Security scanning of your code with Trivy

By Ian Homer - 07 Aug 2025

Security vulnerabilities in your codebase need to be dealt with. Trivy is an open source tool that is straightforward to set up.

Read more

Connecting GitHub with Claude Code through MCP

By Ian Homer - 03 Aug 2025

I've been exploring ways to give Claude Code more context about my projects, and the GitHub MCP server caught my attention. Setting it up turned out to be straightforward.

Read more

Git hooks for code quality: catching issues before they escape

By Ian Homer - 31 Jul 2025

There's a particular kind of frustration that comes from pushing code, feeling good about your progress, then watching CI fail on a missing semicolon. It's the development equivalent of tripping over your own shoelaces – embarrassing and entirely preventable.

Read more

A containerised sandbox for Claude code

By Ian Homer - 31 Jul 2025

I've been using Claude Code for a few weeks now, watching it navigate codebases and execute commands with impressive competence. It's genuinely helpful – the kind of tool that makes you wonder how you managed without it. But there's this nagging voice in the back of every platform engineer's head that asks uncomfortable questions at 2 AM: What if it decides to explore that .ssh directory?

Read more

When code speaks the business language

By Ian Homer - 30 Jul 2025

I've been working with AI coding assistants for months now, and there's this recurring pattern that initially frustrated me but eventually became enlightening. You ask Claude (other AI tooling exists) to help with a method called processData(), and it generates comprehensive tests for data validation and transformation. The tests are perfectly written and completely wrong – because the method actually handles user authentication.

Read more

Building controlled context with Markdown reader MCP

By Ian Homer - 24 Jul 2025

I was deep in a coding session last week when it hit me: my AI assistant had no clue about the deployment process I'd carefully documented two months ago. Or the coding standards my team had hammered out. Or the architectural decisions that explained why half the codebase looked the way it did.

Read more

Auto-completion of Kubernetes custom resource definitions (CRDs)

By Ian Homer - 27 Jun 2025

Custom Resource Definitions (CRDs) are a powerful way to extend Kubernetes. They let products provide their own Kubernetes resource types tailored to their specific needs. A Kubernetes operator may then use such a CRD to manage applications or provide other custom behaviour. Writing these CRDs freehand can be error-prone. It's easy to misplace indentation in YAML or mistype a property name. If these mistakes make it into a cluster, they might only surface when a pod fails to start or a resource behaves unexpectedly.

Read more

Exploring the new native env file support in Node.js

By Ian Homer - 10 Oct 2024

Back in 2011, The Twelve-Factor App laid out some fundamental principles about keeping configuration separate from code. It became the go-to guide for how we handle environment variables, influencing everything from Docker's ENV directives to how we structure modern applications.

Read more

Setting up OpenTelemetry to send metrics and traces to Grafana Cloud

By Ian Homer - 22 Aug 2024

Observability is essential for understanding how your system actually behaves and for ensuring reliable performance and a solid user experience. As systems grow and evolve, you need consistent, vendor-neutral observability tooling - especially when you want to avoid getting locked into a single platform provider. Cost becomes a real concern as your usage scales: what seemed like an affordable package with low user volumes can quickly become expensive as usage ramps up.

Read more

Deploying Kube resources with the Argo CD app of apps pattern

By Ian Homer - 17 Aug 2024

Now that I have my local kube stack with K3s on a couple of Raspberry Pis, my next task I wanted to tackle was to set up an App of Apps structure so that I could (repeatedly) go from empty kube stack to my desired set of applications deployed into the cluster. The app of apps pattern in Argo CD helps define the apps that we want deployed, all driven from Git repository that describes a desired state.

Read more

Raspberry Pi 5, Argon NEO 5 case and NVMe SSD unboxing

By Ian Homer - 11 Aug 2024

The Pi 5 introduced a lovely little PCIe slot onto the Raspberry Pi board. Ideal for attaching an SSD drive, which is just what the Argon NEO 5 M.2 NVME connects to. Let's unbox the kit and get it up and running.

Read more

Mounting LUKS encrypted drive on Raspberry Pi on boot

By Ian Homer - 02 Aug 2024

LUKS provides support for encrypted drives on Linux and we can provide password for decryption during the boot sequence over SSH with dropbear so that encrypted drive can mount on startup. I had an itch to set up an encrypted drive on a Raspberry Pi to give the data some protection in case the Raspberry Pi went missing. Given I was upgrading a Raspberry Pi I was using as a small media server, I thought it would be a good time to try out LUKS and dropbear SSH.

Read more

How to boot a Raspberry Pi from a local SSD drive

By Ian Homer - 01 Aug 2024

I've used a Raspberry Pi 4 in an Argon ONE M.2 case for a while. It allows me to attach an M.2 SATA SSD to my Pi, improving boot times and performance considerably. Let's go through how we can get the Pi booting from a SSD device.

Read more

Automate Let's Encrypt certificates with the Caddy web server

By Ian Homer - 16 Jun 2024

I was setting up a small internal network with a few hosted services and I wanted these services to route through virtual hosts so I could start configuring some good semantic host names for each of these services. Naturally, these services also needed to be delivered over https with trusted certificates.

Read more

Under the covers of SOPS for codifying CI/CD and IaC secrets

By Ian Homer - 10 Jun 2024

SOPS (Secrets OPerationS) is a command line tool that encrypts and decrypts files in a way that allows you to codify CI/CD and dev processes that require secrets. In an encrypted form, secrets can be stored in a Git repository, with appropriate access control, in the knowledge that it is hard to decrypt the secrets without the authorisation to decrypt. Codifying of secrets and SOPS tooling, helps make rotation of secrets easier, and hence encourages us to become better at timely rotations, in turn de-risking exposure of historical secrets.

Read more

Local Argo CD in k3d with trusted HTTPS routes

By Ian Homer - 31 May 2024

The non-trusted certificate warnings when I spun up Argo CD locally in a k3d cluster were bugging me. Let's fix them and get Argo CD spun up locally without these warnings, with trusted certificates and end-to-end encrypted flows.

Read more

Routing k3d deployments with a Traefik reverse proxy

By Ian Homer - 28 May 2024

I started writing a blog that needed a clean way to expose two services from the cluster, and it got me wondering the best way to do this. I'm often aiming to write blogs on this site in a zero-to-goal manner, so they can be read in isolation. k3d by default uses traefik, which is pretty neat when it comes to low configuration, however it did lead me to experimenting with ways to expose services with a lightweight approach that I could use in future blogs. Let's have a look at some of the options.

Read more

Setting up persistent volumes for storage in a k3d cluster

By Ian Homer - 26 May 2024

To set up any service that needs to retain data, we're going to need to make sure the storage is persistent through pod and cluster restarts. In Kubernetes we can set up a PersistentVolume (PV) to define the storage resource, and a PersistentVolumeClaim (PVC) to use the PersistentVolume.

Read more

Deploying Kubernetes on a Raspberry Pi cluster with k3s

By Ian Homer - 25 May 2024

K3s is a fantastic lightweight Kubernetes distribution that is so quick to install on a collection of Raspberry Pis. I had a couple of Raspberry Pis sitting idle so had a go at spinning up a Kubernetes cluster on them. It's great way to get some deeper understanding and hone your Kubernetes skills.

Read more

Running local AI code assist to power your IDEs with Ollama

By Ian Homer - 24 May 2024

I'm intrigued in how effective it is to run code assist models locally. I'm keen to explore the available IDE extensions and AI models. Let's start with VSCode, the Code GPT extension and models run locally with Ollama.

Read more

Getting started with GitOps with a local Argo CD stack

By Ian Homer - 21 May 2024

Argo CD creates and updates resources in a Kubernetes cluster to achieve the desired state that is defined in a Git repository. This allows us to declare the desired state of our resources and leave Argo CD to do the work of deploying and updating the cluster to achieve this state.

Read more

Spinning up a local Gitea service for GitOps practice

By Ian Homer - 20 May 2024

I wanted a quick throwaway git service for some GitOps practice. Gitea is an open source Git hosting service. It is powerful for self-hosting a GitHub-like service, but also lightweight and straightforward to spin up as needed for little experiments.

Read more

Comparing local k8s stacks; k3d, minikube and microK8s

By Ian Homer - 19 May 2024

I explored spinning up a local cluster with k3d recently, however I realised I should have compared k3d with other approaches. Let's compare kind, minikube and microk8s and see how these different k8s stacks help for local development.

Read more

Monitoring Kubernetes metrics with Grafana and Prometheus

By Ian Homer - 17 May 2024

Grafana is an open observability platform that gives your team a centralised view on the health and behaviour of your system. We'll use Kubernetes metrics to quickly spin up some dashboards and provide foundations to experiment and learn more about Grafana.

Read more

Locally running GenAI and large language models with Ollama

By Ian Homer - 16 May 2024

If you are interested in exploring Generative AI without relying on cloud services, Ollama can run open models entirely locally, giving you a chance to explore GenAI APIs and capabilities.

Read more