Totally agree. I’m glad you read between the lines there. It’s out there if you have the resources to throw at it.

Like most DevOps things, it’s all about the opinionated ecosystem you hop in. It has most things and does most of the stuff you want until you decide to adapt the pattern to your use case and holy fucking shit is it hard to adapt opinionated ecosystems. That’s why I continue to have jobs.

It does with some hoops IIRC. I used act a couple of years ago to test a very distributed flow for enterprise IaC projects. I can’t remember all of the things we had to do and I think I’m conflating some of the podman issues we had on macOS with act issues. AWS credentials were an annoyance, I think, but we worked around it with some community code. Our primary purpose for act was to be the local testing for enterprise action deployment so I’d guess it’s close to yours. I think our conclusion was to distribute the actions to each repo rather than use the central .github repo for actions because of how GitHub handles overrides. My memory is really fuzzy.

If you’re going to believe this internet stranger, start with a very simple set of demos to vet me. I remember being very happy; I do not remember how the team solved it. M

The study talks to 16 Mastodon admins who got to say what they thought Mastodon did. It’s not really a study, it’s just a survey. Being posted here is just confirmation bias. For Mastodon to increase citizen empowerment, there has to be something measured and a control group that isn’t on Mastodon.

From the abstract

In this paper, following a pre-study survey, we conducted semi-structured interviews with 16 Mastodon instance administrators, including those who host instances to support marginalised and stigmatised communities

You really have to read beyond the headline. This isn’t Reddit.

The most frustrating thing about this article is that it completely ignores that good movies targeted at kids still have to be good. Personal complaints aside, the new Mario movie was reasonably good for adults and great for kids. Pixar keeps churning out things that are fantastic on many levels. Bluey is an amazing show that can resonate with kids and parents. I don’t for a minute buy the elitist bullshit of “well you’re not a kid so you can’t comment.” Muppet Treasure Island holds the fuck up as an adult so this writer can fuck right off.

Other answers have only called out rotating the secret which is how you fix this specific failure. After you’ve rotated, delete the key from the repo because secrets don’t belong in repos. Next look at something like git-secrets or gitleaks to use as a local pre-commit hook to help prevent future failures. You’re human and you’re going to make mistakes; plan for them.

Another good habit to be in is to only access secrets from environment variables. I personally use direnv whose configuration file is globally ignored via the core.excludesfile.

You can add other strategies for good defense-in-depth such as a pre-receive hook checking for secrets to ensure no one can push them (eg they didn’t install hooks).

Teens are constantly sleepy because that’s how teens work. School start times especially make it impossible to for them to get proper sleep. I’d say it’s ridiculous that someone who has authority over teens doesn’t understand the fucking basics of teens but it’s the Us criminal justice system where authority is made up and the credentials don’t matter.

This is a common problem. Same thing happens with AWS outages too. Business people get to manually flip the switches here. It’s completely divorced from proper monitoring. An internal alert triggers, engineers start looking at it, and only when someone approves publishing the outage does it actually appear on the status page. Outages for places like GitHub and AWS are tied to SLAs that are tied to payouts or discounts for huge customers so there’s an immense incentive to not declare an outage even though everything is on fire. I have yelled at AWS, GitHub, Azure, and a few smaller vendors for this exact bullshit. One time we had a Textract outage for over six hours before AWS finally decided to declare one. We were fucking screaming at our TAM by the end because no one in our collective networks could use it but they refused to declare an outage.

Absolutes in programming tend to lead to bad designs. This is more a “I’m gonna stir up some shit on Twitter” post than real wisdom.

• No microservices usually leads to bloated, tightly coupled logic that ignores business domains
• No monoliths usually leads to sprawling microservice deployments with tightly coupled dependencies and flavor-of-the-week new ones
• No Kubernetes usually leads to VPS pets or crazy obstacle courses trying to get SSL termination without a million fucking dependencies in a cloud container orchestration system that isn’t as good as Kubernetes
• All Kubernetes usually leads to huge SRE costs for a tiny app

The same shit happened last summer when AWS came out with their “we dropped microservices for a monolith and look at our speed increase” article which ignored good design principles. Sometimes you should split things over business domains so you can deploy and code independently. Sometimes Kubernetes is the best way to handle your scale needs. The stories we normally read are about people doing it wrong (eg AWS making a bunch of microservices inside a domain sending fucking gigs of data between what should have been functions in a single service). Inexperienced folks don’t always know when to move from their minimum viable solution to something that can scale. That doesn’t mean you remove these things, it means you train on when you need them.

Should we abandon design patterns because singletons or flywheels aren’t the correct solution all of the time?

That’s how little they got‽ Holy shit. That’s the steal of the fucking century for all that content. Reddit clearly puts the same stock in its negotiators as it does its 3rd party ecosystem. Anyone who values them more than maybe 2x this price for their IPO is a fucking idiot. Forget Trump’s Art of the Deal. spez needs to write a book.

Nintendo does not sell hardware at a loss and, IIRC, has done so since the Wii. It was a huge deal back when they said they were going to make a profit off the hardware. Given how abysmally the Wii U did, I’m struggling to find coverage of that from 15yr ago that I only vaguely remember. However, that’s been a major point from Nintendo since the Wii, so it’s ridiculous that Epic wouldn’t know that and is clearly just an attack on Google (please don’t read that as me supporting Google or Epic).

“Patent troll” and “required actions to preserve trademarks” are two totally different things. The former is objectively bad in all ways. The second is explainable if there truly is a trademark and said gear infringes on the trademark and may be excusable if the Linux Foundation is forced to act to preserve their branding (trademark law is weird). It’s even more explainable if this is a shitty auto filter some paralegal had to build without any technical review because IP law firms are hot fucking mess. I’m also very curious to see the original graphics which I couldn’t find on Mastodon. If they are completely unrelated and there was an explicit action by someone who knew better, the explanation provides no excuse.

Attacking any company because the trademark process is stupid doesn’t accomplish much more than attacking someone paying taxes for participating in capitalism.

Swartz wasn’t involved in the origins of Reddit. He got involved when Y Combinator combined his company with Reddit (something along those lines?). He was not an actual founder, just an early influencer. In many ways, decoupling him from the shitshow that Ohanian and Huffman have engendered is a good thing.

This is very similar to the argument of Musk being a founder of Tesla.