Newsletter of Carlos Santana — Issue #26

8 min readFeb 7, 2022

Welcome to my newsletter. Every week, I’ll update you on Cloud Native topics in 3 categories News, Assets, and Skills

This week I started streaming videos on TwitchTV, YouTube, and Twitter about Kubernetes and Knative. The goal is to help others learn about Cloud Native and Open Source. Please let me know if you like the videos.

News

Argo CD v2.3 release candidate. The next Argo CD release is around the… | by Alexander Matyushentsev | Feb, 2022 | Argo Project — blog.argoproj.io
The next Argo CD release is around the corner. During the last three months, Argo CD got 200+ commits from the 71 contributors. We worked hard to improve the usability of core Argo CD features…

Safeguard your containers with new container signing capability in GitHub Actions | The GitHub Blog — github.blog
GitHub has partnered with the OpenSSF and Project Sigstore to add container image signing to our default “Publish Docker Container” workflow, giving your users confidence that the container images they got from their container registry was the trusted code that you built and published.

Malicious Kubernetes Helm Charts can be used to steal sensitive information from Argo CD deployments — apiiro.com
Apiiro’s Security Research team has discovered a major vulnerability in Argo CD platform (CVE-2022–24348).

More ways to keep your pull request branch up-to-date | GitHub Changelog — github.blog
More ways to keep your pull request branch up-to-date

Quirrel is acquired! And I am joining Netlify — DEV Community — dev.to
I am very happy to announce that Quirrel was acquired by Netlify, and I am joining as a software… Tagged with quirrel, netlify, jamstack.

Google and Microsoft back the Alpha-Omega Project to bolster software supply chain | VentureBeat — venturebeat.com
The Open Source Security Foundation has launched the Alpha-Omega Project to help secure the software supply chain.

Principles for Designing and Deploying Scalable Applications on Kubernetes — elastisys.com
15 principles for how to design and deploy cloud native applications on Kubernetes — for scalability, observability, automation & security.

Google Cloud launches dedicated Digital Asset Team | Google Cloud Blog

cloud.google.com
Google Cloud launches a new, dedicated Digital Assets Team to help underpin the blockchain ecosystems of the future. Whether you’re implementing blockchain strategies or blockchain-native, you can rely on Google Cloud’s scalable, secure, and sustainable infrastructure.

The State of the Octoverse | The State of the Octoverse explores a year of change with new deep dives into writing code faster, creating documentation and how we build sustainable communities on GitHub. — octoverse.github.com
Octoverse Report

How Citi is building the secure software factory with Sigstore and Tekton — blog.chainguard.dev

Securing the software supply chain is of paramount importance to the tech industry today.

Supply Chain Security Is Not a Problem…It’s a Predicament | Threatpost — threatpost.com
Despite what security vendors might say, there is no way to comprehensively solve our supply-chain security challenges, posits JupiterOne CISO Sounil Yu. We can only manage them.

CNCF Archives the OpenTracing Project | Cloud Native Computing Foundation — www.cncf.io
CNCF announced today that the Technical Oversight Committee (TOC) has approved the archiving of the OpenTracing project. Archived projects are fairly rare but a…

Major vulnerability found in open source dev tool for Kubernetes | VentureBeat — venturebeat.com
A zero day vulnerability with a “high” severity rating affects Argo CD, an open source developer tool for Kubernetes, Apiiro researchers said.

January 2022 Update | Flux

fluxcd.io
New Flux and Flagger releases bring more security, terraform-controller team wants feedback, Flux articles and docs, upcoming Flux events helping you get started and more.

New Open-Source Multi-Cloud Asset to build SaaS — DEV Community

dev.to
Development and automated deployment of SaaS for multiple tenants, using Red Hat OpenShift/Kubernetes and DevSecOps. Tagged with saas, development, devops, cloudnative.

Mark Chmarny | Twitter follower status monitoring made easy using TweeThingz

blog.chmarny.com
few longer thoughts,
because every once in a while
140 characters is just not enough

Assets

GitHub — AdminTurnedDevOps/Terraform-The-Hard-Way — github.com

The most efficient way to learn Terraform for beginners and intermediate practitioners

GitHub — firecracker-microvm/firecracker: Secure and fast microVMs for serverless computing. — github.com
Secure and fast microVMs for serverless computing. — GitHub — firecracker-microvm/firecracker: Secure and fast microVMs for serverless computing.

GitHub — kotalco/kotal: Kubernetes Blockchain Operator — github.com
Kubernetes Blockchain Operator. Contribute to kotalco/kotal development by creating an account on GitHub.

HOUDINI: Hundreds of Offensive and Useful Docker Images for Network Intrusion

houdini.secsi.io
HOUDINI (Hundreds of Offensive and Useful Docker Images for Network Intrusion) is a curated list of Network Security related Docker Images for Network Intrusion purposes.

GitHub — kubeshop/monokle: 🧐 Monokle is your K8s best friend for creating, validating, debugging and managing manifests! 🚀 — github.com

🧐 Monokle is your K8s best friend for creating, validating, debugging and managing manifests! 🚀 -

GitHub — direktiv/vorteil: turn your applications and containers into micro virtual machines — github.com
turn your applications and containers into micro virtual machines — GitHub — direktiv/vorteil: turn your applications and containers into micro virtual machines

Create fast, easy, and repeatable containers with Podman and shell scripts | Enable Sysadmin — www.redhat.com
Get started with containers in a fast, repeatable way through the familiar shell scripting interface.

GitHub — weaveworks/flintlock: Lock, Stock, and Two Smoking MicroVMs. Create and manage the lifecycle of MicroVMs backed by containerd. — github.com

Lock, Stock, and Two Smoking MicroVMs. Create and manage the lifecycle of MicroVMs backed by containerd.

GitHub — hamidgholami/k8s-lab: Kubernetes Labratory — github.com
Kubernetes Labratory. Contribute to hamidgholami/k8s-lab development by creating an account on GitHub.

Skills

Performance Reviews for Software Developers — How I Do Them In a (Hopefully) Fair Way — The Pragmatic Engineer — blog.pragmaticengineer.com
Note: if you’re just looking for performance review templates and examples, head to the templates page to download them. I’ve had about a dozen performance reviews during my decade-long software engineering career. Some of them were unmemorable, some okay, but a good chunk of them were just… plain bad. Often,

OpenShift Commons Gathering on GitOps — Feb 09 | Hopin

hopin.com
Get tickets to OpenShift Commons Gathering on GitOps, taking place 02/09/2022. Hopin is your source for engaging events and experiences.

Level up your Go Presentations. What is present? Present is used to… | by Drashti Ved | Medium — medium.com
A mini guide to use Present tools for your next Golang presentation

FOSDEM 2022: Golang JSON Serialization — The Fine Print — github.com

Executing Remote Commands with Pulumi | Pulumi Blog — www.pulumi.com
In this article, we deploy k3s and use the Command package to retrieve our kubeconfig from the virtual-machine and create a Kubernetes provider

Ep. #110 Supply Chain Security | DevSecCon

www.devseccon.com
Supply chain security is a multifaceted, complex, and currently unsolved problem, and Jonathan Meadows is determined to change that!

What is OpenShift CPU throttling? Turbonomic to the Rescue! — openshifttipsandtricks.blogspot.com
Your description for this link…

Rakesh Jain on Twitter: “Linux Diagnostics and Troubleshooting Series — Managing Kernel Modules! “ — twitter.com
Your description for this link…

Setting up an raspberrypi4 k3s-cluster with nfs persistent-storage | by Michael Tissen | Medium — michael-tissen.medium.com
There are not many options to add persistent-storage to a k3s raspberry cluster. I will present you a relative simple and powerfull method with the nfs-client-provisioner. I’ve created a folder named…

Kubernetes kOps: Step-By-Step Example & Alternatives — Kubecost Blog

blog.kubecost.com
Learn the features and functionality of Kubernetes kOps, explore its alternatives, and follow step-by-step instructions to implement it.