GeoTechFirst

Excellent presentation by Gobe Hobona about about OGC WEB APIs. A GIS standard that everyone should ensure awareness off.  Youtube link: https://www.youtube.com/watch?v=qSiTaZB9-Xw&t=4675s

An unknown attacker had gained unauthorized access to GoDaddy's managed WordPress site passwords. If you have a site with them make sure you change your password. Source link:  https://www.wordfence.com/blog/2021/11/godaddy-breach-plaintext-passwords/

 Video playlist for FOSS4G 2021 Argentina is available on youtube, Youtube playlist Schedule of the talks is here:  https://2021.foss4g.org/schedule/outline.html

 An attacker can bypass the Management Interface Authentication and execute remote code. 9.8/10 rated CVE for Azure Linux VM users. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38647

 As docker desktop for Mac/Win licensing is changing it is worth to consider open source alternatives. containerd & Lima might be the right combo for you. Source:  https://medium.com/nttlabs/containerd-and-lima-39e0b64d2a59

Solr is an outstanding tool do free text search it also has spatial support. This allows users to search using free text + spatial boundary. An excellent soultion for trying to find assets at a certain geospatial location. Source example: https://stackoverflow.com/questions/48348312/solr-7-how-to-do-full-text-search-w-geo-spatial-search

 Stern is a great command line to for investigations when in the managed kubernetes cluster contains multiple pods and their logs need viewing in the same time. The output is colour coded for easier debuging. GitHub link:  https://github.com/wercker/stern

 When working in a large integration environment with the need to deliver application modules that communicate with other web apis. WireMock is an excellent tool to quickly mock up those external dependencies with their expected responses and use it as mock service that the main component can integrate with. For example if there is team A and team B and the develop 2 separate service parallel WireMock is a great solution to simulate those nine existing services for each other.  Packaged into a docker image it is very easy to create and deploy to Kubernetes and setup as microservice. Links: https://github.com/wiremock/wiremock https://github.com/wiremock/wiremock-docker

Vault sidekick is a very useful open source container that allows vault users to use this side-car add-on to retrieve secrets from their vault service. It is usually used as an init container to start first and provide the relevant values to the main service that starts later. It was release by the Home Office and being used by many enterprises that using HashiCorp Vault as their secret store. Project location:  https://github.com/UKHomeOffice/vault-sidekick

With the availability of cloud APIs that allow users to provision infrastructure via web calls. The concept of infrastructure as code was created and allows cloud users to handle any cloud infrastructure operation as they would with source code for  their applications, This has many great advantages an implementation of this is Terraform an open-source infrastructure as code command line tool, that allows creating of large cloud architectures via declarative configuration files. It also allows those configuration files to be versioned using standard version control means like git. Via its simplicity lets us setup and tear down cloud architectures on demand. Terraform supports all 3 (AWS, Azure, Google cloud) big cloud providers. To get started follow these guides:  https://learn.hashicorp.com/terraform?utm_source=terraform_io&utm_content=terraform_io_hero