Building Your Own (JavaScript) Test Doubles

A test double is an object or function that behaves like a real piece of code, but is, instead, solely for a test. It mimics the functionality of something, without being that something. There are plenty of frameworks to deal with test doubles in JavaScript (like sinon), but it's helpful to the various types of… Continue reading Building Your Own (JavaScript) Test Doubles

One Way to Manage Secrets in Dockerized Applications

Putting configuration in the environment is a fairly well acknowledged best practice now. That configuration often includes secrets. But environment variables in container images -- like the docker ENV stanza -- are not really secure. They are built as part of the image, after all, so anyone with access to the image can get at… Continue reading One Way to Manage Secrets in Dockerized Applications

AWS Service Policies vs IAM Permissions

AWS is, at best, complicated. Part of that complexity is that there are often seems to be more than one way to accomplish a goal. Service policies and IAM permissions are a great example of this. Both seem to accomplish the same thing (permissions), but serve different purposes. Service policies is probably not an official… Continue reading AWS Service Policies vs IAM Permissions