Python’s boolean operations and and or do some things that I never fully comprehended before now. In the way that I’ve modeled these operations in my head, the operation always yielded True or False. For example, if I were doing a conditional statement, and I provided a falsey statement, such as None or an empty string, I know that that will evaluate to False: # None and "" are both Falsey if None or "": # This will never evaluate print("you can't see me!

Docker tags should be mutable, and your observability should account for the digest. Images already have an immutable reference - the digest on their manifest. If it’s necessary to pin to a specific image, pin to the digest. The tag should be representative of the application bundled, and not the libraries it bundles in the image. You should be able to deploy an image using the same application version with upgraded libraries and dependencies.

Also could have been called “The things that probably should have been more obvious to me regarding software vulnerabilities than they ended up being.” I’ve spent more time than I’d prefer to admit trying to wrap my head around some of these concepts, so maybe this will help someone else. From the perspective of gathering scan results and acting on them for the benefit of the orgainzation. Common Vulnerabilities and Exposures (CVE) 🔗TL;DR: Public catalog of software vulnerabilities.

When updating poetry, make sure to update poetry’s dependencies in addition to poetry itself: poetry self update # updates poetry poetry self lock # resolves poetry's dependencies poetry self install # installs any dependency changes # maybe necessary poetry cache clear <cachename> --all This is not immediately evident to me. I had previously assumed that poetry self update would make sure poetry is as up to date as it can be.

After upgrading Go from 1.21 to 1.22 using mise, vim-go stopped doing things that I’m used to it doing automatically. For example, the plugin would normally remove the os import from this file, since it’s not being used: package main import ( "fmt" "os" ) func main() { fmt.Println("Hello, World") } The solution is to upgrade the binaries with GoUpdateBinaries. I had been chasing down mise, since this is a new tool in my belt, and thinking it had screwed something up.

I have a python service which has been running in an AWS ECS Task without issue. However, if I try to run it locally, the service would deadlock (hang, freeze, stop working…adding more terms for searchability, because I was having a heck of a time finding the right words to search for). My local machine runs MacOS, my container image runs Wolfi (Linux). (I also have a personal machine running Ubuntu, and I could not reproduce the issue on that either).

In the last few months, I’ve been gifted some Onyx Coffee Earl Grey and a Hario tea pot. I have never liked bagged earl grey that I’ve had - no matter how long I steep it, it’s bitter. Yet, I absolutely love this tea, the way I’ve been brewing it in the tea pot. So I want to try more teas of varying type and quality, and see what else I like.

Today I finally took the time to find some info that I’ve wondered about for…too long. The Open Container Initiative governs the interfaces around containers. In particular, for today, I want to understand the specification for interacting with registries, like ECR. Hey, guess what? The OCI specs are all in github! Here are the API endpoints for a registry. The spec doesn’t appear to define authentication - only that it might exist.

Simply put: pip install -r <(poetry export) -t out/ poetry export outputs a pinned version of packages in the same format as a requirements.txt. Package as a lambda function in Gitlab CI: # .gitlab-ci.yml stages: - package package: stage: package image: python:3.10 variables: POETRY_HOME: /usr/local before_script: - curl -sSL https://install.python-poetry.org | python3 - # install poetry - apt-get update && apt-get install -y zip # install zip script: - pip install -r <(poetry export) -t out/ - cp src/*.

I am trying to run a shell script in AWS Lambda. I packaged it in a Docker image based on Alpine. The logs show that it runs fine, but the Lambda shows an error, even though my script exited with 0. This blog post was my key to understanding what went wrong. The docs page I had found mentioned the Lambda Runtime API, and how the container needs to implement that API.