Tooling Icon

Tooling

Tooling and apps used to create and deliver awesome software.
192 Stories
All Topics

Kubernetes github.com

Datree is a CLI to ensure K8s manifests and Helm charts follow best practices

Datree is a CLI tool that supports Kubernetes admins in their roles, by preventing developers from making errors in Kubernetes configurations that can cause clusters to fail in production. Our CLI tool is open source, enabling it to be supported by the Kubernetes community.

It’s far more effective than manual processes, such as sending an email to a slew of developers, begging them to set various limits, which likely falls on deaf ears because developers are already overwhelmed.

In addition the CIL, Datree provides a web app interface which you can see in action right here.

Tom Payne github.com

Easy, secure dotfiles management with chezmoi

Here’s how Tom Payne describes his project:

chezmoi is a popular dotfile manager (currently over 4.5K stars on GitHub and increasing quickly). chezmoi helps you get your prefered environment synchronized across multiple machines (e.g. your home desktop, your work laptop, and a temporary development container in the cloud) while easily coping with differences from machine to machine and keeping all your secrets safe either with your password manager or encryption. Using chezmoi feels very much like using git (and indeed it builds on git). chezmoi is easy to install, quick to start with, runs everywhere, and scales from managing a handful of files on one machine to complex multi-machine set-ups with hundreds of dotfiles and plugins.

Getting a new machine set up looks like:

$ sh -c "$(curl -fsLS git.io/chezmoi)" -- init --apply <github-username>

My dotfiles “manager” is just a combination of git clone and setup.sh, but if I used many machines I’d probably reach for something more robust like this. If you’re already using a manager for yours, here’s a comparison guide of how chezmoi stacks up to other popular options.

Kat Marchán kdl.dev

The KDL document language

I read about KDL (pronounced “cuddle”) over the weekend. Color me impressed!

Kat (and others) put a lot of thought into this.

KDL is a document language with xml-like semantics that looks like you’re invoking a bunch of CLI commands! It’s meant to be used both as a serialization format and a configuration language, much like JSON, YAML, or XML.

Check out the FAQ for all the common objections (like why not YAML or TOML or ETC) as well as a note about the XKCD comic you’re probably thinking about. Here’s hoping it catches on. 🤞

HTML github.com

A tool like jq, but for HTML

htmlq uses CSS selectors to extract bits of content from HTML files. Mozilla’s MDN has a good reference for CSS selector syntax.

This looks super handy. Examples!

// Find part of a page by ID
curl --silent https://www.rust-lang.org/ | htmlq '#get-help'

// Find all links in a page
curl --silent https://www.rust-lang.org/ | htmlq --attribute href a

// Get the text content of a post
curl --silent https://nixos.org/nixos/about.html | htmlq  --text .main

Rust github.com

These TODOs will self-destruct in 10... 9...

Problem: TODOs as comments are too often forgotten or neglected

Solution: TODOs as code that triggers compile errors based on set criteria

// trigger a compile error if we're past a certain date
todo_or_die::after_date!(3000, 1, 1); // its the year 3000!

// or a GitHub issue has closed
todo_or_die::issue_closed!("rust-lang", "rust", 44265); // GATs are here!

// or the latest version of a crate matches some expression
todo_or_die::crates_io!("serde", ">1.0.9000"); // its over 9000!

Martin Heinz martinheinz.dev

A solution to software supply chain security

In the recent months there’s been a lot of noise in the area of supply chain security because of increase in attacks, with notable ones like Microsoft Exchange Server or SolarWinds breach. These attacks could have been prevented with proper tools in place, yet finding the right tool for the job might be difficult as this area is hard to navigate and most of us - developers - aren’t security experts. There’s however a project that can solve this. Its name is sigstore and in this article we will look at what it does, why we need it and how it fits into landscape of existing tools in this area.

Jonas Lundberg github.com

Ain is a terminal API client (alternative to Postman, Paw, Insomnia)

Ain was born out of the frustration of working with many API endpoints in GUI clients.

While pretty, I could’t use any shell-scripts or commands such as uuidgen as input to the endpoints without copy pasting from a terminal. And I had to copy-paste the resulting output back into the terminal to further slice and dice it.

I had become a human pipe and my ctrl+c, ctrl+v fingers were hurting. By using curl and/or httpie for the heavy lifting, Ain removes you from the piping of input and output. With Ain, you can:

  • Organize API endpoints using files and folders
  • Use shell-scripts and executables anywhere
  • Put things that change in environment-variables or .env files
  • Share the resulting curl or http(ie)-call with friends and foes
  • Pipe any output for further processing

Command line interface github.com

Bashly - Bash CLI Framework and Generator

This comment on HN does a great job summarizing Bashly.

…think of this as an argparse equivalent for Bash. You provide a YAML file listing commands, subcommands, arguments, and flags, and it automatically generates a Bash script that can parse and validate them, provide help messages, and run your code for each command.

It also lets you keep the actual code for each command and subcommand in separate files, which are merged together into one distributable Bash script at generation time. It’s basically a templating system to auto-generate argument parsing so you don’t have to solve that again or deal with things like optparse.

Go github.com

GoKart – a static analysis tool for securing Go code

Static analysis is a powerful technique for finding vulnerabilities in source code. However, the approach has suffered from being noisy - that is, many static analysis tools find quite a few “vulnerabilities” that are not actually real. This has led to developer friction as users get tired of the tools “crying wolf” one time too many.

The motivation for GoKart was to address this: could we create a scanner with significantly lower false positive rates than existing tools? Based on our experimentation the answer is yes.

See also: npm audit and the shortcomings of security-focused static analysis tools.

Ahmed github.com

Deploy databases and services easily for dev and testing pipelines

Peanut provides a REST API, Admin Dashboard and a command line tool to deploy and configure the commonly used services like databases, message brokers, graphing, tracing, caching tools … etc. It perfectly suited for development, manual testing, automated testing pipelines where mocking is not possible and test drives.

Under the hood, it works with the containerization runtime like docker to deploy and configure the service. Destroy the service if it is a temporary one.

Technically you can achieve the same with a bunch of yaml files or using a configuration management tool or a package manager like helm but peanut is pretty small and fun to use & should speed up your workflow!

Deploy databases and services easily for dev and testing pipelines

Productivity github.com

A Unix-style personal search engine and web crawler for your digital footprint

Apollo is a different type of search engine. Traditional search engines (like Google) are great for discovery when you’re trying to find the answer to a question, but you don’t know what you’re looking for.

However, they’re very poor at recall and synthesis when you’ve seen something before on the internet somewhere but can’t remember where. Trying to find it becomes a nightmare - how can you synthezize the great material on the internet when you forgot where it even was? I’ve wasted many an hour combing through Google and my search history to look up a good article, blog post, or just something I’ve seen before.

If you scan Apollo’s README, you’ll know the author has put a lot of thought into this project. The more I grokked it, the more I thought of Monocle (which we’re doing an episode about soon). Turns out, it’s a direct inspiration (along with Serenity OS for the design).

The Changelog The Changelog #446

xbar puts anything in your macOS menu bar

On this episode we’re talking with our good friend Mat Ryer whom you may know from the Go Time podcast. Mat created an awesome open source tool for putting just about anything in your Mac’s toolbar. It was originally written in Objective-C, but it just got a big rewrite in Go and abig rename from BitBar to xbar.

If you don’t use a Mac don’t hit skip on this episode quite yet! There are lessons to be learned for anyone interested in hacking on tools to make your life better. Plus, with this rewrite Mat has positioned xbar to go cross-platform, which we talk about as well.

Tom MacWright macwright.com

The return of fancy tools

Tom MacWright on the pendulum swinging back and forth between simple and “fancy”

Technology is seeing a little return to complexity. Dreamweaver gave way to hand-coding websites, which is now leading into Webflow, which is a lot like Dreamweaver. Evernote give way to minimal Markdown notes, which are now becoming Notion, Coda, or Craft. Visual Studio was “disrupted” by Sublime Text and TextMate, which are now getting replaced by Visual Studio Code. JIRA was replaced by GitHub issues, which is getting outmoded by Linear.

0:00 / 0:00