We've already seen the basics of Vault and wrote some code to access it in the last posts, this time we'll focus on two aspects that allow us to have more control over who can do what with our vault. Let's dive into it.
I the previous post we talked about the basics of Vault, its architectural concepts, nomenclature and basic operations that can be performed. Now it's time to turn that theory into practice and write some code in Go that will allow us to access our secrets.
We all have something to hide, I think everyone has to admit that. Being a developer you need to store lots of passwords, tokens, addresses and other pieces of information that you should not reveal to anyone. You could keep them all in a text file, but a part of you knows that you really should not. What are the alternatives? Let's look at one of them, Vault, which is an awesome project by Hashicorp.
Building web applications take much time, but what if you want to create a small website, like a business card? If you are fine with a simple, static content and you are a developer, there is just a perfect place to have it set up in seconds. This post describes how you can create your own site using Github.
One of the things developers like about Go is that it has strong typing, which means that the compiler takes care of making sure that if you expect a string or a number, you will get one. Unfortunately, this approach has limitations, for example, it would be difficult to parse JSON structures since they come from the "outside world". This blog post shows how you can use one specific package from the standard library so that you can handle situations like those.
I've never been any kind of expert on software security, but I've always known that HTTPS beats HTTP at all times. I know that the communication in the latter is not encrypted and your data can be stolen. I always thought that it takes a great deal of effort to secure the connection, but lately, I discovered how little you actually need, thanks to Let's Encrypt and Caddy.
When building a library or an application in Go, we should care about having all our dependencies defined or included in the repository. If we depend on some third party code to work in a certain way, we should have some specific configuration saying that those are the versions that allow our core do its part correctly. With dep, Go's official vendoring tool it is a bit tricky since all the dependencies are moved to one place and then used across all the code. This raises a problem if we have one library in two different versions imported in two places at the same time. Fortunately, we can do something about that.
Even though one of the famous Go proverbs says _a little of copying is better than a little of dependency_, sooner or later you will find yourself importing one into your project. You just cannot solve all the problems your application may be facing, and often it's better to defer to ready, battle-tested solutions. But how should you manage your dependencies? Since we've recently (finally!) saw the premiere of an official tool, dep, let's take a look on that.
I've been meaning to play with BoltDB for a very long time, recently I finally had some time to do so. Why? I often made a mistake of setting up a large database when starting some private project only to see most of my effort going there instead of the app itself. For starters, the simplest solutions are the best, and Bolt is an example of such. Let's check out how can it be used in a small project.
In the previous post, we've taken a look at the basics of creating CLI tools in Go using cobra library. This time we'll dive a bit deeper while creating something actually useful. We'll build a small Redis client that helps us to manage the state of our cache.