Home of Srđan Đukić

Small organised groups

Thu, 25 Sep 2025 22:55:04 +1200

Small organised groups Link to heading

Reading this Mastodon post about people and various size organisations: https://mathstodon.xyz/@tao/115259943398316677

Recently I have stopped caring about watching or keeping up with the non-local news (and to be honest even a lot of the local news I have switched off of) as it all just seems irrelevant to my life.

I do remember that a lot of people went through a “rejection of news” in particular after the COVID lockdowns in New Zealand. The theory was that after being glued to the TV hanging off every (rather tedious) update, we were all burnt out and struggled to care anymore.

JavaScript security

Mon, 22 Sep 2025 22:23:26 +1200

Shai-Hulud Link to heading

So, recently there’s been a fairly nasty worm in the NPM ecosystem called Shai-Hulud. (NOTE: the name comes from Dune where it’s the original name for the giant sand worms).

The Shai-Hulud, and other attacks, have prompted the increased popularity of documents such as this gem of an best practice document to become popular.

For me, this has become an incredibly sad reality. The NPM package repository, in its quest to claim the title of “biggest” (in terms of the number of packages) seems to have thrown away so much of the utility of open source package repositories. This utility was basically “trust”. I.e. people used it because there was some sort of guarantee that the code published could be trusted.

LLMs becoming boring, motivation and NZ banks

Fri, 19 Sep 2025 19:01:03 +1200

So, this post is a collection of three unrelated articles that I have read recently.

LLMs becoming boring Link to heading

Boring is good Article basically summarising the current state of LLMs. There are so many articles with this same topic and theme at the moment (personally I had my AI rant in a group chat :-D).

The main theme is that it seems that we are finally getting through the hype cycle with LLM based AI and what everyone is finding is that the value seems to be in very specific/niche use cases (e.g. helping me with TypeScript syntax). The use case for higher level code generation/problem solving seems to be spotty at best (at worst you have senior engineers quietly dropping the technology due to the amount of AI “slop” that is produced).

So there's only TypeScript

Thu, 18 Sep 2025 15:40:05 +1200

So there’s only TypeScript Link to heading

When I finished university and was developing my passion for open source software, there came a point where I started feeling disillusioned about the job market and wrote something like “So there’s only HTML” complaining that all I could see in the future in terms of job prospects was developing CRUD web apps. That must have been about 20 years ago now.

Good article about graceful shutdown with Go

Tue, 27 May 2025 12:05:08 +1200

Good graceful shutdown article Link to heading

Just finished reading a good article about graceful shutdown and OS signal handling in Golang.

Was really good and a reminder of all of the things we lerarned when first started using Kubernetes in 2015-2016.

Good discussion about it on HackerNews as well.

Made me think I want to develop a test suite for the graceful shutdown for the sample code. Also lead to some other reading:

Great Information Security resources

Thu, 22 May 2025 16:29:38 +1200

Great InfoSec resources Link to heading

Portswigger Academy - https://portswigger.net/web-security/all-labs

Google CSP Evaluator - https://csp-evaluator.withgoogle.com

Security Trails - https://securitytrails.com

Dehashed - https://dehashed.com

Have I been pwned - https://haveibeenpwned.com/

Reading - 97 Things Every Software Architect Should Know

Fri, 16 May 2025 14:57:10 +1200

Currently Reading Link to heading

I am currently reading the 97 Things Every Software Architect Should Know that someone has linked to and it’s not bad at all. Some really good snippets, some are a bit of a miss.

I am also trying to finish reading the BHP book, I have given up trying to follow along with all of the code examples. I should really finish this one before picking up any new non-fiction books, but the 97 Things… is just so digestible.

Efficiency of Lambda languages

Thu, 15 May 2025 16:21:23 +1200

Efficiency of Lambda languages Link to heading

Today I read this article in which the author designs a (fairly) simple system of Lambda functions and then proceeds to implement the system functions using different languages. I believe that the aim of the “experiment” is to:

verify whether the choice of language makes a difference to the costs of the system
if so, to what extent it makes a difference

The languages compared are Scala, Python, Rust and TypeScript, mainly looking at the associated Lambda costs for each system/language.

Creating new Hugo blog posts

Fri, 02 Aug 2024 18:38:39 +1200

How I create new blog posts Link to heading

So, this is in a way a “meta” article about how I create new blog posts. It’s me mostly being kind to my future self by documenting how to create a new blog post.

The command to create the post Link to heading

The command to create the new post is:

Offline first Mobile apps with HTML5

Thu, 07 Mar 2024 11:23:08 +1300

Review of Offline first Mobile apps with HTML5 Link to heading

Something to know about me is that I regularly follow the Humble Bundle bundles, particularly the technology/programming ones.

Some time ago I purchased one of the bundles that came with access to a bunch of Pluralsight courses. The course titled Creating Offline-first Mobile Apps with HTML5 in particular caught my eye and I signed up and started going through the course.

Reading TOTP QR codes with Python and OpenCV

Thu, 11 Jan 2024 10:37:52 +1300

Read a QR code and extract the data Link to heading

In our case, we want to get the TOTP URL out of a QR code. Documentation for the OTP URL format can be found here on the Yubico website.

Sample code to get the data out of a QRCode image using the OpenCV2 library is here.

This should produce some output such as the following:

otpauth://totp/Example%20Company%3AJohn.Doe%40example.com?secret=aaaabbbbcccceee1123m&issuer=Google

GitLab CI workflow with Python Flask app

Fri, 15 Sep 2023 10:51:47 +1200

GitLab CI workflow with Python Flask app Link to heading

About Link to heading

In this blog post we are going to learn about GitLab CI, specifically looking at Deploy/Release automation.

We will be using a simple Python Flask app to do this, deploying to Google Cloud’s Cloud Run service.

The post assumes that you have a GitLab account (to store our code and run the CI), a Google Cloud account (to have somewhere to deploy our code to) and Python and Docker installed locally.

Zenva Object Oriented C++ course

Wed, 23 Nov 2022 15:21:18 +1300

Zenva Learn Object-Oriented C++ by Building a Game Link to heading

A while ago I bought a bunch of Zenva programming courses from Humble Bundle as some of the courses covered C++, which I hadn’t touched since university, but was becoming a language that I was dealing with semi frequently in my new role.

So, this was a “refresher” on the C++ world and where it had come to in the last 10 years or. The course I did can be found here: https://academy.zenva.com/product/learn-object-oriented-cpp-by-building-a-game/

Friday 12th August 22

Fri, 12 Aug 2022 10:19:26 +1200

HackerRank electronics shop problem:

func getMoneySpent(keyboards []int32, drives []int32, b int32) int32 {
 maxSpend := -1
 
 for _, k := range(keyboards){
 for _, d := range(drives){
 price := int(k + d)
 if price <= int(b) && price > maxSpend {
 maxSpend = price
 }
 }
 }
 return int32(maxSpend)
}

Surprisingly got this on the first go. HackerRank using “int32” everywhere is annoying as it means typecasting all over the place

HackerRank cats and a mouse problem:

func catAndMouse(x int32, y int32, z int32) string {
 aDist := math.Abs(float64(z - x))
 bDist := math.Abs(float64(z - y))
 
 if (aDist == bDist){
 return "Mouse C"
 } else if (aDist < bDist) {
 return "Cat A"
 } else {
 return "Cat B"
 }
}

This one was frustrating due to type casting as well, but not because of HackerRank, but because of Go’s math.Abs function, which apparently can’t figure out what to do with an int? Though, it looks like it might have had auto-casting before, but no longer does.

Thursday and daily blogging

Thu, 11 Aug 2022 11:21:35 +1200

A random Thursday in August Link to heading

So, in order to try and slay my own demons of procrastination and a general feeling of not achieving anything, I’ve decided to start blogging regularly about all the big and small achievements every day.

Today I:

Solved two basic HackerRank exercises:

Drawing Book

func pageCount(n int32, p int32) int32 {

 numBuckets := n/2
 
 bucketNumber := p/2
 
 wayFromBack := numBuckets - bucketNumber
 if (bucketNumber < wayFromBack){
 return bucketNumber
 } else {
 return wayFromBack
 }
}

Which was surprisingly easy in the end, but for some reason I massively over-thought it when I first looked at it. Also “buckets” was a weird choice of naming looking at it now.

Setting up Mutual TLS with Prometheus

Thu, 14 Jul 2022 16:48:56 +1200

About Link to heading

So, recently I was tasked with trying to securely enable metrics collection from servers which did not have a private/management IP, only a publicly routable IP address.

This was a challenge in that if we are going to expose metrics over the public internet, security becomes a much bigger focus.

While it was tempting to rely on a single mechanism to restrict access (such as firewall rules to only allow connections from the Prometheus server), experience has taught us that it’s much better to not assume that any single mechanism will work all the time (see: Swiss Cheese Model). Instead we should adopt several security mecahnisms such that if a single one fails, others will pick it up (also called “Defence in Depth”).

Generating CA and certificates with CFSSL

Thu, 14 Jul 2022 12:08:24 +1200

Generating a CA and signing certificates with CFSSL Link to heading

About Link to heading

Background Link to heading

Recently I was trying to setup an example mutual TLS configuration between Prometheus (the server) and Node Exporter. In doing so I used OpenSSL to generate a CA and certificates for Prometheus and then have the Node exporter trust any client certificates signed by the CA.

Read the requirements carefully

Tue, 21 Jun 2022 09:21:11 +1200

Reading the requirements Link to heading

So, last night I couldn’t sleep and decided to hop onto hackerrank.com and have a go at attempting the divisible sum pairs problem:

Given an array of integers and a positive integer k, determine the number of (i, j) pairs where i < j and ar[i] + ar[j] is divisible by k.

It looked fairly straight forward and in fact I was pretty sure that I had attempted a problem like it previously. So, I had a go at a first draft of the code, had some simple loop issues, to be expected and then passed the first test case! Yay!

Docker install in 2022

Fri, 13 May 2022 16:05:14 +1200

#How to Install Docker in 2022

So, assuming that you only need the CLI, don’t need the K8s, you should just follow the guide here:

https://docs.docker.com/engine/install/ubuntu/

Avoid the snap as it has issues with outbound access from running containers.

Adding Ansible syntax highlighting to Vim

Mon, 14 Feb 2022 15:28:40 +1300

How to add Ansible playbook syntax highlighting to Vim Link to heading

After a lot of trying out different Vim plugins to try and find one that works, it seems that:

https://github.com/pearofducks/ansible-vim

was the only plugin that worked out of all the ones I tried.

Creating SSHFP records

Tue, 01 Feb 2022 11:32:46 +1300

How to setup SSHFP records to verify SSH fingerprints Link to heading

What are SSHFP records and what problem are we trying to solve? Link to heading

NOTE: Feel free to skip this part if you know what SSHFP records are and want to get to the instructions

So, you might have noticed that every time you connect to a server over SSH you get a message like this:

Terraform and deduplication

Mon, 11 Oct 2021 22:51:06 +1300

Terraform and deduplication Link to heading

One of the issues I hit today was Terraform not picking up that I had declared an IAM policy for the same SNS topic in two different places. In fact it took me a long time to figure out what was going on as Terraform decided to use one of the policies and I couldn’t understand why the changes I was making were not being reflected at plan/apply time.

Learn Go with Tests book

Thu, 07 Oct 2021 23:08:40 +1300

Learning Go with Tests book Link to heading

About a year and a half ago, I started learning the Go programming language using this excellent Udemy course. This was good as a language introduction and allowed me to learn all the features of the language and how it worked under the hood. However, by itself I don’t really feel I got a massive amount from that course.

What is Bazel?

Sat, 02 Oct 2021 22:28:48 +1300

What is Bazel? Link to heading

Recently I read an article from the Uber engineering team about how they are using Bazel on their Go monorepo. This prompted me to take a look at Bazel and what it does differently to other build systems.

Bazel is an open source build and test tool that originally came from Google. The main reasons why you might want to use it instead of the plethora of other build/test tools out there is that is optimised to do dependency management between libraries and services/binaries, regardless of language or framework. As such, it is arguably the perfect tool if you are implementing a polyglot microservice architecture that you version in a single monorepo. Think being able to “fan out, fan in” efficiently across many different services.

Team Topologies Book Review

Fri, 01 Oct 2021 23:17:55 +1300

Team Topologies Link to heading

I recently read the Team Topologies book, which I think was excellent. Specifically, for me, it did a great job of taking a lot of concepts around organising teams that I’ve seen startups and other fast moving companies use (i.e. a platform team as an internal product team) and formalised them into a framework.

While I don’t think anything in the book itself was particularly novel, the authors did a terrific job in distilling and simplifying the knowledge, by describing the problem, the technique to remedy the issue and why it “works”.

Docker Container image scanning

Wed, 29 Sep 2021 21:59:32 +1300

Docker Container image scanning Link to heading

Some time ago, I wrote an article talking about the state of container scanning as it became clear that container images were going to have to be patched and the process was going to have to be managed just the same as we do for Linux boxes.

Recently, the question came up again at work after a colleague rightly balked at the integrated Azure Container Registry option (Azure Defender for ACR) costing ~$0.44NZD every time you want to scan an image. As such, this post is an attempt to summarise the state of container scanning and the avaible options at time of writing, with a focus on open source solutions that are easy to use and integrate into CI.

The rise of K8s for infrastructure management

Tue, 28 Sep 2021 22:01:55 +1300

The rise of K8s for infrastructure management Link to heading

One of the typically overlooked aspects of moving to microservice architecture in general (and specificallyK8s for the purposes of this article) is the fact that each service “owns” its own datastore. Unless constrained by costs, this means a fully managed datastore instance (e.g. RDS). Once we accept that the service owns and manages the creation, upgrades etc… of its own datastore, it then becomes logical to store the “infrastructure code” for this next to the application code (i.e. in the same repository). This is good as it really gives the team responsible a sense of autonomy of their own infrastructure and, currently, likely looks like a bunch of Terraform files in a directory in version control, next to the application code.

My Second Post

Mon, 27 Sep 2021 22:36:10 +1300

Second Post Link to heading

Hi Again. Trying out the GitHub Actions triggers to rebuild and publish Hugo to the correct branch.

My first post

Sat, 25 Sep 2021 21:58:46 +1200

Hello World! Link to heading

Hi! This is my first blog post.