Latest Posts

Managing GitLab License Policies With No Dependencies

GitLab's license approval policies provide a powerful and flexible means of managing dependency license approvals. Using these policies requires performing GitLab's Dependency Scanning to generate and report a Software Bill of Materials (SBOM). For the cases where there are no dependencies, Dependency Scanning is not run, no SBOM is created, and the license policies are considered failed and require approval. For projects without dependencies this is an added hassle, and this post proposes a solution.

Managing Alpine Linux Based Container Images With Renovate

With it's default configuration, Renovate does a great job of managing container image tag updates. One limitation is that for updates that include an OS in the tag, for example the Alpine Linux version in python:3.11.3-alpine3.17, Renovate will only update to Python image tags matching that version, which may limit updates, and doesn't identify any OS updates. This post details how to configure Renovate to work around that limitation for Alpine images.

Bin Tester v4.0.0 Released

Bin Tester v4.0.0 was released today with several noteworthy changes, including changing the function exports, changing the argument to the test functions, adding TypeScript type declarations, and deprecating support for Node 14 and 19.

GitLab CI Pipeline for Eleventy

This post details the GitLab CI pipeline used for this blog, which is built with Eleventy. It's based on a collection of GitLab CI templates that have evolved over several years for my published NPM packages with a collection of end-to-end tests used for web applications and a few unique jobs added specifically for Eleventy and Nunjucks templates. It's meant as an illustration of a reasonably comprehensive CI pipeline for an Eleventy static site, maximizing the level of automated testing, leveraging built-in GitLab capabilities where practical, and optimizing parallelization and pipeline speed.