🙈 Yet another place to look for secrets? It’s common to find as teams move their workloads into containers and navigate the security challenges that come from it. Yet it’s also puzzling … how doe...

Every time you reach for a long-lived secret, you are wrong. The impulse is good, but uh … having seen some of the recent shenanigans from yet another supply chain attack targeting long-lived secr...

Breaking up my website’s mono-repo had some unintended consequences. I wrote a script and Actions workflow that automatically updates my profile README whenever I published a new post. Since the ...

My website, plus a bunch of other random things, was in one mono-repo. It became a junk drawer I would definitely deal with … later. Spending the past few weeks on the road made it a great time f...

I recently had the privilege of speaking on the 6th at the ATARC Zero Trust Summit for Spring 2025. Many thanks to ATARC, a terrific group of moderators, and my fellow speakers for a fantastic eve...

A modest abundance of Raspberry Pi computers means I simply must build a little Kubernetes cluster. Having lost my near-infinite supply of Azure credits, it’ll be a nice return to how I got starte...

About a week before I submitted my resignation from my last role, a spirited conversation happened in a Slack channel dedicated to employee compensation - specifically the well-known trend of new h...

I love the energy students bring to a college town. Now that the holidays are over and graduation is around the corner, many join in the local professional groups to network. It’s exciting to see...

Some containers are big and with a good enough reason to be big. Reliably reducing their size isn’t difficult or complicated, but it is work. Let’s see if we can find a shortcut. 🌟 Overview an...

Some containers are big, but reliably reducing their size isn’t difficult or complicated. Now that we know what goes into an image, let’s take one easy step to ship only what’s needed - the final ...