Infrastructure

Infrastructure, configuration and general ops-related content, with a side of configuration management

Dynamic matrix generation with GitHub Actions

Using a build matrix with GitHub Actions allows us to run tests across multiple combinations of operating systems, platforms and languages. You can set up huge matrices (a matrix with three …

Getting started with Problem Matchers

Problem matchers are a relatively new concept that allow you to watch unstructured log output for specific details and add annotations to your source code based on what it finds.

The ultimate guide to GitHub Actions authentication

If you’ve done any work with GitHub Actions, you’ve probably come across the GITHUB_TOKEN secret. This token allows you to interact with the GitHub API and push or pull a repositories contents. …

Improve your GitHub Actions security

Just before Christmas, Julien Renaux published a thought provoking article on the risks of using GitHub actions that you don’t own. You can read the whole thing, but Julien provides a summary for us …

Drain Heroku access logs to Logz.io

Recently, I've been looking for a way to compare the visitor numbers to an application I run to the numbers reported in Google Analytics. Our target audience are technical people who are likely …

Testing GitHub Actions with act

GitHub actions are great, but whilst you're building an action it can be quite painful to keep pushing changes to Github to trigger action runs. This is where act can help! act is a command line …

Creating an Azure Blob Storage with azure-cli

A quick reminder to myself on how to create a blob storage instance in Azure

Test Kitchen, Docker and CentOS 7

Whilst trying to add some tests to some Chef cookbooks that run on CentOS 7, I ran into an issue where systemd wouldn't start in a docker container (and so my services wouldn't start up). It was …

Using Azure Resource Manager with Terraform

The Terraform documentation contains a list of steps that you can follow to create access credentials to use Terraform with Azure. No matter how many times I tried I couldn't get them to work.

Changing the httpListenAddress for Jenkins on OSX

I installed Jenkins via homebrew and wanted the web interface to be accessible over the network. By default, Jenkins is launched with the --httpListenAddress=127.0.0.1 option and is only accessible …

Git and NodeJS on Azure Functions

I had a fun time piecing together all of the required documentation to get a version controlled set of functions deployed to Azure Functions.

Building with FPM

We build RPMs for all of our internal projects at DataSift, which means that we end up writing (or more likely, copying) an RPM spec file in to each project. Some of our build tools use FPM to build …

GoCD: Modification check failed for material

After adding submodules to a project, GoCD started complaining that it could not check for modifications whenever we tried to schedule a build for that pipeline. Checking go-server.log on the …

Use Openstack img in Virtualbox

I needed to add some packages to our base Openstack image install recently. The easiest way to do this is to export the img file from Openstack and run it in Virtualbox.

Decrypt Chef encrypted data bag without Knife

I found myself in the strange situation where I had an encrypted data bag and the secret key but no way to decrypt it without my friendly operations coworkers.

Creating a new user in MariaDB

I've never used MariaDB before, but today I needed a MySQL database for the first time since installing Arch Linux and figured that I'd stick with the system defaults.

Ansible without an inventory file

This is a nice little trick. If you're working with a small number of servers (in my case, it was just one - my desktop), Ansible doesn't actually require an inventory file. You can specify a …

Viewing available Ansible facts

When writing playbooks, you may want to perform different actions depending on what kind of machine you're running against. Ansible provides facts about a machine that you can use to filter down to …

Setting the apt cache time using Ansible

When I'm writing Ansible roles, I usually set update_cache to yes in the apt task to make sure that everything is up to date. This is very useful but gets painful very quickly if you start including …

Easy Graphite instances with Docker

Whenever I'm testing code that sends metrics to Graphite, I usually depend on a shared graphite instance that we have accessible on the network as Graphite is quite a lot of work to install locally. …

curl: (35) error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca

Another fun SSL issue today. We managed to get request signing working with a self signed certificate (see this post) but once we bought a real certificate from Gandi things stopped working.

Self Signed SSL Client Certificates

For my current project at DataSift I've been working on identifying requests via an SSL client certificate. There's not much out there on how to do it, so I wanted to document it in case I have to …

Writing an Ansible module using PHP

Bootstrap your environment

Building from source

Ever since I first started using Linux, I've been using package managers to manage my system. Coming from a Windows background I wasn't really sure on how compiling from source works, how to …

Installing nodejs 0.8 on CentOS 5.7

I recently had the task of installing NodeJS 0.8 on CentOS 5.7. I was expecting it to be an uphill battle, but it really wasn't too bad once I realised what needed doing. These are the instructions …

Change/Reinstall OS on a NodeDeploy VPS

I ordered my second NodeDeploy VPS today (PS: They're awesome) and I wanted to reinstall it to run Ubuntu 12.04 instead of Debian 6.0 that it came with. I'd done it before but I couldn't find how to …

How To: Make an Amazon AWS instance disk bigger

Amazon AWS is an awesome service, but there's a few things that always catch me out. The biggest one is that the default EBS hard drive size is 8GB. Normally this isn't an issue, but when you're …

SSH Config Files

Since I started working with Amazon AWS, I've been juggling a million and one different SSH keys. One set for live, one for staging, one with access to only certain servers. Trying to remember which …

The AWS Heisenbug

In my post about the Tweetdig tech stack, I mentioned a Heisenbug that I encountered whilst trying to use NodeJS on a micro EC2 instance.

The TweetDig.com tech stack

A few weeks back I was fortunate enough to have a few pints with Nick Payne, the developer behind faavorite. We chatted about a few things, but it always ended up coming back to either tech stacks, …