a tumblelog
Wed 14 Oct 2020

Dockerfile Security Best Practices

Container security is a broad problem space and there are many low hanging fruits one can harvest to mitigate risks. A good starting point is to follow some rules when writing Dockerfiles.

I’ve compiled a list of common security issues and how to avoid them. For every issue I’ve also written an Open Policy Agent (OPA) rule ready to be used to statically analyze your Dockerfiles with conftest. You can’t shift more left than this!

Source: Dockerfile Security Best Practices, an article by Gianluca Brindisi.

Prefer Fakes Over Mocks

When writing tests, I prefer to avoid mocks as much as possible and rely on fake implementations instead. They require a bit of additional upfront investment, but provide many practical advantages which are important to consider.

In this article we will look at the differences between these two variants of test doubles, identify how using one over the other impacts test design, and why using fakes often results in more manageable test suites.

Source: Prefer Fakes Over Mocks, an article by Alexey Golub.

A few words on Git

Git is not a success story. Git is a failure as a system with a crap user experience that forces you to learn more about the tool you're using that about getting your work done.

Source: A few words on Git, an article by Hadi Hariri.