Weekly newsletter Building Async and Cloud Native organizations - Issue #1

#1・
2

issues

Subscribe to our newsletter

By subscribing, you agree with Revue’s Terms of Service and Privacy Policy and understand that Building Async and Cloud Native organizations will receive your email address.

Michiel van Oudheusden
Michiel van Oudheusden
Hi, and welcome to this newsletter. Thanks for signing up and joining me on a journey touching all kinds of software and cloud related subjects!

REST and APIs
I have been working with Azure API Management a lot recently. So my top 3 resources I always refer to:
Using webhooks can be a great solution to push data instead of polling. There are however authentication issue that need to be solved.
Ngrok did a very nice overview of all the different webhook validations by analyzing around 100 webhook providers:
Webhook Security in the Real World
Another interesting solution comes from github to help with webhook development. This solution saves setting up tunnels which (at least with free versions) change their public url every x hours meaning you need to reconfigure endpoints. You can join their beta program to use the GH CLI for local port forwarding:
Coding
Somehow I write more and more shell scripts. Mostly because the Windows Subsystem for Linux is so simple to use, but I also like the power of a shell script. You can use some tools however, like checking your script on common issues:
ShellCheck – shell script analysis tool
But do not start from scratch, there are nice templates:
Use the Azure Functions Admin API to trigger a function
Use the Azure Functions Admin API to trigger a function
Some while ago I posted the below tweet; let me know if you share those or have more suggestions!
Michiel van Oudheusden @mivano@mastodon.social
Observations while working with distributed systems:
👉Handle transient errors (retry/timeout/circuitbreaker patterns)
👉Minimize dependencies as others will go offline (outbox and queues)
👉Embrace eventual consistency and idempotency
👉Employ distributed tracing

More tips?
GitHub
Systems like github actions are more and more illegally used for bitcoin mining. There are safeguards in place, but the attackers use automatic account creation, random VPN connections, solve 2FA phone prompts etc so they can run docker containers.
Sysdig TRT uncovers massive cryptomining operation leveraging GitHub Actions – Sysdig
Talking about security, my colleague Rob Bos did some interesting work by analyzing the GitHub marketplace and found some scary results:
Are you already using the excellent GitHub CLI tool called GH? Are you aware that you can also use extensions?
A nice list of those can be found here: https://github.com/kodepandai/awesome-gh-cli-extensions
Do you still remember your first Pull Request on GitHub?
I could not, but you can look it up with this site:
It happens to the best of us; committing a secret. GitHub already had the ability to detect checked-in secrets, but it will now also disallow you to push secrets to GitHub:
Proactively prevent secret leaks with GitHub Advanced Security secret scanning | The GitHub Blog
Computing
A trip down memory lane; remember FrontPage or Visual InterDev? Why do we use port 80? Where does the IMG tag came from?
An interesting look at the history of web tech by @stevensanderson
Keynote: Why web tech is like this - Steve Sanderson
Keynote: Why web tech is like this - Steve Sanderson
Interesting highlight by Kong on async culture: “Managers should encourage a written-heavy culture. This usually takes the form of memos, wiki pages and markdown documents. A written culture naturally encourages an async culture.
Read the full article for more tips and tricks:
Tips for Software Teams that Work from Home
Helpers
Something you just need to upload a picture, but it contains some sensitive stuff. You can open paint again, but this online tools works in the browser to redact your image:
Computer Laws
When a measure becomes a target, it ceases to be a good measure.
- Goodhart’s Law
Seen too many times when metrics are used by management. E.g. story points, lines of code, velocity, code coverage.
And with that, thanks for reading and take care of yourself. I’ll see you next time! 
Did you enjoy this issue? Yes No
Michiel van Oudheusden
Michiel van Oudheusden @mivano

Weekly newsletter with articles, tips and links to materials helping you to work in an async and cloud native organization. With a focus on optimizing teams, using tools like GitHub and exploring systems such as REST and API Management.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.