Politica
This techie Saturday I enjoied reviewing EuroPython submissions, and discovered some stuff I didn’t know like [LocalStack](https://github.com/localstack/localstack), a fully functional local AWS cloud stack for dev stuff.
I then spent some time reading some friends’ posts on Linkedin, discovering that Google launched a python/java package registry to fight supply chain attacks, google launched a couple of services:
- an API to get security info on packages https://deps.dev/ (but it lacks OAS3 and purl support for now)
- a curated artifact registry for java/python publishing certified packages https://cloud.google.com/blog/products/identity-security/google-cloud-assured-open-source-software-service-now-ga this registry uses SPDX instead of CycloneDX…
April 15 2023 | Politica | Commenta per primo! »
Caldav4j moved from travis.io to circle.ci. This allowed us to:
– easily running builds locally via `circleci build`
– add integration tests with a custmo baikal image.
This was done with very few changes:
– add a .circleci/config.yml
– limit resource usage on our pom.xml to comply with circleci limits
snippet here
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.22.0</version>
<configuration>
…
<threadCount>1</threadCount>
<forkCount>0</forkCount>
<argLine>-Dfile.encoding=${project.build.sourceEncoding} -Xmx1024m</argLine>
<useSystemClassLoader>false</useSystemClassLoader>
</configuration>
</plugin>
November 29 2018 | Politica | Commenta per primo! »
Quick learnings from this great post of Jennifer Pahlka
* Focus on delivery like the UK’s Government Digital Service (GDS) did. Center the work around the delivery of services to the public and measuring its value by the improvement to real people’s lives. Government is judged by the services it delivers: if a service is poorly designed, inflexible, slow, and unfriendly, the conclusion is that government too is all of these things.
* If it’s harder to sign up for these services than it is to sign up for online banking, that’s a delivery problem.
* The problem is not that we don’t have enough technology in government, or enough investment in technology. What we have too little of is service design, agility, understanding of user needs, and feedback loops.
The waterfall method that produces most deliverables in government “amounts to a pledge by all parties not to learn anything while doing the actual work”. Waterfall processes attempt to avoid failure at all costs, resulting in spectacularly large failures.
* Citing Rahm Emanuel’s words, “never let a crisis go to waste.” Take profit from failures: fail small, fail fast, learn and iterate. Adopt an iterative, user-centered, data driven approaches.
* While you don’t want to wait for changes in law and policy to change procurement practices, you should still initiate those changes. There’s a lot of money at stake. The US spent $2B for a court documents system that never saw the light of day, $900M for a deeply troubled financial system, and so on. Reach out for smaller contracts, but more of them. And they’d get to do more technology and less litigating. (Many people describe the process today as contract, build, fail, sue).
November 06 2018 | Politica | Commenta per primo! »
To use http proxies with java in openshift you should know:
– that tools like maven don’t honor http_proxy & co environment variables
– that each container image has its own build script (assemble) that does or does NOT take http_proxy into account.
Always check the image documentation if you need proxies:
– https://docs.openshift.com/online/using_images/s2i_images/java.html
– https://access.redhat.com/solutions/1758313
– https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.0/html/red_hat_jboss_enterprise_application_platform_for_openshift/configuring_eap_openshift_image#configuring_eap_env_vars
A general and flexible solution is:
– to provide a configuration/settings.xml in your project, eg.
github.com/ioggstream/java-project.git
– pom.xml
– src/
– configuration/settings.xml
– add in settings.xml
openshift interpolates every *PROXY* environment variable stripping stuff, so you may not always be able to do
…
${env.HTTP_PROXY_HOST}
…
JBoss images support the following variables via the `assemble` script:
– HTTP*_PROXY_HOST
– HTTP*_PROXY_PORT
Another solution is to:
– get the assemble from the given image you’re using (different images, different assemble)
– customize it so that it uses environment variables to build a custom settings.xml to be used within the build
– add it to .s2i/bin/assemble
Here’s an example assemble supporting proxies https://github.com/ivanthelad/openshift-jee-sample/blob/jws/.sti/bin/assemble
February 25 2018 | Politica | Comments Off on Using http proxies in openshift java projects
The ansible-galaxy ioggstream.ocp_health role can run a smoke test on openshift in minutes:
– etcd consistency
– rhn subscriptions
– master status
– registry, ipfailover and router instances
NOTE: it’s not a replacement of oadm diagnostics 😉
ansible-galaxy install ioggstream.ocp_health
# eventually tweak parameters
# vi /root/.ansible/roles/ioggstream.ocp_health/tests/ocp_health.yml
ansible-playbook –check /root/.ansible/roles/ioggstream.ocp_health/tests/ocp_health.yml
If you want to create a test project with two apps, one with a PVC and one with an ephemeral, set create_test_project.
ansible-playbook -v -e create_test_project=yes /root/.ansible/roles/ioggstream.ocp_health/tests/ocp_health.yml
November 25 2017 | Politica | Comments Off on Smoke testing openshift with ansible-galaxy
If you have issues after an automagic openshift-on-openstack deployment:
1. Remember: every buildconfig created *before* the registry is not authorized to push the images
2. Remember: hawkular is a java application. Startup is slow. Just click there and wait for the startup
3. Ansible is your friend. To get container logs, just
ansible all -m shell -a ‘ls /var/log/containers/CONTAINER_NAME*’
ansible all -m shell -a ‘cat /var/log/containers/CONTAINER_NAME*’ > CONTAINER_NAME.log
4. If a container don’t startup during the deployment, a broken image may have been downloaded
Jun 1 23:30:36 dev-7-infra-0 atomic-openshift-node: I0601 23:30:36.234103 32913 server.go:608] Event(api.ObjectReference{Kind:”Pod”, Namespace:”default”, Name:”router-1-deploy”, UID:”033670a9-470e-11e7-878f-fa163eac2bf7″, APIVersion:”v1″, ResourceVersion:”936″, FieldPath:””}): type: ‘Warning’ reason: ‘FailedSync’ Error syncing pod, skipping: failed to “StartContainer” for “POD” with RunContainerError: “runContainer: Error response from daemon: {\”message\”:\”invalid header field value \\\”oci runtime error: container_linux.go:247: starting container process caused \\\\\\\”exec: \\\\\\\\\\\\\\\”/pod\\\\\\\\\\\\\\\”: stat /pod: no such file or directory\\\\\\\”\\\\n\\\”\”}”
Cleanup docker repo
docker ps -aq | xargs docker rm
docker rmi 90e9207f44f0 –force
5. Run oadm diagnostics on the master 😉
6. Check #oc get hostsubnet
June 01 2017 | Politica | Commenta per primo! »
Ad Aurora (USA) un pazzo coi capelli da Jocker ha ucciso 12 spettatori del film Batman. Il soggetto aveva un fucile d’assalto comprato a un banco dei pegni.
La risposta è stata dura e intransigente: vietato mascherarsi all’entrata dei cinema.
July 27 2012 | Politica | Commenta per primo! »
Pare che con l’arrivo dell’IMU diversi locali commerciali invenduti si siano magicamente trasformati in box auto. I maliziosi sostengono che il provvedimento faccia risparimare bel po’ di soldi di IMU alle società immobiliari.
Mah, sempre a pensar male….
July 04 2012 | Legalità and Politica | Commenta per primo! »
Giuseppe Pannone è il primo dei non eletti al Consiglio Provinciale. Ma dovrebbe stare nell’assemblea già da qualche anno.
Infatti lo statuto PD non permette doppi incarichi. E in consiglio provinciale siede da tempo un sindaco (Eligio Tombolillo) e da poco un assessore (Enzo Eramo).
Chiaramente non è la poltronite la malattia che affligge due specchiati compagni come Tombolillo ed Eramo. Lo scranno provinciale conta ben poco. Ma la difficoltà di spiegare ai loro cittadini che Sezze e Pontinia debbano perdere un rappresentante in provincia. Che questo “abbandono” possa essere usato dalla destra contro di loro.
E’ importante però che Enzo ed Eligio dicano ai loro elettori che i nostri consiglieri provinciali – quelli che ne sono rimasti almeno – non credono alle battaglie di campanile, e che avessimo pure un solo eletto egli rappresenterebbe tutti i territori della provincia, come ogni nostro parlamentare rappresenta l’interesse della nazione intera.
Spero quindi che – a prescindere dalle discussioni delle varie commissioni di garanzia di questi giorni – i nostri compagni diano il buon esempio. E che le travagliate vicende provinciali di questo partito possano finalmente prendere la giusta piega: quella delle regole. Che si discutono, si amano o si detestano. Ma si rispettano.
June 26 2012 | Politica | Commenta per primo! »
Eccoci alla terza puntata di economia pecoreccia – basata sulle monete d’oro:
- nella prima abbiamo parlato della svalutazione (il Re di Borgogna che si riduce il debito pagandolo con monete più piccole);
- nella seconda dello spread (come la svalutazione influenza il prestito di monete).
Oggi vediamo che succede a un paese che non stampa moneta.
Quel furbacchione del Re di Borgogna riduce ogni tanto il peso delle sue monete per fare fronte ai suoi debiti, mentre quello di Frittole riesce a tenerlo stabile gestendo oculatamente i suoi affari.
Il Conte del Reno non ha un conio. Manda l’oro a Frittole per farselo tornare stampato in monete. Usando la moneta di Frittole, lui ed i suoi sudditi riescono ad avere prestiti convenienti dai banchieri (se non capite perché, leggete la puntata #2). I dazi imposti al passaggio delle merci sul suo territorio riempiono i suoi forzieri.
Accade però che una nuova rotta fluviale aggira il suo territorio. Lui incassa sempre di meno ed ha sempre meno oro da mandare a Frittole per stampare moneta. Non potendo “truccare” le carte come il Borgogna è costretto a diminuire la paga di soldati e cortigiani, o a licenziarli. E a spendere di meno.
L’economia della contea si reggeva su questi dazi: con meno cortigiani e soldati più poveri anche i fornai e i macellai, e il commercio iniziarono a soffrire. Chi poteva vendeva merci all’estero e nonostante fosse sempre conveniente chiedere soldi in prestito, nessuno riusciva però a pagare i debiti contratti in precedenza – avendo meno soldi in tasca.
La situazione peggiorò fintanto che il Conte fece quasi bancarotta, ma suo figlio con un’abile mossa riuscì a trovare una soluzione… nella prossima puntata!
January 28 2012 | Politica | Commenta per primo! »
Next »