Continuous deployment to Kubernetes with GitHub Actions

Kubernetes GitHub Actions

Two years ago I wrote an article titled Simple Kubernetes deployment versioning to describe how I used bash and envsubst to substitute image tags in my Kubernetes manifests with a unique tag for every deployment. That worked reasonably well, but since then I have started to implement continuous deployment for most projects I work on and my homemade solution quickly became obsolete. I now almost exclusively use GitHub Actions to deploy my applications and in this article I will show how I set up CI/CD pipelines in GitHub Actions to test, build, push, and deploy Docker images to Kubernetes on every push to the main branch.

Read more...

Simple Kubernetes deployment versioning

Kubernetes

I have been playing around with Kubernetes a bit lately, both at work and for some personal projects. In fact, the page you are reading now is served by a Docker container running on Kubernetes. Kubernetes is a complex product and a bit overkill for a simple website like this, but it gives me the opportunity to learn about its concepts in order to use them for more complex projects. One of the issues I ran into was how to update deployments to a newer image version while using declarative YAML configuration files. In this blog post I will share my solution.

Read more...

Protect your Symfony application against the OWASP Top 10 security risks

Symfony security OWASP Top 10

In my experience with software development, security is an aspect of our work that does not always receive the attention it deserves. I have seen many organizations where risks are not properly analysed, and procedures to mitigate risks or to limit the impact of security breaches are not in place. Developers are typically expected to deliver new features, often under the pressure of tight deadlines, and new security issues get introduced without being noticed. At the same time existing or legacy code is rarely touched, possibly containing vulnerabilities that have existed for years.

Read more...

Building web applications with Make

Make

Make is a build automation tool originally designed to compile source code into executable programs. However, because it is such a proven, flexible and versatile tool, it is also a great fit for other applications. I have been using Make to automate build tasks for web applications for a few years now with great satisfaction, and in this article I will show some of its interesting features and some makefile snippets I commonly use in the projects I work on.

Read more...

Using Prism for syntax highlighting with Sculpin

Sculpin Prism

I have been playing with the idea of starting my own blog for a while, but until now my website consisted of just a static index.html (along with some Sass file and images). Writing the HTML manually worked fine for a single landing page, but I realised that for a blog this would quickly become cumbersome. In order to keep the management of my site as easy as possible, without having to run a fully-fledged, database-backed content management system, I decided to go for a static site generator.

Read more...