2023 Free / Open Source Software Accomplishments

I find it hard to believe, but it is true: another year has wrapped up. With the conclusion of 2023, I’m looking back at some of my free and open-source software accomplishments over those 12 months. My contributions are, once again, all over the place: different languages, industries, technology stacks, and architectural layers. I made … Continue reading 2023 Free / Open Source Software Accomplishments

Improving the Reproducibility of Spring Boot’s Docker Image Builder

Reproducible builds are big wins for security, maintainability, and sanity. If you don’t like it when nothing has changed, yet your build suddenly breaks or doesn’t produce the same output, then improving reproducibility is for you. By default, Spring Boot’s Docker/OCI image building solutions, bootBuildImage (in Gradle) and spring-boot:build-image (in Maven), do not operate reproducibly. … Continue reading Improving the Reproducibility of Spring Boot’s Docker Image Builder

Users and Client Secrets in Keycloak Realm Exports

Keycloak is an open source Identity and Access Management (IAM) solution that’s easy to run in Docker using a Configuration as Code (CAC) strategy enabling a workflow where a git source control repository can be cloned by a developer who can run one non-interactive script that starts Keycloak and gets it into a consistent state … Continue reading Users and Client Secrets in Keycloak Realm Exports

Cypress Testing Integrated with Gradle and Spring Boot

Cypress is a great testing framework for “anything that runs in a browser” allowing for clean, maintainable end to end tests. However, these tests can difficult and annoying to for developers to run, especially those who aren’t front end specialists. The following covers getting existing Cypress tests integrated and easily running within the Gradle-based build … Continue reading Cypress Testing Integrated with Gradle and Spring Boot

Linters: Keys To Secure, Maintainable, Quality DevSecOps

Linters are static analysis tools that analyze source code and report problems. The term goes all the way back to Bell Labs in 1978 but the concept is still very important today. In my opinion, linters are a key ingredient of a successful DevSecOps implementation, and yet not enough people are aware of linters, how … Continue reading Linters: Keys To Secure, Maintainable, Quality DevSecOps

Trusting AWS RDS Certificates in Docker and Beanstalk

To connect to AWS RDS databases using TLS/SSL, the client must trust the certificate provided by RDS; RDS doesn’t use certificates trusted by the CAs (Certificate Authorities) included by operating systems. Without TLS/SSL, the connection to the database isn’t secure, meaning an attacker on the network between the client (running in EC2) and the database … Continue reading Trusting AWS RDS Certificates in Docker and Beanstalk

WordPress on AWS The Easy Way with VersionPress

Developing and administering WordPress can be painful, especially when requirements include the ability to have a team of developers, the ability for a developer to run the site (including content) on their system (so they can reproduce issues caused by content or configuration), multiple content authors, multiple environments (such as staging and production), and the … Continue reading WordPress on AWS The Easy Way with VersionPress

Trusting DoD Certificates in Docker and Beanstalk

The US DoD (Department of Defense) uses its own root certificate when signing https certificates for its domains. For example, https://www.my.af.mil/ uses such a certificate. These root certificates are not trusted by any (commercial/public) operating system, browser, or other client. Therefore, in order to access these sites and not get an error, the DoD certificates … Continue reading Trusting DoD Certificates in Docker and Beanstalk