Configure Git to Sign All Your Commits with GPG (Step‑by‑Step) Signing your commits proves they came from you and haven’t been altered. Many teams now require signed commits to protect their supply chain. In this guide you’ll generate a GPG key, configure Git to sign every commit and tag, upload your public key to GitHub/GitLab/Bitbucket […]
Ensuring our Terraform modules are well-documented is a key part of our development process. But, let’s be honest, keeping docs up-to-date is a tedious task! Luckily, there’s an efficient tool out there that makes the process simpler and quicker – terraform-docs! Terraform-docs is an open-source, cross-platform tool, that can automatically generate comprehensive documentation for your
When I sit down to craft a Terraform module, I ask myself how future me—and the teams inheriting my code—will reason about every decision. I remind myself to start with clarity, keep security opinionated but flexible, and prove the workflow end to end before anyone else runs terraform apply. I literally keep a checklist on
A practical reference from first contact to writing your own modules Table of Contents What Ansible Is and How It Thinks Ansible is: Key properties: A mental model: Ansible Architecture At a high level: Key components: Installing and Setting Up Ansible On Linux Most common: Or from your package manager (versions may lag): On macOS
Repository: https://github.com/SalehElnagar/azure-terraform-conventions This article walks through how to think about Azure naming conventions and how to turn those decisions into code using the azure-terraform-conventions GitHub repository. That repo contains: The goal is not “just use whatever the repo does”. The goal is: capture your organization’s naming decisions once, codify them with this library, and then
Ingress migrations are rarely “just routing.” They’re one of the few moments where you’re forced to touch the edge, which means you can also fix the stuff that quietly rots over time: The core move is simple: Don’t migrate YAML → YAML. Migrate to a desired state — and encode that state as Terraform. This
Signing your commits proves they came from you and haven’t been altered. Many organizations require signed commits to protect their supply chain. This step-by-step guide walks you through generating a GPG signing key, configuring Git to sign every commit and tag, uploading your public key to popular Git hosting services (GitHub, GitLab, Bitbucket), and troubleshooting
Master Azure Artifacts packaging, retention, and governance to empower hybrid DevSecOps teams shipping from monorepos, microservices, and data science workloads. Why Azure Artifacts Matters Azure Artifacts provides a first-party, enterprise-grade package management service within the Azure DevOps ecosystem. It supports multi-format feeds (NuGet, npm, Maven, PyPI, Universal Packages) with integrated build automation, permissions, and compliance
In global enterprises, the Azure Virtual WAN (VWAN) enterprise fabric is no longer a purely network-engineering effort. The DevOps engineer has become the connective tissue that translates intent into approved designs, reproducible infrastructure, and validated operations. This article dives deep into why their contributions inside design sessions are vital, and how a single DevOps leader
Reusable workflows enable security platform teams to codify guardrails once and roll them out to every repository. This article walks through building a multi-stage pipeline where security controls move as code, not documentation. Architectural Pattern Producer Repo Hosts versioned reusable workflows (.github/workflows/*.yml) that encapsulate validation, testing, and deployment steps with security baked in. Consumer Repos