Kratos is awesome, especially alongside Hydra, OathKeeper, and Keto. Super powerful combo, if not a little intimidating at first. There’s a LOT of configuration involved, but that’s to be expected if you want to host your own Auth0 replacement.
Their dynamic forms stuff is really cool too, always liked how they chose to go about that. Only complaint I really ever had is that while their docs were overall serviceable, I remember some areas were pretty lacking and I had to dig really far to find answers to some fairly common issues.
I've often wondered why there isn't a simpler identity provider service that does the thing that ~90% of applications need without all of the complex configuration.
The world of Auth has been made miserable with everything having to support OAuth2/LDAP/SSO/SAML etc., plus a million versions of access control, session configs, yadda yadda.
Each of these has their own (usually legitimate) purpose, but also each one has to integrate with other providers that each don't follow and/or extend the spec in their own special way. And the pain goes on and on.
Obviously you can make a product that only does really good username/password auth for example, but there's always more pressure to implement more things for another use case.
Another problem is also that "standards" like OAuth2/OIDC are used for a thousand use cases that weren't intended by the authors, so people get really creative with them.
Plus the spec itself is vague on many essential things, for example how logout should work.
Thankfully I never had to implement SAML but I would guess it's even worse there...
Ironically, their hard dependency on Docker is a showstopper for me - none of my systems run Docker Engine, they use containerd and Podman, neither of which are supported.
I hadn't heard of them, but I'm looking at their GitHub page now and they seem to support Kubernetes, which makes me think they must support containerd, right?
Helix has been my daily driver for a few years now, and it’s extremely familiar if you’re coming from the LazyVim setup for NeoVim. I make a few mistakes here and there if I have to use tools with just basic VI binds, but you learn to juggle them both.
The config is very well documented and it would be simple to rebind things too.
Well for one my editor doesn’t support plugins (yet)!. But I have found that learning my editor well enough removed my need for the pesky edits / boilerplate writing offerings of AI. Other than that, I don’t trust it to write anything big, and don’t need it to write anything small.
I’ve tried it a few times and it’s decent for writing unit tests but otherwise often made a mess of things. I understand there’s an art to it but I’m just not interested in putting too much effort into it. I’m always going to go through whatever it generates with a fine toothed comb, so I don’t see it saving me much time anyhow.
I have watched some very senior engineers really dive in with it though, and seemingly with a lot of success.
This is great. I have been daily driving Helix for a few years now and every release has been really exciting. Still anxiously waiting on a plugin system, but that’s more of a bonus than a need.
love the syntax, and excited to mess with it, but man i’m sad to see it’s on the JVM. if i had to guess, a lot of langs like this are on JVM because that’s a lot simpler than writing a whole backend with anywhere near the same performance or reliability, and i totally get that.
that being said, bearing in mind that i’m not a Java/JVM developer and only rarely have to use it, for the few nontrivial projects i have shipped with it the build system was by far the most challenging and frustrating. it’s so complex and has such a large surface area.
no hate at all, and the trade offs are completely reasonable, but i am hoping during my career we’ll start seeing either a massive simplification of JVM builds or a lot of innovation that would make native compilers easier to build.
(as a side note, it is nice to have langs like this for when JVM is the only option)
there's no such thing as generic "jvm builds" as far as i understand though. jvm is the target, it's like saying x64 builds are complex. maybe you re thinking of ant or maven or gradle? there are plenty others.
you can build basic java with "javac myfile.java". done.
each jvm language has its own build tools and some build tools cover jvm languages in between others.
i think you’re right, though i think i was thinking about about this at a higher level. i more meant that the languages in the JVM ecosystem I have experience with (java, kotlin, and scala) have all given me similar unpleasant experiences building them. same tools too, though you probably wouldn’t use sbt for non-scala projects even though you could.
the main pain points for me are dependencies, packaging, and configuration. best i can tell, those pains are shared between anything that targets JVM, especially those that want to have good interop.
