One of the most common business needs I hear concerns about for actions-runner-controller and security policy is how to build containers without Docker-in-Docker and privileged pods. It seems to c...

My GitHub repository fedora-acs-override has been used to talk about many other topics - benchmarking build times, showing how matrix builds work in Actions, and tour of how building software for L...

Please stop saying “just use Firecracker” when faced with a container security challenge. It’s a fabulously cool technology. It’s got great use cases - it’s the foundation of AWS Lambda and it’s ...

It’s been nearly a year since I first looked into the cost of waiting on builds (series). It got picked up by GitHub’s blog and it’s still tied with the time I spoke at a CNCF conference for page ...

GitHub Actions is phenomenally popular in both open-source and enterprise development - partly due to how different it is from many other existing CI/CD tools. However, this means you’ll need to u...

I just added support for Mermaid diagrams to my site and I’m so pleased with how it turned out! Mermaid is a JavaScript tool for making all sorts of charts and diagrams in code, but having them re...

I’ve been on a professional “refresh all the things” theme the past few months - updated the résumé, LinkedIn, etc. Not because I’m looking to change anything professionally at the moment, but wit...

One of the most common questions I’m asked about GitHub, specifically around Actions and the application security features, is “how do I scan my team’s code on every single push?” While it can tec...

💖 This post contains unresolved professional trauma and is fueled by a desire to spare others that deep pain. You have been warned. 💖 Please stop automatically putting code security alerts into ...

I can’t believe I’ve been doing this whole blogging thing for six months now! In those six months, my initial setup is still working well. I found a big pain point with how I’d set this up versus...