# CI/CD

Building A Hardened Docker Image Using Modern Infrastructure Tooling

Hey friend, it's been a while since I last posted here -soon to be four months had I not started writing this article. It's been quite the past few months, but I thought about this subject quite a bit recently as enterprise lessons on design and iteration have prompted me wanting to explore similar practices. What am I exploring -as the title suggests, building Docker images leveraging infrastructure technologies and tooling such as Packer, Puppet, and InSpec! So, why would I use such technologies when a simple `Dockerfile` might suffice for an example like this? Because whereas a `Dockerfile` works only with Docker, these individual components allow us to create a modularized and portable set of layers which can be leveraged in various contexts, such as building virtual machines in a variety of public cloud providers such as Microsoft Azure, Google Cloud, and Amazon Web Services.

Tags

Link

Why You Need A Dog's Opinion For Code Review

Or at least, that's what we all think at the start of the project. Every code-base has their respective hacks, workarounds, and inconsistencies when not kept in check. I imagine that consistent code quality in each pull request is the goal, but we all know how easy it is for items to slip past our reviews. That's why I wanted to explore adding Code Analysis tooling from the very start to the project for both the front-end and back-end. Enter the first tool, Hound!

Tags

Link