Security scanning of your code with Trivy
Security vulnerabilities in your codebase need to be dealt with. Trivy is an open source tool that is straightforward to set up.
Automate Let's Encrypt certificates with the Caddy web server
I was setting up a small internal network with a few hosted services and I wanted these services to route through virtual hosts so I could start configuring some good semantic host names for each of these services. Naturally, these services also needed to be delivered over https with trusted certificates.
Under the covers of SOPS for codifying CI/CD and IaC secrets
SOPS (Secrets OPerationS) is a command line tool that encrypts and decrypts files in a way that allows you to codify CI/CD and dev processes that require secrets. In an encrypted form, secrets can be stored in a Git repository, with appropriate access control, in the knowledge that it is hard to decrypt the secrets without the authorisation to decrypt. Codifying of secrets and SOPS tooling, helps make rotation of secrets easier, and hence encourages us to become better at timely rotations, in turn de-risking exposure of historical secrets.