James Healy
James Healy
An experiment in offering the option to assume a role via OIDC (AKA `AssumeRoleWithWebIdentity`) rather than `AssumeRole`. This might be desirable in Buildkite setups where a shared pool of agents...
The default queue in this cluster is `untrusted`, but we're trialing a new queue: `hosted`. The agents on this queue are configured differently, but I expect everything to Just Work.
The default queue in this cluster is `untrusted`, but we're trialing a new queue: `hosted`. The agents on this queue are configured differently, but I expect everything to Just Work.
I'm interested in experimenting with this on a GKE cluster, mainly to see if I can easily export the metrics via prometheus and link it to a horizontal pod autoscaling...
The agent that builds these images runs buildkit, and we can instruct buildkit to push the images directly to the repository rather than export them to the docker image store...
These commands are alternatives to LIST and NLST. They return a machine readable format though, and modern FTP clients often prefer to use them. RFC 3659 has the details: https://tools.ietf.org/html/rfc3659#section-7
Old school FTP is completely unencrypted, which isn't particularly acceptable in 2019. There are extensions to the protocol that enable TLS encryption, and it might be nice to support them....
this is a sensible security precaution
This is a sensible security precaution to ensure the data and control sockets are coming from the same host
This is the opposite of the minimum bleed rule - there must be X distance between a specified PageBox and content.