Security
When a .map File Leaks Your Entire Codebase
Apr 4, 20266 min read
Lessons from the Claude Code source map incident — how default build settings can silently ship debug artifacts to production.
securityci-cdnpmdevopsbuild-tools
Technical writing on DevOps, CI/CD, cloud infrastructure, and production engineering.
Read When a .map File Leaks Your Entire Codebase Read Troubleshooting Terraform: Patterns Worth Knowing InfrastructureTroubleshooting Terraform: Patterns Worth Knowing
Apr 2, 20265 min readApply failures, cycle errors, and state drift — the three categories of Terraform problems that surface in production, and how to fix them.
terraformiacdevopsdebuggingRead Using LLMs for Incident Response — What Works and What Doesn't AIUsing LLMs for Incident Response — What Works and What Doesn't
Apr 1, 20265 min readAfter integrating AI into an on-call workflow, here's what actually reduced MTTR and what turned out to be expensive noise.
aillmincident-responsedevopsobservabilityRead Automating Code Review with AI — Architecture and Honest Results AIAutomating Code Review with AI — Architecture and Honest Results
Mar 30, 20266 min readAI-powered code review integrated into a PR workflow. Here's the architecture, the prompt engineering, and the metrics after 3 months.
aicode-reviewautomationci-cddevopsRead Kubernetes Debugging Patterns for Production KubernetesKubernetes Debugging Patterns for Production
Mar 25, 20266 min readCrashLoopBackOff, OOMKilled, stuck deployments, and networking mysteries — a field guide to debugging K8s when things go wrong.
kubernetesdebuggingdevopscontainersRead Feature Flags and the Case for Progressive Delivery CI/CDFeature Flags and the Case for Progressive Delivery
Mar 18, 20265 min readHow feature flags decouple deployment from release, reduce blast radius, and why every team shipping to production should use them.
feature-flagsci-cdprogressive-deliverydevopsRead GitOps with ArgoCD: What Teams Wish They Knew Before Starting GitOpsGitOps with ArgoCD: What Teams Wish They Knew Before Starting
Mar 12, 20265 min readLessons from adopting GitOps in production — the wins, the gotchas, and the patterns that actually survive real-world complexity.
gitopsargocdkubernetesci-cddevopsRead Setting Up a Private Docker Registry You Can Actually Trust DockerSetting Up a Private Docker Registry You Can Actually Trust
Mar 5, 20265 min readRunning your own registry with Nginx, TLS, and authentication — why relying solely on Docker Hub for production images falls short.
dockerregistrynginxlinuxsecurityRead GitHub Actions: Reusable Workflows That Actually Scale CI/CDGitHub Actions: Reusable Workflows That Actually Scale
Feb 28, 20265 min readHow duplicated CI/CD configs across 30+ repos were eliminated with reusable workflows, composite actions, and a central workflow registry.
github-actionsci-cdautomationdevopsRead The Cloud Shared Responsibility Model Is Not Optional SecurityThe Cloud Shared Responsibility Model Is Not Optional
Feb 20, 20266 min readWhat you own, what your cloud provider owns, and the gray areas in between — with real breach examples that prove why this matters.
cloudsecurityawsdevopscomplianceRead Platform Engineering: Building an Internal Developer Portal That Gets Used Platform EngineeringPlatform Engineering: Building an Internal Developer Portal That Gets Used
Feb 10, 20265 min readMost internal platforms fail because they solve infrastructure problems, not developer problems. Here's how to build one that developers actually adopt.
platform-engineeringdeveloper-experiencedevopsbackstageRead Structured Logging That Actually Scales ObservabilityStructured Logging That Actually Scales
Jan 28, 20265 min readWhy replacing text logs with structured JSON, shipping them to a central stack, and adopting consistent query patterns cuts incident response time in half.
loggingobservabilitydevopsmonitoringRead Zero Trust Networking: A Practical Implementation Guide SecurityZero Trust Networking: A Practical Implementation Guide
Jan 12, 20265 min readMoving beyond perimeter security — a practical approach to implementing zero trust across services, users, and infrastructure without boiling the ocean.
zero-trustsecuritynetworkingdevopskubernetesRead Container Security Scanning in CI/CD — Beyond the Basics Cloud NativeContainer Security Scanning in CI/CD — Beyond the Basics
Jan 5, 20265 min readImage scanning alone isn't enough. This post walks through a multi-layer container security pipeline that catches vulnerabilities before they reach production.
containerssecuritydockerci-cddevops