> calling out to services should be a core competency.
What’s the typical failure rate of a method call within a process of a language of your choice?
If it’s not Java2k it will be one or two orders of magnitude lower than any cross-process, host or provider RPC call you’re ever going to make.
At smaller scales, just not having to deal with all the bugs and cleanup work missed error handling brings - and then building proper error handling for all relevant cases - can make a huge difference.
The main reason to de-emphasize passwords is that they can easily get leaked and can cause long-lasting problems.
Forcing automation to use per-service authentication tokens in the form of distinct SSH keys or access tokens allows you to
* limit the scope of the token when it gets leaked
* Using a password gives you full control over a GitHub account, a SSH key or token much less so
* verify which credentials are still actively used
* deactivate & replace tokens on a more fine-grained level if one should get leaked
What’s the typical failure rate of a method call within a process of a language of your choice?
If it’s not Java2k it will be one or two orders of magnitude lower than any cross-process, host or provider RPC call you’re ever going to make.
At smaller scales, just not having to deal with all the bugs and cleanup work missed error handling brings - and then building proper error handling for all relevant cases - can make a huge difference.