Forem: Aaron Berry

Generating Encrypted Key Pairs In Python

Aaron Berry — Sun, 25 Jul 2021 02:54:35 +0000

I recently had a requirement to produce some code that can generate encrypted PEM encoded RSA key pairs that can be used for snowflake key pair authentication for service accounts. I didn't find a lot of clear documentation on what the best practice was to do this in a python environment, so ill share what I came up with that allows you to produce an RSA key pair with the following properties:

It is a PEM encoded format for both public and private keys
PEM encoded Private key is encrypted with a password for further security and to align with snowflakes recommendations

To achieve this, I used the python cryptography package. It has all the necessary backends we need for PEM encoded keys and for applying our encrypted password. I found that some other common crypt packages did not expose configuration in their python classes that are available in the underlying OpenSSL binary. Our intended outputs from this process will be a password for our private key, an encrypted PEM encoded RSA key, and a PEM encoded public key.

You can use the repo I have created if you wish to follow along with the example.

Creating an Encrypted PEM Encoded RSA Key Pair

The first thing we will want to do is generate an RSA key pair with the python cryptography library. You are strongly recommended to use the defaults for this module for the security implications, but you may configure as you need and know the impact of those changes.



from cryptography.hazmat.primitives.asymmetric import rsa

private_key = rsa.generate_private_key(
    public_exponent=65537,
    key_size=2048
)

With your key pair object, you will then be able to encode it in your desired format. We will use the PEM encoding for our key pair and produce the required bytes for our PEM encoded public and private keys. Take note of us passing the bytes for our private key password when calling private_key.private_bytes.



from cryptography.hazmat.primitives import serialization

private_key_pass = b"your-password"

encrypted_pem_private_key = private_key.private_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PrivateFormat.PKCS8,
    encryption_algorithm=serialization.BestAvailableEncryption(private_key_pass)
)

print(encrypted_pem_private_key.splitlines()[0])
# b'-----BEGIN ENCRYPTED PRIVATE KEY-----'

pem_public_key = private_key.public_key().public_bytes(
  encoding=serialization.Encoding.PEM,
  format=serialization.PublicFormat.SubjectPublicKeyInfo
)

print(pem_public_key.splitlines()[0])
# b'-----BEGIN PUBLIC KEY-----'

If you do not require an encrypted private key file, you can always pass no encryption for the key like so.



from cryptography.hazmat.primitives import serialization

unencrypted_pem_private_key = private_key.private_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PrivateFormat.TraditionalOpenSSL,
    encryption_algorithm=serialization.NoEncryption()
)

print(unencrypted_pem_private_key.splitlines()[0])
# b'-----BEGIN RSA PRIVATE KEY-----'

With our PEM encoded public and private key bytes, we can generate them into strings if you wish to write to file or save them in another service.



private_key_file = open("example-rsa.pem", "w")
private_key_file.write(encrypted_pem_private_key.decode())
private_key_file.close()

public_key_file = open("example-rsa.pub", "w")
public_key_file.write(pem_public_key.decode())
public_key_file.close()

When we put all these pieces together, we get the following completed code example.



from cryptography.hazmat.primitives.asymmetric import rsa

from cryptography.hazmat.primitives import serialization

private_key = rsa.generate_private_key(

    public_exponent=65537,

    key_size=2048

)

private_key_pass = b"your-password"

encrypted_pem_private_key = private_key.private_bytes(

    encoding=serialization.Encoding.PEM,

    format=serialization.PrivateFormat.PKCS8,

    encryption_algorithm=serialization.BestAvailableEncryption(private_key_pass)

)

pem_public_key = private_key.public_key().public_bytes(

  encoding=serialization.Encoding.PEM,

  format=serialization.PublicFormat.SubjectPublicKeyInfo

)

private_key_file = open("example-rsa.pem", "w")

private_key_file.write(encrypted_pem_private_key.decode())

private_key_file.close()

public_key_file = open("example-rsa.pub", "w")

public_key_file.write(pem_public_key.decode())

public_key_file.close()

Connect further

Make sure to follow on Medium, Twitter or Email
If you are thinking of subscribing on Medium, you can use my referral link
Connect with me on LinkedIn if you want to chat

Articles around the web (03-05-2020)

Aaron Berry — Sun, 03 May 2020 13:46:40 +0000

Here's a collection of some interesting articles from around the web this week revolving around all things technology and programming. This is part of the CodePunnet blog weekly newsletter. If you would like to get this update in your inbox make sure to subscribe to the newsletter.

→ Development Environments at Slack

The engineers at slack once again provide a glance on how they manage some of their technical processes. In this article they cover how they manage Dev environments and show how with effective management and tooling of these environments can be "critical to the success of any technology company".

→ Is TypeScript Really... A Language??

Check out this interesting discussion into is typescript really a language? This in depth article covers all aspects of the topic from the definitions of programming languages and whether it all even actually matters.

→ Advice for Writing a Technical Resume

If you find yourself with a lot of free time during this pandemic consider taking some of that time and giving your resume a cleanup. This article provides some great points on how you can update your technical resume and hopefully score some interviews or offers when restrictions begin to be lifted.

→ Using Formik to Handle Forms in React

On almost any site you will find some kind of form. This article shows how easy it is to manage forms in react using the npm package Formik with a dive into the multiple possible implementations and common validation and error handling scenarios.

→ How Netflix brings safer and faster streaming experiences to the living room on crowded networks using TLS 1.3

The engineers at Netflix provide some insight into their results from a security analysis into the usage of TLS 1.3 vs TLS 1.2 and the increased performance of the newer version for streaming performance, especially when the world is seeing more streaming than ever.

→ Deep Equality checking of Objects in Vanilla JavaScript

If you've ever wanted to know how deep equality checking works and how you could implement it this article looks at how you can create your own deep equality checking just with vanilla javascript.

→ How the pandemic changed traffic trends from 400M visitors across 172 Stack Exchange sites

Stack overflow shares some insights into how they are seeing changing traffic trends due to the global pandemic. This article shares some uplifting news on how these traffic patterns are showing people increased interest to learn and to see traffic surges in important communities like academia and questions on how to move to remote working situations.

→ How to: AWS Service Endpoints via Terraform for fun and profit

This in-depth endpoint shows how you can use Terraform and AWS service endpoints to easily connect public AWS resources to your private VPC subnets.

That's all the links for this week, stay safe and look after each other (But not too close). 🤚

Connect further

Read more articles over on the Code Punnet blog.
Consider subscribing to the blogs weekly newsletter.
Follow for more on twitter or the blogs RSS feed.

Articles around the web (26-04-2020)

Aaron Berry — Sun, 26 Apr 2020 08:12:58 +0000

→ Patterns for Managing Source Code Branches

Martin Fowler is starting a new article series on common patterns on how you can effectively manage source code branches with the first article covering source branching. You can never learn enough about git and branching so every developer can gain something from this series.

→ Top Kubernetes Courses You Can Take For Free

If you've found yourself spending a lot more time at home consider checking out some of these free course to get you up-skilled on Kubernetes all the way from the fundamentals of installation and configuration to more advanced topics like controllers, deployments and managing storage and scheduling.

→ Brush up your COBOL: Why is a 60-year-old language suddenly in demand?

Due to the current demands on some of our ageing systems there has been a bit of an uptick in the need for COBOL programmers. This article from stack overflow has a look into the history of COBOL as a language and should help guide you through some nice COBOL examples you should be able to run yourself.

→ Quarantine work is not Remote work

Scott Hanselman has been providing developers with some great resources on working remotely but with the current pandemic pushing more people into a remote work like scenario he shares his thoughts on how taxing this period can be as well as some resources to make this period of time a bit easier.

→ Google Chrome’s new update finally allows you to organize and group tabs!

You can now get tab groups in your chrome browser with this sneaky new addition. Just like when dark mode first found its way to chrome you can follow this quick guide to enable the experimental feature in your chrome browser today.

→ How to Set Up Serverless Form Submissions with AWS Lambda

Creating Serverless functions can be a great way to achieve the functionality you need without having the extra bloat of a full backend stack f you don't need it. In this great article, it runs you through how you can easily set up a lambda function on AWS to handle form submission using the Serverless framework.

→ Ops By Pull Request: An Ansible Gitops Story

GitOps is becoming a more popular concept within organisations as a way to try and streamline the development and release process. The people at Red Hat discuss the basic concepts of GitOps and how this can be achieved with Ansible in an agentless, flexible and repeatable way.

→ From 48k lines of code to 10—the story of GitHub’s JavaScript SDK

An interesting look at some of the thought processes to developing and maintaining an open-source library. In this article, the Gregor Martynus discuss where his GitHub JavaScript SDK came from and the steps to get to where it is now with the much smaller (and more maintainable) codebase it is in now.

→ How Netflix uses Druid for Real-time Insights to Ensure a High-Quality Experience

Apache Druid is a high-performance real-time analytics database and the engineers at Netflix go over how it powers real-time analytics insights at Netflix. This article covers the whole pipeline from ingestion, data management and querying giving some great insights at how this is done at scale.

→ Controlling Service Readiness in Docker Compose

A quick article showing you how you can make sure that your applications are actually ready to receive traffic after they are done starting up if your applications are declared in docker-compose with just the use of one small container dokku/wait to check if your applications are actually ready and started.

That's all the links for this week, stay safe and look after each other (But not too close). 🤚

Connect further

Read more articles over on the Code Punnet blog.
Consider subscribing to the blogs weekly newsletter.
Follow for more on twitter or the blogs RSS feed.

Articles around the web (05-04-2020)

Aaron Berry — Sun, 05 Apr 2020 06:50:36 +0000

→ Deploys at Slack

The engineers at slack once again go over some of their internal findings from their internal processes. This time they cover what it is like to deploy code at slack hoping to share how you can make deploying code easier and safer for everyone in your organisation.

→ Pluralsight - All 7,000+ Programming courses are free for April!

Pluralsight is technology skills platform, companies can up-skill teams and increase engineering impact and for the month of April, they are releasing all of their paid programming course for free with no credit card required. Since a lot of us are already in lockdown or entering it this is a great time to make the most of it and learn a new skill.

→ An Annotated Docker Config for Frontend Web Development

This article provides an in-depth guide to the advantages of using Docker to set up your front-end web development project. By the end of it, you should have all of your project defined in a docker file that you are easily able to run on your machine or anyone else's with one easy command.

→ React Suspense in Practice

This in-depth look at React suspense goes over how it can be used to create better user experiences with a multi-data source web application. With react suspense were able to communicate to the user the state of loading the multiple data sources whilst keeping as much of the UI as interactive as possible.

→ How Big Technical Changes Happen at Slack

The engineers over at slack share some thoughts about how they approach performing big changes at their organisation. In this article, they go over the adoption curve while sharing their learnings and strategies to navigate this curve coming from slacks own internal technology change initiatives as case studies.

→ How I Got My Website to Load in 1 Second

A great look at some of the tools and processes you can use to optimise your sites for faster loading and better user experiences. There should be some learnings in this article that should be usable for almost any website.

→ Laura Kalbag – How to read RSS in 2020

If you've wanted to regain control back over your media consumption check out this comprehensive guide on how you can achieve this with RSS in 2020. In this article, the basics of RSS is covered as well as many recommendations for RSS readers to ingest these feeds for anyone's use case.

→ How to Host A Website On Google Drive for Free

If you got a site that you need to host for the minimum amount of effort check out this article that shows how you can host your site just on your google drive.

Hopefully, you can all find a way to stay busy and make the most out of isolation/lockdowns but make sure you remember to stay safe and stay healthy.

Connect further

Read more articles over on the Code Punnet blog.
Consider subscribing to the blogs weekly newsletter.
Follow for more on twitter or the blogs RSS feed.

Articles around the web (29-03-2020)

Aaron Berry — Sun, 29 Mar 2020 10:55:27 +0000

→ Ansible 101 by Jeff Geerling - new series on YouTube

Jeff Gerrling has started a new series called Ansible 101. If you've ever wanted to get started using ansible or wanted to go over the basics again you should follow along with the series following along with his book ansible for DevOps. If you've ever checked out anything todo with ansible you've probably seen his name pop up in the community so he's got a lot of knowledge to share when it comes to Ansible and how it can help you manage your configurations.

→ Take Remote Worker/Educator webcam video calls to the next level with OBS, NDI Tools, and Elgato Stream Deck

Scott Henselman goes over some great software you can use to make your video streaming setup even better hopefully making it easier to share information with your students or workmates so that you can get your work done easier and quicker.

→ SQL and Database Wrap Up - March 2020

With March coming to an end the monthly database wrap up from Helen Anderson is in again. If you have to work with databases you should be able to find something interesting or relevant to your work in this article.

→ Scaling DevOps with Ansible

This multi-part series covers designing and using Ansible roles within an organization in such a way that developers regardless of the business can contribute and build out a catalogue of DevOps services. If you work in a medium-to-large enterprise software shop, this is for you.

→ In depth guide to running Elasticsearch in production

This guide is a fantastic resource for everything to do with getting elastic search production-ready for your needs. It covers everything from the basics of how elastic search is designed and functions all the way to some of the intricacies of running it in a production environment and all of the requirements that are involved.

→ February service disruptions post-incident analysis

Github may have experienced another service interruption in February but it is another great opportunity to learn from what happened. With this post-incident analysis, we find out the timeline of what happened as well as what was learned by Github from the incident as well as the most important step of what is done to remediate this incident from happening again.

→ Six years of the GitHub Security Bug Bounty program

As the Github bounty program enters its 6th year the organisation takes a look at some of the highlights for 2019 and 2020 so far for the program such as some of the cool bugs that have been discovered and remediated.

→ Canary Deployment: What It Is and How To Use It

In this article, you should get all the information you need to understand canary development and hopefully answer some of the questions that cause so much confusion around it such as, "Does the Release Need It?", "What Infrastructure Do I Need?" and others.

→ Hands On With Ansible collections

If you work with ansible there's some interesting changes coming down the pipeline around how modules are now being handled as collections. This article should give you all the information you need to get started with these collections and migrate your code to using them.

→ Unexpected benefits of asynchronous remote work

With all the work from home changes happening for most people, this article covers some of the unexpected changes that have been positive when carrying out work asynchronous when teams are working remotely from each other.

Another week wrapped up with lots of news outside of the tech and programming sphere as well as inside it. Remember to keep safe and keep healthy.

Connect further

Read more articles over on the Code Punnet blog.
Consider subscribing to the blogs weekly newsletter.
Follow for more on twitter or the blogs RSS feed.

Articles around the web (22-03-2020)

Aaron Berry — Sun, 22 Mar 2020 08:02:40 +0000

→ NPM is joining GitHub

With this acquisition, Github has said their main focus for NPM is to help NPM invest in the registry infrastructure and platform, Improve the core experience and engage with the community further. With this acquisition, Microsoft is further solidifying its stance as an open-source player in the market.

→ Building a more accurate time service at Facebook scale

Working with time can always pose some challenges but at the scale of an organisation like Facebook, these can get quite complex and require a high degree of accuracy and reliability not usually designed for. In this article, the engineers at Facebook assess some of the time synchronisation options out there with a very deep look at the analytical advantages and disadvantages of each.

→ Scaling your VPN overnight

With COVID-19 forcing a lot more people to begin working from home quickly means that a lot of organisations have also had to scale their remote work infrastructure as well. The stack overflow team shares its findings from this experience and some of the best practices they have developed.

→ The CSS Podcast

If you're a developer who enjoys CSS this new podcast is for you. Adam and Una from google get together to discuss all things in the world of CSS with their first two episodes covering "The box model" and "Selectors"

→ How to develop a defensive plan for your open-source software project

In this article, you'll find some of the core principles you should consider for planning your open source project defensively to make it as secure as the most rigorously developed proprietary code.

→ How event-driven architecture solves modern web app problems

A great discussion on some of the key problems in modern web development and how designing applications with an event-driven architecture can solve some of these problems in a more novel way.

→ CSI: The case of the missing WAV audio files on the FAT32 SD Card

An in-depth investigation into an interesting hardware storage issue with certain file types on SD cards. If you enjoy working with hardware or learning about the interaction between hardware and software you'll find something interesting in this article.

→ Working from home tips from our experienced remote employees

Again with more people working from home for extended periods of time some of the experienced remote employees at stack overflow share some of their personal tips for making this time as easy and productive as possible.

→ How To Give Engineers Filtered Database Access

Data access for developers is always a challenge trying to balance making it as easy as possible whilst also making it as secure as possible. This article covers a strategy on how you can do this as effectively as possible.

→ Observability for Frontend Developers

This article provides you with a great explanation of what observability is and how frontend developers can use it to make their work more productive and easier when addressing issues with their code.

→ Donate Your Unused CPU Cycles to Fight the Coronavirus

If you have a spare computer at home you can help the fight against COVID-19 by helping solve protein folding problems using your CPUs idle cycles. This article should get you started installing and using "Folding At Home" to try and help in any way possible.

→ A Few Background Patterns Sites

A collection of some sites where you can get some quick background patterns for your applications or sites in a pinch for anything you may be developing.

That's all the links for this week, stay safe and look after each other (But not too close). 🤚

Connect further

Read more articles over on the Code Punnet blog.
Consider subscribing to the blogs weekly newsletter.
Follow for more on twitter or the blogs RSS feed.

Creating proxmox templates with packer

Aaron Berry — Sun, 01 Mar 2020 13:18:22 +0000

I've been using proxmox for a while now in my homelab as an open-source alternative to something like ESXi for a virtualization platform. With proxmox when can create templates for our VMS so we can have a standard starting point to install our applications on top of, these templates can be useful too so that you can pre-install packages for authentication, security, logging and etc without anyone else needing to think about it.

However, creating and managing these templates can become a challenge with how time-consuming and manual it can be. I want to show you how you can make this process more standardized and automated with the use of packer to allow you to declare your proxmox templates as code.

What is packer

Packer is a utility that allows you to build virtual machine images so that you can define a golden image as code. Packer can be used to create images for almost all of the big cloud providers such as AWS, GCE, Azure and Digital Ocean, or can be used with locally installed hypervisors such as VMWare, Proxmox and a few others.

To build an image with packer we need to define our image through a template file. The file uses the JSON format and comprises of 3 main sections that are used to define and prepare your image.

Builders: Components of Packer that are able to create a machine image for a single platform. A builder is invoked as part of a build in order to create the actual resulting images.
Provisioners: Install and configure software within a running machine prior to that machine being turned into a static image. Example provisioners include shell scripts, Chef, Puppet, etc.
Post Processors: Take the result of a builder or another post-processor and process that to create a new artifact. Examples of post-processors are compress and upload to compress and upload artifacts respectively, etc.

By using packer we can define our golden VM image as code so that we can easily build identically configured images on demand so that all your machines are running the same image and can also be easily updated to a new image when needed.

Preparing your packer template

For the following examples ill be referencing files from this example repo you can follow along with and should be a solid template to start off from for your own custom proxmox templates.

To create the template we will use the proxmox builder which connects through the proxmox web API to provision and configure the VM for us and then turn it into a template. To configure our template we will use a variables file, to import this variables file we will use the -var-file flag to pass in our variables to packer. These variables will be used in our template file with the following syntax within a string like so "passwd/username={{ user 'ssh_username'}}".

Now the builder block below will outline the basic properties of our desired proxmox template such as its name, the allocated resources and the devices attached to the VM. To achieve this the boot_command option will be used to boot the OS and tell it to look for the preseed file to automate the OS installation process. Packer has an inbuilt HTTP server to serve this preseed.cfg file to the VM as its installing by using the http_directory option in the builder to specify the public files of the HTTP server. Check out the ubuntu preseed documentation for info on modifying the automatic installation process of the OS via a pre seed file.

{
  "builders": [
    {
      "type": "proxmox",
      "proxmox_url": "https://{{user `proxmox_host`}}:8006/api2/json",
      "insecure_skip_tls_verify": true,
      "username": "{{user `proxmox_api_user`}}",
      "password": "{{user `proxmox_api_password`}}",

      "vm_id": "{{ user `vmid` }}",
      "vm_name": "{{user `template_name`}}",
      "template_description": "{{ user `template_description` }}",

      "node": "{{user `proxmox_node`}}",
      "cores": "{{ user `cores` }}",
      "sockets": "{{ user `sockets` }}",
      "memory": "{{ user `memory` }}",
      "os": "l26",

      "network_adapters": [
        {
          "model": "virtio",
          "bridge": "vmbr0"
        }
      ],

      "disks": [
        {
          "type": "scsi",
          "disk_size": "{{ user `disk_size`}}",
          "storage_pool": "{{user `datastore`}}",
          "storage_pool_type": "{{user `datastore_type`}}",
          "format": "raw",
          "cache_mode": "writeback"
        }
      ],

      "ssh_timeout": "90m",
      "ssh_password": "{{ user `ssh_password` }}",
      "ssh_username": "{{ user `ssh_username` }}",

      "qemu_agent": true,
      "unmount_iso": true,

      "iso_file": "{{user `iso`}}",

      "http_directory": "./http",

      "boot_wait": "10s",

      "boot_command": [
        "{{ user `boot_command_prefix` }}",
        "/install/vmlinuz ",
        "auto ",
        "console-setup/ask_detect=false ",
        "debconf/frontend=noninteractive ",
        "debian-installer={{ user `locale` }} ",
        "hostname={{ user `hostname` }} ",
        "fb=false ",
        "grub-installer/bootdev=/dev/sda<wait> ",
        "initrd=/install/initrd.gz ",
        "kbd-chooser/method=us ",
        "keyboard-configuration/modelcode=SKIP ",
        "locale={{ user `locale` }} ",
        "noapic ",
        "passwd/username={{ user `ssh_username` }} ",
        "passwd/user-fullname={{ user `ssh_fullname` }} ",
        "passwd/user-password={{ user `ssh_password` }} ",
        "passwd/user-password-again={{ user `ssh_password` }} ",
        "preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/{{ user `preseed.cfg` }} ",
        "-- <enter>"
      ]
    }
  ]
}

In this template, we will also be using the shell provisioner to configure our VM os once it has been installed onto the virtual machine and is available via SSH. This can be helpful for installing the minimum required packages on your VM's such as the QEMU quest agent and cloud init or any other software required. You can also switch this provisioner auto for any of the other provisioners such as ansible, chef or puppet for example.

{
  "provisioners": [
    {
      "pause_before": "20s",
      "type": "shell",
      "environment_vars": ["DEBIAN_FRONTEND=noninteractive"],
      "inline": [
        "date > provision.txt",
        "sudo apt-get update",
        "sudo apt-get -y upgrade",
        "sudo apt-get -y dist-upgrade",
        "sudo apt-get -y install linux-generic linux-headers-generic linux-image-generic",
        "sudo apt-get -y install qemu-guest-agent cloud-init",
        "sudo apt-get -y install wget curl",
        "exit 0"
      ]
    }
  ]
}

And finally, we will use the post processors to run some commands locally. This will make an SSH connection to the PVE host and run some commands manually to set up the virtual devices necessary for cloud init. This post-processor is using the shell-local post processor to run the commands on the local machine running packer but you could always move this configuration to something like an ansible playbook to make the configuration more readable and portable.

{
  "post-processors": [
    {
      "type": "shell-local",
      "inline": [
        "ssh root@{{user `proxmox_host`}} qm set {{user `vmid`}} --scsihw virtio-scsi-pci",
        "ssh root@{{user `proxmox_host`}} qm set {{user `vmid`}} --ide2 {{user `datastore`}}:cloudinit",
        "ssh root@{{user `proxmox_host`}} qm set {{user `vmid`}} --boot c --bootdisk scsi0",
        "ssh root@{{user `proxmox_host`}} qm set {{user `vmid`}} --ciuser {{ user `ssh_username` }}",
        "ssh root@{{user `proxmox_host`}} qm set {{user `vmid`}} --cipassword {{ user `ssh_password` }}",
        "ssh root@{{user `proxmox_host`}} qm set {{user `vmid`}} --vga std"
      ]
    }
  ]
}

Now with your configuration complete, you will be ready to build your proxmox template with packer. Run the command packer build -var-file="./config.json" ./ubuntu-18.04.json You should see some output for each of the builders, provisioners and post-processors.

$ packer build -var-file="./config.json" ./ubuntu-18.04.json
proxmox: output will be in this color.

==> proxmox: Creating VM
==> proxmox: Starting VM
==> proxmox: Starting HTTP server on port 8771

...

Build 'proxmox' finished.

==> Builds finished. The artifacts of successful builds are:
--> proxmox: A template was created: 4444
--> proxmox:

When the process is complete you should see your template ready in the proxmox interface and ready to be cloned into virtual machines.

Connect further

Make sure to follow on Medium, Twitter or Email
If you are thinking of subscribing on Medium, you can use my referral link
Connect with me on LinkedIn if you want to chat

Cover photo by chuttersnap on Unsplash

Getting your first software dev internship

Aaron Berry — Mon, 10 Feb 2020 11:25:24 +0000

Getting a software dev internship can be a daunting process but there are a few things that you could be doing to make the process a little easier. I had to complete a year's worth of internships to complete the professional engineering portion of my software engineering degree. I initially found this process to be a challenge but with a few tweaks and learnings along the way, I think I made the process a little easier for myself. I want to share some of those tips with you to make the process easier and hopefully get you the internship you want as well.

For all the information I provide in this post It will be in the context of finding and applying for an internship in Sydney Australia as a software engineering student. However, most of this information should translate to other regions as well.

Writing your CV

For your CV you want to aim for a length of about 1 - 2 pages, anything more than your going to be hiding information in pages that most likely won't be read. Your CV should have your current work experience, your current academic attainments and your technical expertise in things like languages and frameworks you're comfortable with. You should be aiming to try and match the qualities on your CV with the qualities that the employer is looking for in an ideal candidate. I want to also stress that you don't need to include everything in your work or education history if it is not relevant to the role, For example, if your halfway through your university degree you don't need to include your high school on your CV anymore and you should be using that space for something more relevant for the position your applying for.

On your CV you want to also make sure you have your current contact details present including your full name, email and phone number. You may also want to consider having the details of some of your other social accounts if they are related to the role such as Github, Dev or CodePen so that the employer can see some of your actual projects or writing.

Finally with your CV, save yourself some embarrassment only realising you missed something after you sent off your application and get someone (or more if you can) to read over your CV to make sure you don't have any silly typos, spelling or weird grammar you missed after reading your CV for the 100th time.

Searching for internships

Now that your CV is all polished and ready to go we need to find some jobs to actually apply for. The job posting sites can be pretty region specific so use what's available in your area but ill just list all the ones I used in my internship search and note if the site is available somewhere else. I would recommend that where applicable you set up alerts for these sites so that you can stay up to date with new postings so you can use your time more efficiently when applying for roles.

LinkedIn (Global)
Jora (Global)
Indeed (Australia and U.S.)
Seek (Australia)

If your currently studying in university make sure to reach out to the careers department of your institution. They usually have some great resources when it comes to finding jobs such as a list of which companies have internships or they might even host their own job boards just for students like my university did.

Preparing your cover letter

This step isn't always required but is definitely recommended if you have the time. A cover letter is basically just a short (usually 1 page) description of yourself and an example of how you're interested in the internship and how you would be suitable as a potential candidate for that role. Employers are likely to read your CV and cover letter at the same time so make sure your grammar and spelling are on point and that the information between your CV and cover letter match.

It can seem like a lot of work to have to write a cover letter for each application you make so I recommend you write up a template for your cover letter early. This is going to save you a lot of time with you just needing to change names and a few sentences here and there to tailor your cover letter for the company your applying for. At the peak of me trying to apply for internships using templates, I could have a custom CV and cover letter tailored for the requirements of the roles ideal candidate done in just 30 minutes on average.

Check out these articles for getting started with writing your cover letter:

Interview prep

WOOO! You got yourself an interview and now you just need to get through this step and you're probably home free. For your interview, you're going to want to prepare both your soft skills and your technical skills.

For your soft skills, these are things like your ability to communicate, provided feedback and work in a team. Soft skills are something you develop over time but if you're wanting to practice them or get warmed up with these skills I would recommend you try and find a friend or mentor who can practice asking interview questions with you.

For your technical skills, these can also be hard to prepare actively for your interview but I would recommend going over some basics courses for the languages you would need to work with if you got the role. I would also recommend you try and complete and explain your solution for some common technical interview questions. Additionally, look through some of the projects you've worked on and try and link those to what the company is looking for in the advertised role so when asked how you demonstrated a skill you can show off a project you've already completed nicely linking what you've already done with what they are looking for.

If your looking for some more info on preparing your soft skills to check out the links below:

And if you need help with your technical skills these articles below could be helpful to you:

My personal tips

Save yourself some embarrassing mistakes easily and get the grammarly extension, you just need the free version and use it to check your CV and cover letter before you send it to anyone.
Try and be personable but professional, being too formal makes you sound like a robot and unfortunately quite forgettable so remember to be friendly and yourself.
Take the effort to personalize at least some portion of your internship submission for every company be that your CV or cover letter.
If you don't like the company, people or terms of the contract don't be afraid to say no, being unhappy or working under an illegal contract is never worth the work experience you may get.
Rejection is part of the game but not the end, Don't be afraid to ask for feedback on why you didn't get the role and take that on board to make each application better.

Conclusion

Hopefully, these tips are able to help you out in your journey to getting your internship. It's a hard process and can feel very defeating at times, but people have done it before and as long as your learning throughout the process you'll get the internship in the end.

Connect further

Make sure to follow on Medium, Twitter or Email
If you are thinking of subscribing on Medium, you can use my referral link
Connect with me on LinkedIn if you want to chat

Cover photo by Nastuh Abootalebi on Unsplash

A11y testing web apps with axe-core

Aaron Berry — Thu, 09 Jan 2020 05:38:12 +0000

When we build applications we like to make sure that they work. To assure this we would write our normal unit, stub and integration tests. However, one thing that isn't usually being tested in these suits is the accessibility of our web applications.

In comes axe-core which as been developed by deque systems. I'll briefly outline how we can easily configure and use axe for our needs and how it can be integrated into your current tooling so we can start finding (and fixing!) accessibility defects in our web applications TODAY 😃.

What is axe

From the axe-core repo.

Axe is an accessibility testing engine for websites and other HTML-based user interfaces. It's fast, secure, lightweight, and was built to seamlessly integrate with any existing test environment so you can automate accessibility testing alongside your regular functional testing.

What this means is that we can use axe to analyse our web applications DOM structure for accessibility issues. This is done via a rule-based system allowing you to configure axe for your needs and requirements, you can find all the axe rules here. These rules test against common accessibility guidelines and standards such as WCAG, Section 508 and axe's own ruleset.

An example simple axe configuration below.

// axe-config.js
module.exports = {
  rules: [
    {
      id: 'landmark-one-main',
      enabled: false
    }
  ]
}

This configuration can become much more complex with the extended attributes you can use such as CSS selectors, tags or excluding hidden elements making axe-core highly configurable for your testing requirements.

This same configuration should be importable into any of the projects that utilise the axe-core engine allowing you to standardize and share your configurations across tooling and applications.

How can I use axe to test accessibility

Now that we know axe can allow for us to test accessibility in our web applications how do I actually implement it? Below ill go over a couple of common ways you can easily implement axe into your testing.

Deployed sites (axe-cli)

If your application is already deployed and accessible via HTTP/S it's as simple as running the axe CLI against your applications URL.

npm install -g axe-cli
axe http://your-site.com/page

This solution works best for simple HTML pages without authentication or that can easily be navigated to via URL paths. If you require any kind of user actions to get to the desired pages to test have a look at the sections on either Puppeteer or Selenium implementations of axe.

React (react-axe)

This is a great tool that can be incorporated into almost any react application quite easily with the following snippet being all that's needed, just make sure to load it before you load your main react application.

var React = require('react');
var ReactDOM = require('react-dom');

if (process.env.NODE_ENV !== 'production') {
  var axe = require('react-axe');
  axe(React, ReactDOM, 1000);
}

React axe is now able to show you the a11y errors and even give you some nice DOM highlighting of where the issue is happening when applicable.

React axe is also smart enough to reload and re-analyse when components in the DOM are re-rendered making the developer experience great when using it.

Jest (jest-axe)

Now if your team is using something like jest integrating axe into your testing suite is as simple as the snippet below.

const { axe, toHaveNoViolations } = require('jest-axe')

expect.extend(toHaveNoViolations)

it('should demonstrate this matcher`s usage', async () => {
  const render = () => '<img src="#"/>'

  // pass anything that outputs html to axe
  const html = render()

  expect(await axe(html)).toHaveNoViolations()
})

There are some nice helper methods provided by this implementation such as the toHaveNoViolations function. Once you run your tests you'll be provided with nicely formated errors as follows.

Puppeteer (axe-puppeteer)

With the use of axe-puppeteer it's again easy to implement axe into your existing tests with axe being injected automatically for you and just need to call the analyze function when the DOM is in the desired state to be tested.

const { AxePuppeteer } = require('axe-puppeteer')
const puppeteer = require('puppeteer')

(async () => {
    const browser = await puppeteer.launch()
    const page = await browser.newPage()
    await page.setBypassCSP(true)

    await page.goto('https://dequeuniversity.com/demo/mars/')

    const results = await new AxePuppeteer(page).analyze()
    console.log(results)

    await page.close()
    await browser.close()
})()

One note with this implementation is that you will have to fail your tests by evaluating the results object to your testing requirements as an easy function is not provided like the jest-axe implementation.

Selenium (axe-webdriverjs)

Finally, if your using something like selenium axe-core can still be integrated into your current tests with axe-webdriverjs. This solution simply hooks into the web driver object and runs analysis on the rendered DOM when the analyze function is called.

  var AxeBuilder = require('axe-webdriverjs');
  var WebDriver = require('selenium-webdriver');

  var driver = new WebDriver.Builder()
    .forBrowser('firefox')
    .build();

  driver
    .get('https://dequeuniversity.com/demo/mars/')
    .then(function() {
      AxeBuilder(driver).analyze(function(err, results) {
        if (err) {
          // Handle error somehow
        }
        console.log(results);
      });
    });

Similar to the puppeteer implementation you'll have to evaluate the results object for more fine-grained control over the failure criteria for the axe analysis.

Wrapping Up

By utilizing axe for testing accessibility in your web application you can make sure that your applications at the minimum cover some of the best standards when it comes to web accessibility. Also moving as much of the simple accessibility testing covered by axe into code should allow you to catch the simple errors faster saving time and money for the user testing later on.

If your tool or framework wasn't covered make sure check out the full list of projects that use the axe engine here.

Connect further

Make sure to follow on Medium, Twitter or Email
If you are thinking of subscribing on Medium, you can use my referral link
Connect with me on LinkedIn if you want to chat

Cover photo by DANNY G on Unsplash

Forem: Aaron Berry

Generating Encrypted Key Pairs In Python

Creating an Encrypted PEM Encoded RSA Key Pair

Further Reading

Connect further

Articles around the web (03-05-2020)

Connect further

Articles around the web (26-04-2020)

Connect further

Articles around the web (05-04-2020)

Connect further

Articles around the web (29-03-2020)

Connect further

Articles around the web (22-03-2020)

Connect further

Creating proxmox templates with packer

What is packer

Preparing your packer template

Further reading on packer

Connect further

Getting your first software dev internship

Writing your CV

Searching for internships

Preparing your cover letter

Interview prep

My personal tips

Conclusion

Connect further

A11y testing web apps with axe-core

What is axe

How can I use axe to test accessibility

Deployed sites (axe-cli)

React (react-axe)

Jest (jest-axe)

Puppeteer (axe-puppeteer)

Selenium (axe-webdriverjs)

Wrapping Up

Connect further