I am an open source software engineer at Red Hat. I work on Kubernetes and OpenStack.
I am a maintainer of Gophercloud, the Go SDK for OpenStack. I am also the author of openstack-resource-controller, an experimental Kubernetes operator for managing your OpenStack resources.
Many candidates struggle to express their full potential during a technical interview. As the interviewer, your job is to let them shine. You will certainly look out for red flags, and your attention will naturally be drawn to their technical weak spots. But you’ll have to be intentional if you don’t want to overlook talent. Your job in a technical interview: prove that this very candidate is the best fit for the role. Of course they might not be, but the idea behind this approach is that if they are, you minimise the risk of not finding out. And if they are not, you will have given them a fair chance. ...
My personal Bash styleguide. Headers The shebang tells our operating system what interpreter to use to execute the script. #!/usr/bin/env bash These options make the execution of our script more predictable: set -o errtrace set -o errexit set -o nounset set -o pipefail # or more concisely: set -Eeuo pipefail When a command in a script fails, the failure is ignored by default. With -E and -e, errors stop the execution of the script. ...
Do you use docker-compose to run your local development environment? Do you write your commands into a Makefile to protect your brain and your fingers from complex startup scripts? If so, then you know how painful it is to tell your service to wait for the database before starting. In a sane production environment, a service should always boot and patiently wait for the dependencies to become available, and signal their state through something like a readiness probe. ...
IAM stands for Identity and Access Management. It is the service that lets you manage authentication and authorization within your AWS account. Authentication and Authorisation in AWS are based on six building blocks1: Account, User, Group, Policy, Action and Role. Everything I write here, and much more, can be found in the AWS documentation. This post is nothing more than a quick introduction to get you started with the basics. ...
Browsers let us save passwords and to retrieve them. This way, we can use strings too long and complex to be remembered. Some browsers, with or without the support of external password managers, generate new passwords for us and manage them seamlessly. However most of the time, everything regarding passwords is still based on the ability of the browser of guessing which input field contains a username, and which one contains a password. ...
Build with Modules, Ship from Scratch If you use dep, check out this post instead. Goals: The application executable is compiled inside a container, in order to boost reproducibility The resulting image must be as small as possible The application must run in a container as secure as possible: an unprivileged user in a minimal environment The application must be able to make HTTPS calls It is a multistage Dockerfile: the first throwaway stage is used for building, while the final image will only contain the compiled binary executable. ...
In this video, Robert Martin uses Kotlin and JUnit to illustrate his Three Laws of TDD. But what about Go? Follow me and challenge the master! We will walk in his footsteps with the only help of Brad Fitzpatrick’s checkFunc pattern. The Three Laws You are not allowed to write any production code unless it is to make a failing unit test pass. You are not allowed to write any more of a unit test than is sufficient to fail; and compilation failures are failures. You are not allowed to write any more production code than is sufficient to pass the one failing unit test. Prime factors Step 1: the API We want a function to list the prime factors of a given number. ...
Build With Dep, Ship From Scratch For Go 1.11 modules, check this post instead. In a devops environment, pushing some code to the repository is not enough. You have to ship it. And the first step is often writing a Dockerfile. The goals: The code has to be compiled in a container, to boost the chances my build will be reproducible. Use dep for fetching the dependencies in case the vendor folder is not committed alongside with the code. NOTE: if vendor/ is in the .gitignore, it should be in the .dockerignore too. The final image should be as small as possible. Go applications compile to a single binary. We can have images as small as our compiled binary by leveraging the special FROM scratch base image in a multi-stage build. Here is my base Dockerfile for Go services: ...
Recently, I have been working on an event-sourced application built around Command-Query Responsibility Segregation (CQRS). My job was to figure out how to implement a new command in Go. In order to act on a given object, we have to build the current state of that object out of the events that created and modified it. Here I want to show how I have come up with the applier interface to represent the Event logic. ...
I used to spend an unreasonable amount of time thinking about how to begin writing a test. I googled test patterns in Go. Many people seem to rely on external dependencies for assertions. And in fact, I understand that generic (aha!) functions like isNil(v interface{}) bool can initially bring speed to the development. But in the long run, I think that embracing the true strongly-typed nature of Go, instead of just searching for a way around it, is more rewarding. Writing more idiomatic code will be beneficial both for the quality of the code, and for the insights you can get by looking the Beast in the eye. ...