skorfmann.com

Had the need to fetch the “url” attribute from yml files nested in a bunch of folders like this

tree content/posts
content/posts
├── 4-methods-to-configure-multiple-environments-in-the-aws-cdk
│   └── index.yml
├── 5-ways-to-bundle-a-lambda-function-within-an-aws-cdk-construct
│   └── index.yml
├── ai-powered-and-serverless-meal-planner-with-open-ai-stepfunctions-and-cdk
│   ├── banner.png
│   └── index.yml
... a bunch more folders

The challenge was to get the url attribute from all the index.yml files and sort them by the createdAt attribute. In a few quick iterations, ChatGPT was able to help me with this

find ./content/posts -name index.yml | while read -r file; do
  python3 -c "import yaml, json; print(json.dumps(yaml.safe_load(open('$file')), default=str))"
done | jq -s . | jq 'sort_by(.createdAt)' | jq -r '.[].url'

Which gives me list of urls sorted by createdAt like this

https://www.sentiatechblog.com/aws-cdk-structure-components
https://aws.amazon.com/blogs/opensource/packaging-and-deploying-aws-lambda-functions-written-in-java-with-aws-cloud-development-kit/
https://youtu.be/OXQSSibrt-A

Had some fun troubleshooting permission issues on AWS while building a Winglang example. Read the full story over here

CDK Multi Language examples are starting to rollout in Terraform. That’s pretty cool see :) This will put CDK for Terraform in front of a lot of people when browsing through the Terraform registry docs.

See this issue in the CDK for Terraform repository. Also, here’s a resource example. Looks like most resources are not yet translated, but that’s probably just a matter of time.

registry

Had to troubleshoot some AWS issues in a Github Actions Workflow, which was kind of hard to debug.

I ended up configuring Terraform to output a log file, and cranked up the Terraform logging level to trace.

TF_LOG: trace
TF_LOG_PATH: ${{ runner.workspace }}/terraform.log

Then, only output the log file if the job failed, since the log file is pretty big by setting the condition to if: failure().

This is an excerpt from the workflow file:

- name: Execute wing test in matrix directory
  if: env.skip == 'false'
  env:
    TF_LOG: trace
    TF_LOG_PATH: ${{ runner.workspace }}/terraform.log
  # runs terraform init, terraform plan, terraform apply, terraform destroy behind the scenes
  run: cd ${{ matrix.example.directory }} && wing test --debug -t tf-aws main.w
- name: Output Terraform log
  if: failure()
  run: cat ${{ runner.workspace }}/terraform.log

Works nicely so far. And Terraform is scrubbing sensitive data in the log file, so that’s good.

tf output

Got a hairy Github Actions issue to troubleshoot? The tmate github action might be your friend. It’s using tmate which is a fork of tmux and the action allows to lock down the access to your SSH key.

- name: Setup tmate session
  if: failure()
  uses: mxschmitt/action-tmate@v3
  with:
    limit-access-to-actor: true

Get a more detailed explanation here

Debugging permission in issues in Github Actions connected to AWS via OIDC can be tedious when done remotely. So, with a bit of setup work, it’s fairly straightforward to debug the role locally as well.

Add this to the Github Role Trust Policy to allow your user to assume the role:

{
    "Sid": "",
    "Effect": "Allow",
    "Principal": {
        "AWS": "arn:aws:iam::<accountId>:user/<iamUserName>"
    },
    "Action": "sts:AssumeRole"
}

So this might look like this:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "",
            "Effect": "Allow",
            "Principal": {
                "Federated": "arn:aws:iam::<accountId>:oidc-provider/token.actions.githubusercontent.com"
            },
            "Action": "sts:AssumeRoleWithWebIdentity",
            "Condition": {
                "StringEquals": {
                    "token.actions.githubusercontent.com:aud": "sts.amazonaws.com"
                },
                "StringLike": {
                    "token.actions.githubusercontent.com:sub": [
                        "repo:<githubRepoSlug>:pull_request",
                        "repo:<githubRepoSlug>:ref:refs/heads/main"
                    ]
                }
            }
        },
        {
            "Sid": "",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::<accountId>:user/<iamUserName>"
            },
            "Action": "sts:AssumeRole"
        }
    ]
}

Add another profile to your AWS config file:

[profile my-account-actions]
role_arn=arn:aws:iam::<accountId>:role/github-actions/my-role
region=<region>
source_profile=my-account

And run the following commands to run Terraform locally with the same permissions as in Github Actions.

export AWS_PROFILE=my-account-actions
terraform apply

Wing Cloud has officially launched today and has been featured on TechCrunch.

Working with the Wing team has offered a truly intriguing and unique experience. They are dedicated to revolutionizing the cloud programming experience using Winglang as the base. My journey as a “Winglang Trailblazer” has been nothing short of enjoyable :)

In this role, I got the opportunity to use Winglang at a very early stage while creating some examples. Starting at a time when significant refactorings were underway made the initial experience a bit challenging. However, this was the fun part: identifying user experience issues, reporting bugs, and suggesting new features as I built things. The entire team and the community on the Slack channel have been extremely supportive.

Witnessing the rapid progression of the language itself, along with the overall advancement of the complete set of tools has been truly rewarding. Although it’s still the beginning, the ecosystem is developing each day. It’s entirely possible to build cloud applications with it today, for instance, a HTTP Terraform Backend implementation, or a Github issue Slack notifier.

I am genuinely excited about the mission and the broader vision of Wing Cloud.

P.S.: If you are planning to attend the WeAreDevelopers conference in Berlin next week, do make a point to meet the Wing team. Also, join us for some light refreshments and informal conversations about cloud-related subjects on the conference’s preceding evening.

“I need a week to get our new project dev env setup before our team can start working on it” - is this a quote from 2002 or 2022 :D

The line above is taken from this video talking about Elixir and Liveview. Quite interesting, even though the video is just the slides with the soundtrack.

https://www.youtube.com/watch?v=C7y4Bs9Jbho&ab_channel=OmahaJavaUsersGroup

I’ve been playing with generating Open Graph images, entirely stateless, only parameterized via the URL.

Here’s an example: The following JSON payload gets base64url encoded

{
  "title": "I've been playing with generating Open Graph images, entirely stateless, only parameterized via the URL."
}

and then used as part of the URL path 

/image/eyJ0aXRsZSI6ICJJJ3ZlIGJlZW4gcGxheWluZyB3aXRoIGdlbmVyYXRpbmcgT3BlbiBHcmFwaCBpbWFnZXMsIGVudGlyZWx5IHN0YXRlbGVzcywgb25seSBwYXJhbWV0ZXJpemVkIHZpYSB0aGUgVVJMLiJ9/og.png

which generates an image like this

og

It was quite a lot of fun to play with all of these tools, and I really enjoyed the simplicity of Cloudflare workers and the wrangler cli

Fun fact: There’s an og-playground for satori, which can be used to design templates. The template which I’m using was generated in a few iterations with ChatGPT (gpt4 model)

Find all the implementation details over here https://github.com/skorfmann/og-link

I’m super happy to see that Martin Müller kicked of the Machine Minds Lisbon Meetup at Volkswagen Digital Solutions.

With close to 70 rsvps and about the usual 50% no-show rate it’s in the same range of the Berlin Meetup last week.

Machine Minds Lisbon Meetup

Reblog: Explore Wing: A New Cloud Programming Language

In Artem Sokhin’s article, you will learn about Wing, a new programming language specifically designed for cloud environments. This language is aimed at reducing complexities in distributed systems and making cloud programming more efficient. Read the article to get a better understanding of this innovation in cloud computing.

https://artemsokhin.medium.com/cloud-oriented-language-or-deploy-your-infrastructure-anywhere-with-wing-34f1d32bf336

My ‘Hello Winglang’ Talk at AWS User Group, Hamburg

Today, I gave a talk on ‘Hello Winglang’ at our local AWS user group.

Key Stats

  • Attendance: A respectable turnout of around 50 people.
  • IaC Tools Used by Attendees:
    • Terraform: Most people are users.
    • AWS CDK: Used by a third of attendees, most were familiar with it.
    • Pulumi / cdktf / plain CFN: Only a few users.

After discussing the basics of Winglang, I proceeded with a live demo.

Feedback & Questions

Post-talk discussions were engaging with some intriguing questions:

  • Multi-cloud: Queries on multi-cloud application capability. However, no use-cases were presented.
  • Deployment: Questions on Winglang’s deployment capability. I assured that it can easily integrate into existing systems without mandating new CI/CD processes.
  • Business model: Raised by some attendees.
  • Target Audience: Questions on whether it’s more suited for individuals, SMBs, or enterprises.
  • DevOps Compatibility: Some wondered if Winglang contradicts the DevOps idea, particularly during the discussions on different roles of developers and platform teams.
  • Custom SDKs: Can organizations build their own SDKs using the existing one?

Personal Takeaways

  • Winglang’s Multiple Dimensions: It’s multi-faceted, with uses in pre/inflight, local, tf-…, awscdk, testing, console scenarios. A focused demo can better highlight the important aspects.
  • Demo Improvements: A visual demo (perhaps on a website) could make the talk more engaging. Code, console, and tests may be abstract for some attendees. A comprehensive, end-to-end demo could be more compelling.