Blog Archive

Auto Updating AMI's on a Rolling Window with Terraform

A Terraform pattern for automatically selecting the newest AMI that is at least two weeks old, enabling a rolling window approach to AMI updates that avoids deploying untested images to production.

The Documentation Problem

Documentation is like pizza -- when it is good, it is really good, and when it is bad, it is still pizza. A perfect documentation system makes it more likely that docs will be written and maintained than not.

Vault Operator Notes

Operational notes on running the Vault Operator in Kubernetes, covering CRD configuration, secrets management, authentication testing, and Cert Manager integration.

Coding Standards (especially in Golang)

This is about design philosophy and how to approach your work. Every line of code should be to a standard you would be proud to publish under your own name, because git is forever.

TDD (Test-Driven Development)

TDD is not just about writing tests before code -- it is about alternating between tests and code so that you write code in discrete, testable units and capture every insight as an automated check that lives in your codebase forever.

Managed Secrets

Secrets management is an important job, but it sucks. A look at why UX is the key to a successful secrets system, and how Managed Secrets provides a YAML interface to your secret storage backend.

Using CircleCI as if it was a Maven Repo

A trick for using CircleCI 1.x build artifacts as a Maven repository by fetching dependency artifacts and installing them into the local Maven cache.

Dynamic Binary Toolkit: Tools that automatically keep themselves up to date!

A system for building self-updating command-line tools that automatically download, verify, and replace themselves with the latest version using checksums and GPG signatures.