Securing your codebase is a fundamental step in guaranteeing the integrity of your software: if the access to your git commits is compromised, so is your whole supply chain. That’s the reason why almost every git hosting service has implemented a strong authentication system to protect their users from unauthorized access. The question naturally arises…
Read MoreIn this blog post I’m abandoning advice and tips on our software suite for once and moving on to show you an important best practice that we recommend to all our customers for their servers. But what do you do for laptops, which are our primary work tool? I didn’t think much about it…. While…
Read MoreHello everyone, I’m back to discuss Ansible and Ansible Execution Environments. In my previous blog, we talked about why and how execution environments are critical for a successful Ansible implementation. I hope my guide was easy to follow, but as you may have noticed, the process requires a significant amount of manual effort to keep…
Read MoreWith the rise of continuous integration and delivery (CI/CD) in modern software development, automating tasks like publishing npm packages has become crucial for efficiency. GitHub packages Registry (npm.pkg.github.com) allows developers to host and manage npm packages directly within GitHub, offering a seamless experience for both private and public repositories. By leveraging GitHub Actions, developers can…
Read MoreRight now, at Würth Phoenix, we are investing in automating most of our operations using Ansible. You’re probably already familiar with what Ansible does, but to summarize, Ansible is an open-source, command-line IT automation application written in Python. I’ve talked about it here: One challenge we faced while developing our automation scripts was that we…
Read MoreIn this blog post we’ll try a tool that’s new to me, called Terraform, and see how easy it is to integrate it with Ansible starting with no knowledge of Terraform. Terraform is a tool that allows you to automate resource provisioning; it uses HCL2 as the configuration language, and support has recently been added,…
Read MoreAfter updating one of our machines, we found that some of our Ansible playbooks were failing with the following error: The include module was removed in ansible 2.16, while the include warning deprecation was already present in ansible 2.12. At this point, we can choose between two possible modules to replace include: import_tasks or include_tasks….
Read MoreWhen you prepare a machine for production, you usually want to use a redundant network interface in order to be resilient to possible network outages. When we created our OpenShift cluster this wasn’t possible during the installation procedure, at least not using the UPI procedure. We recently added a new node and discovered this new…
Read MoreIn the first blog post of this series I showed you how to set up an OpenShift test environment and set up Gitea via helm chart and add an ssh key to Gitea. In the second blog post we created a deployment with ArgoCD that clones via ssh from our Gitea instance. In this final…
Read MoreIn my previous post, we set up our test environment and a Gitea operator. In this blog post we’ll install the OpenShift GitOps operator and run a simple deployment. This setup allows us to test OpenShift-specific security constraints (such as OpenShift-specific SCCs, non privileged containers by default, etc.) in a test environment before going into…
Read MoreIn this series of blog posts I’ll show you how to set up ArgoCD and Tekton to clone git repositories via ssh from a Gitea instance hosted on an OpenShift cluster. Please note that for the sake of this blog post, the configurations are not suited for use in production, but just to give you…
Read MoreAs you may have noticed from recent posts from some of my colleagues about “Boosting NetEye CI Speed: Test Parallelization” or “Speeding up the NetEye CI Testing Phase“, we are improving our CI in order to have a reliable, fast system that is able to test all the features we implement in NetEye 4. As…
Read MoreOne of the first issues we added more than 2 years ago to our DevOps backlog was automating the infrastructure preparation and release of NetEye, but we postponed it for a long time because it was too big to do. A bit of background Every 2 months we release a new NetEye version: this basically…
Read MoreEvery so often it may happen (in particular after a cluster update or hardware issues) that you see your storage in a warning state on OpenShift. The first thing to do is to check what’s wrong with your cluster: sometimes you may have a real issue, in other cases it may just be a temporary…
Read MoreIn a previous blog post, we looked at how we sped up certain stages of the NetEye pipeline through parallelization. This boost not only lifted team spirits but, more importantly, ramped up the pace of delivering new features and bug fixes, giving everyone the motivation to keep enhancing the pipeline across different stages. In another…
Read More