably, is in its

Conftest

Conftest: Path-based Validation by Using the Combine Flag

If storing Infrastructure as a Code, such as Kubernetes manifests, linting your configuration files with Conftest is a great first step. If you've structured your IaaC repository based on your infrastructure layout, ie. Stage-Environment-Domain-Application, you could also use Conftest to help validate the service

Conftest

Conftest: Validating Schemaless Configuration Files Such as Like Helm Chart Values

One of the biggest problems I needed to overcome while using OPA-Policy-Language with our Helm Chart configuration repositories is that each values.yaml could have a unique structure and ensuring stage specific values don't creep into the wrong stages. An inital working example can

Tutorial

Conftest: Configuration linting using OPA's rego policy language

Manageing configuration tends to come down to maintaining loads of yaml or json files which can get messy pretty quickly. To help ensure some standards it's important to lint even these files. In Kubernetes there are some nice projects to that end, such as

Kubernetes

ExternalName Services: Keeping your critical Stateful Applications out of Kubernetes

Once you start using Kubernetes, there's a strong desire to run everything on it. I'm not saying this is not possible, but for one reason or another it is not always practical. ExternalName services are a type of Service which allow you to map

Ingress

Kong Ingress Controller: Configure nokia/kong-oidc in Kubernetes with Kong CRD's

Here is an example of how to configure the nokia/kong-oidc plugin using Kong's KongPlugin CRD : --- apiVersion: configuration.konghq.com/v1 kind: KongPlugin metadata: name: kong-oidc-plugin-example namespace: dev config: client_id: **** client_secret: **** discovery: https://****.auth0.com/.well-known/openid-configuration scope: openid email profile

docker

Docker to Podman

Over the last few years Docker has been a staple of our workflow. Without it what could we have accomplished? Lately, it seems like the hit is in on Docker. First, Kubernetes trumped Docker Swarm as the orchestrator of choice, then Kubernetes dropped support