Home MSME Tech News Attention Techies: Andela shares useful tips for application delivery

Attention Techies: Andela shares useful tips for application delivery

-

Africa’s leading tech development company, Andela, have shared (via Twitter) some very useful tips for Application Delivery.

The thread, which was anchored by one of Andela‘s top tech engineers, focused on important tips every tech guru/enthusiast will find useful.

We have carefully curated the Twitter thread for your reading and learning pleasure. Please, find below:

Welcome to another session of #AndelaTechTuesday, a weekly thread of tech tips, lessons, tutorials etc. from some of our Senior Software Engineers. 
Our guest for today is @tsmalz, a Senior Technical Team Lead on our internal Engineering team.

@tsmalz is a Senior Engineer with over 9 years of experience, started as a software engineer before moving into DevOps in 2014. He’s the Platform Team Lead on our internal Engineering team. He claims to love collaborating and solving problems.😉

Olatunde will be talking about “Useful Tips for Application Delivery” in today’s session of #AndelaTechTuesday
Follow this thread for the tips 👇🏽

1. Ensure application secrets are not pushed to git repository in plain text. You can achieve this by:
– Git “ignoring” any application secrets file and leaving just an example file.

– Setting up git commit hooks to scan for any secrets. Here is a link to an example of a tool that does this: 

2. Setup repository status checks. Here are details around github status checks help.github.com/en/articles/en…

3. Ensure every entity (engineers, application, basically anyone accessing the system) has the exact access level required to perform it’s designated tasks and ideally every entity in the system should have their own access credentials.

This would help enforce these access levels and reduce risk of secrets exposure with a controllable blast radius. Basically, just think “least privilege principle”. Useful link: 

4. Ensure application log levels are implemented correctly and sensitive data (application secrets and user data) isn’t logged especially in production.

5. Ensure application logging is done asynchronously (non-blocking). 

6. Depending on the context, consider introducing changes to applications in incremental chunks ensuring backward compatibility using feature toggles/gating when required. 
Useful link: 

7. Try to apply changes to application dependencies like application “backing services” and infrastructure in a reproducible fashion. 

Consider Infrastructure as Code tools, Scripts, make sure it is reproducible and changes can be tracked using whatever is practical depending on the context.

8. Application secrets rotation is always nice to have in place.
9. Application health-checks go a long way in achieving application resilience.

We are hiring Software Engineers across all experience levels, come join our amazing team of world-class engineers, take the first step by applying here: bit.ly/2Ro9wM6

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Popular

Understanding Mutual Fund Fees

INSIGHT: Why you really should consider investing in mutual fund today

A Mutual Fund is a Trust or Company that pools money from many investors and invests in a specified class of securities such as stocks, bonds, real estate or a balanced mix of asset classes.
Rubies Bank

Rubies Bank – The Future is here

Rubies is a fully digital banking platform, offering zero fee banking targeted at millennials, young professionals, SMEs, quasi-financial institutions and FINTECH companies.
Ellah Lakes appoints new Managing Director, Ellah Lakes appoints Chuka Mordi, Ellah Lakes acquires Telluria Limited, Nigerian Stock Exchange NSE

NSE has placed these 34 companies on red alert

Authorities of the Nigerian Stock Exchange (NSE) has placed red alerts on some 34 quoted companies as a disciplinary measure for breaching some of its extant rules.