Configure Git to Sign All Your Commits with GPG (Step‑by‑Step) Signing your commits proves they came from you and haven’t been altered. Many teams now require signed commits to protect their supply chain. In this guide you’ll generate a GPG key, configure Git to sign every commit and tag, upload your public key to GitHub/GitLab/Bitbucket […]
Ensuring our Terraform modules are well-documented is a key part of our development process. But, let’s be honest, keeping docs up-to-date is a tedious task! Luckily, there’s an efficient tool out there that makes the process simpler and quicker – terraform-docs! Terraform-docs is an open-source, cross-platform tool, that can automatically generate comprehensive documentation for your
When I sit down to craft a Terraform module, I ask myself how future me—and the teams inheriting my code—will reason about every decision. I remind myself to start with clarity, keep security opinionated but flexible, and prove the workflow end to end before anyone else runs terraform apply. I literally keep a checklist on
Ingress migrations aren’t just networking—they’re chances to raise the security bar without slowing delivery. Here’s the playbook that worked for us moving from NGINX Ingress to Azure Application Gateway (AGIC), with Azure Front Door at the outer edge. 1) Mirror before you moveList exactly what your current edge does: TLS versions, HSTS, CORS allowlist, request/body
Signing your commits proves they came from you and haven’t been altered. Many organizations require signed commits to protect their supply chain. This step-by-step guide walks you through generating a GPG signing key, configuring Git to sign every commit and tag, uploading your public key to popular Git hosting services (GitHub, GitLab, Bitbucket), and troubleshooting
You know, when I first started using Terraform and Infrastructure as Code, I honestly didn’t realize how crucial static code analysis could be. At the time, I was more focused on just getting things deployed quickly and keeping costs down. But as our infrastructure got bigger, I started noticing all sorts of weird issues—misconfigured resources,
Master Azure Artifacts packaging, retention, and governance to empower hybrid DevSecOps teams shipping from monorepos, microservices, and data science workloads. Why Azure Artifacts Matters Azure Artifacts provides a first-party, enterprise-grade package management service within the Azure DevOps ecosystem. It supports multi-format feeds (NuGet, npm, Maven, PyPI, Universal Packages) with integrated build automation, permissions, and compliance
In global enterprises, the Azure Virtual WAN (VWAN) enterprise fabric is no longer a purely network-engineering effort. The DevOps engineer has become the connective tissue that translates intent into approved designs, reproducible infrastructure, and validated operations. This article dives deep into why their contributions inside design sessions are vital, and how a single DevOps leader
Reusable workflows enable security platform teams to codify guardrails once and roll them out to every repository. This article walks through building a multi-stage pipeline where security controls move as code, not documentation. Architectural Pattern Producer Repo Hosts versioned reusable workflows (.github/workflows/*.yml) that encapsulate validation, testing, and deployment steps with security baked in. Consumer Repos
A practical reference from first contact to writing your own modules Table of Contents What Ansible Is and How It Thinks Ansible is: Key properties: A mental model: Ansible Architecture At a high level: Key components: Installing and Setting Up Ansible On Linux Most common: Or from your package manager (versions may lag): On macOS