2024

• 12 Dec Signing artifacts, attesting builds, and why you should do both
• 03 Dec Interviewing with an AI assistant
• 18 Nov Build multi-architecture runners for actions-runner-controller
• 06 Oct A second year of writing on the internet
• 30 Sep Interviewing upwards
• 15 Sep How long do cows live?
• 05 Sep Corporate proxies, meddler-in-the-middle attacks, and git
• 26 Aug You need a grimoire.
• 22 Aug DevOps has always been about Secure by Design software
• 02 Aug Securing Devcontainers (part 3) - Docker-in-Docker
• 30 Jul Securing Devcontainers (part 2) - multi-service applications with Docker Compose
• 24 Jul Securing Devcontainers (part 1) - a simple setup with Ruby and Jekyll
• 21 Jul Static analysis scans of a container's filesystem
• 15 Jul Why develop when you have to audit
• 12 Jul Explaining why a code change happened during an audit
• 05 Jul Where git can set compliance controls
• 30 Jun How git understands time
• 29 Jun Tips for auditing changes in git
• 24 Jun Understanding identity in git repositories
• 17 Jun Git configurations in a code audit
• 12 Jun Surviving your first code audit, or Whodunnit? A git repo mystery.
• 03 May Reducing CVEs in actions-runner-controller
• 24 Apr GraphQL patterns to know
• 22 Apr Intro to GraphQL using custom fields in GitHub Projects
• 18 Apr Sparkles of feedback
• 08 Apr Pi-hole configuration for the lazy and slightly paranoid
• 04 Apr Checking capabilities changes at PR
• 31 Mar Organization costs of the xz backdoor
• 27 Mar Deciduous content
• 24 Mar A gentle introduction to container escapes and no-clump gravy
• 07 Mar Building a secure Jekyll container
• 01 Mar Career interview questions
• 19 Feb GitHub Enterprise administration resources
• 16 Feb Chargeback in GitHub Enterprise Server
• 14 Feb Chargeback in GitHub Enterprise Cloud
• 17 Jan Flipper Zero saves the holidays (and other personal fun)
• 12 Jan A quick and dirty guide to X11 forwarding over SSH
• 08 Jan Scrum the home

2023

• 26 Dec Posts by the numbers for 2023
• 14 Dec Adding CodeQL to your (compiled) container build
• 20 Nov Cloud cost spreadsheets ask the wrong question
• 06 Nov Writing tests for your Actions runners
• 25 Oct CI for your CI - building and testing your custom runner images
• 16 Oct Kodi setup on a Raspberry Pi 4
• 13 Oct Self-updating build servers, automatically
• 02 Oct One whole year
• 29 Sep Building RPMs in containers
• 23 Sep Raspberry Pi desktops for little kids
• 07 Aug Using Kaniko in Actions-Runner-Controller
• 02 Aug Building the Linux kernel for dedicated hardware VMs
• 21 Jul Please stop saying 'Just use Firecracker' - do this instead
• 07 Jul Revisiting the cost of waiting on builds
• 03 Jul Threat Modeling the GitHub Actions ecosystem
• 27 Jun Adding Mermaid Diagrams
• 31 May Lazy profile readme updates from my blog
• 15 May Scanning your code on every single push
• 14 Apr Stop putting application security alerts in ticket systems
• 07 Apr Blogging with Codespaces, part 2
• 03 Apr Creating custom images for actions-runner-controller
• 22 Mar Managing an enterprise-wide application security team on GitHub
• 08 Mar Replacing my router with OpenWRT and a Raspberry Pi
• 22 Feb Setting up automated deployments via Helm + Actions
• 16 Feb What are your users really doing within GitHub Actions?
• 14 Feb Actions Workflows to Test Custom Runners
• 10 Feb Kubernoodles Cluster Setup
• 01 Feb Securing Self-Hosted GitHub Actions with Kubernetes and Actions-Runner-Controller

2022

• 12 Dec Architecture guide to self-hosted GitHub Actions
• 05 Dec Devcontainers in Kubernetes
• 02 Dec Git aliases and shortcuts for daily use
• 28 Nov Containerized CI at an Enterprise Scale
• 16 Nov Undo a commit on a failed GitHub Actions job
• 10 Nov The cost of waiting on builds, part 3
• 07 Nov Blogging with Codespaces
• 25 Oct Removing big files from repos using BFG
• 18 Oct Dependabot on Red Hat Enterprise Linux using Docker
• 10 Oct The cost of waiting on builds, part 2
• 03 Oct The cost of waiting on builds
• 02 Oct test post please ignore