Signed monorepo releases using GitHub Workflows
Replacing 150 lines of GPG shell with GitHub-signed commits to satellite repos: zero private keys on the runner, via createCommitOnBranch and a custom Action.
Read →Writing
I write about the things I work on and build: system design and reliability, infrastructure as code, security and secrets, Go and Java, and the occasional take on engineering teams and careers. 44 articles so far — most are also on Medium, but this is home.
-
-
Designing Security Policies for dotsecenv
A long weekend, a SUID dead end, and the simpler design that shipped.
Read → -
Why Your .env Secrets Shouldn't Be Plaintext on Disk
Why plaintext .env files are a prime target for supply-chain attacks, and how dotsecenv keeps developer secrets encrypted at rest with GPG.
Read → -
DuckDB: The Rising Star in the Big Data Landscape
Why DuckDB, an in-process SQL OLAP database, is reshaping fast local data analysis, and where it fits in the modern big data stack.
Read → -
The delicate art of ownership: projects are like eggs — a metaphor
A short metaphor for project ownership: getting work done to the finish is like carrying two baskets of eggs — balance the load, ask for help, and not every egg hatches.
Read → -
Discover DevContainers: Revolutionize Your Development Workflow with Reproducible Environments!
DevContainers let you define your development environment as code with Docker and VS Code. A step-by-step guide to building your own reproducible setup.
Read → -
Secure Services With Let’s Encrypt SSL/TLS Certificates Using DNS-01 Challenges
Issuing and renewing Let’s Encrypt SSL/TLS certificates with the DNS-01 challenge in Go, for services that cannot expose HTTP, using Cloudflare DNS and certmagic.
Read → -
Google Cloud Keyless Authentication in GitHub Actions
Authenticate to Google Cloud from GitHub Actions without long-lived service account keys, using OIDC and Workload Identity Federation, in five steps.
Read → -
Deploy and configure Google Compute Engine VMs with Terraform
A step-by-step Terraform walkthrough for provisioning Google Compute Engine VMs: SSH keys, cloud-init, IPv6, static IPs, and reverse DNS.
Read → -
Simple scheduled workloads using Google Cloud
A short tutorial on scheduling workloads using Infrastructure-as-Code with GCP, Docker, and Terraform
Read → -
Balancing best practices when your time is limited
The key to shipping toy projects is to choose the most impactful best-practices that will save you time and pain in the future.
Read → -
Build products, skip the non-functional requirements
I asked myself, am I overengineering my pet projects? Are you!?
Read → -
Aiming for object-oriented design elegance
Figuring out a design that is a joy to use in production.
Read → -
Subscribing to concurrent property updates
Dealing with update events while the underlying value is concurrently and repeatedly updated.
Read → -
Microbenchmarking Java code with JMH
Setting up the JMH Gradle plugin and writing your first micro-benchmark
Read → -
An update on efficient multi-layered key ownership
Digging deeper into the algorithms required to establish key ownership and efficiently retrieve values in a concurrent application!
Read → -
Hosting my site on Vercel
I moved my site from Gatsby Cloud to Vercel. Read the instructions and how to configure a NodeJS version for the build step.
Read → -
System Design goal: efficient property reads from multiple sources
Choosing the right component design and data structures for reading and selecting a property's effective value, thread-safe.
Read → -
Create a new open-source Java project using the Gradle build tool
How to set up a brand new Java project using Gradle
Read → -
Designing a library for reading layered application settings in Java
A series about writing a Java library for layering properties from multiple sources and allowing clients to efficiently receive updates.
Read → -
Crossposting articles from Gatsby to Medium, Dev.to, and Hashnode
Syndicate your content to other sites to increase your audience and engage more people.
Read → -
Configuring social sharing cards in GatsbyJS
Set up social sharing cards for your site to have your pages nicely displayed when shared on social media.
Read → -
Debugging social sharing cards
I figured out why the social sharing cards on my site stopped working and then I fixed the problem.
Read → -
Reverse a singly linked list
Given a reference to the head of a singly linked list, reverse it and return a reference to the head of the reversed list.
Read → -
My personal site (version 1.0)
Reflecting on building my personal site from scratch, in my spare time, over the past couple of months.
Read → -
Setting up path redirects in GatsbyJS
Permanently redirect paths in Gatsby, but also Netlify, by defining rules in a _redirect file.
Read → -
Search Engine Optimization with GatsbyJS
An introductory tutorial about Seach Engine Optimization (SEO) in Gatsby
Read → -
Blogging with GatsbyJS
How to blog on GatsbyJS for any audience, using Remark, Prism, and other plugins
Read → -
Dynamic page generation in GatsbyJS
Avoid copy-pasting HTML in favor of using layouts, components, and GraphQL variables!
Read → -
Sum of two elements (2sum)
Given an array of integers and an integer target, return indices of the two numbers such that they add up to the target.
Read → -
Building a newsletter with ConvertKit
I am building an email list and starting a newsletter. I chose ConvertKit because it's made by Indie Hackers for...
Read → -
Privacy-friendly analytics in GatsbyJS
I set up my Gatsby site to only track users who want to be tracked, using a cookie consent banner to ask for their permission...
Read → -
Poll: what tech do you use to build personal sites in 2021?
I paid for advertising to see what tech stack people use in 2021. Here are the results...
Read → -
Great web design as a software engineer with TailwindUI
As a software developer, creating good web design is not one of my core skills. TailwindUI changed all that for me. Read more to find out why...
Read → -
Building my site with GatsbyJS and TailwindCSS
Setting up a simple responsive website with Gatsby, Tailwind, and Remark.
Read → -
Structured Data for the Semantic Web with JSON-LD
How to add semantic data to your web site's articles with JSON for Linking Data (JSON+LD).
Read → -
A guide to full stack development
What are all the skils required to excel at full stack development?
Read → -
The Software Engineering Generalist
What does it mean to be a generalist and how can you become one?
Read → -
Why do I write?
My motivation behind setting up a personal site and writing about software engineering
Read → -
Building a personal site in 2021
Read about my journey to building a personal site, from scratch, in 2021
Read → -
Fix your resume, get that dream job!
Two common tech-resume mistakes I see when reviewing them — keyword stuffing and listing responsibilities instead of measurable accomplishments — and how to fix both.
Read → -
What makes a successful engineer?
Soft-skills observations from a career in software engineering and management: curiosity, quality, trust, feedback, ownership, communication, mentorship, and more.
Read → -
Thoughts on Manager READMEs
I researched manager READMEs, wrote one for myself, and decided not to publish it. A reflection on self-serving documents versus building real manager-report relationships.
Read → -
Become a Certified Kubernetes Application Developer (CKAD)
How I studied for and passed the Certified Kubernetes Application Developer (CKAD) exam — motivation, study plan, practical kubectl skills, and exam-day tips.
Read →