Running a Terraform Workflow in GitHub with Slack Notifications

March 11, 2025 - Patrick Kerwood

Automating infrastructure deployments using Terraform and GitHub Actions is a common practice. In this post, we’ll walk through setting up a Terraform workflow in GitHub that runs a Terraform Plan and sends a Slack notification with the diff whenever there are changes detected.

Read More

Traefik v3 Configuration with Let's Encrypt

March 5, 2025 - Patrick Kerwood

In this post, we’ll walk through setting up Traefik as an application proxy with Docker Compose, including automatic provisioning of Let's Encrypt TLS certificates via HTTP and DNS validation.

Read More

Confluence Updater

February 2, 2025 - Patrick Kerwood

If you prefer keeping your documentation in Git, love writing in Markdown, but need to publish it in Confluence, Confluence Updater is the perfect solution. This tool allows you to set up a CI/CD pipeline that automatically converts Markdown to HTML and uploads it to Confluence Cloud whenever changes are made.

Read More

Using multiple SSH keys for Github

December 26, 2024 - Patrick Kerwood

If you use GitHub, you likely rely on an SSH key to clone repositories and sign commits. However, when working with a GitHub Enterprise-managed account, you must set up a separate SSH key because the same key cannot be shared across different accounts. This guide will show you how to create and configure a new SSH key for a second account. Additionally, you'll learn how to configure Git to automatically apply specific settings for repositories that match certain URL patterns.

Read More

Setting up Workload Identity Federation in Google Cloud for Github pipelines

June 6, 2024 - Patrick Kerwood

Setting up authentication for pushing images to Google Artifact Registry from a Github pipeline is usually done by creating a static, forever valid, credential file for at service account, which will probably never be rotated. An alternative to that is to use Workload Identity Federation to exchange a Github issued JWT token with a Google token and use that for authentication.

Read More

Creating a bash script with commandline arguments

May 5, 2024 - Patrick Kerwood

When creating a good bash script for others to use, it's important to create a good user experience. Creating good usage arguments makes all the differnce and really makes your script look proffesional instead of just a list of commands bunced together in a file.

Read More

Local Development With Mirrord

November 30, 2023 - Patrick Kerwood

With Mirrord you can intercept traffic for your pods in your Kubernetes cluster, which allows you to develop your application locally as if it was deployed in your cluster. Utilizing the pods network, environment or even the filesystem. In this post I will be writing some examples that I personally use.

Read More

Creating Kubernetes CRDs with Rust

June 19, 2023 - Patrick Kerwood

You can extend Kubernetes with your own custom objects, but before you can do that you will need create a Custom Resource Definition so that Kubernetes knows what the object is allowed to look like. In this post I will create a very simple Kubernetes CRD for a Book kind using Rust and kube-rs.

Read More

Setup Google Cloud Workload Identity in GKE

June 6, 2023 - Patrick Kerwood

Using a Google service account in your GKE cluster is easy, just create the credential file, apply it as a secret and it's ready for use. But now you have a long lived credential that, if compromised, can be used from anywhere any time. Instead you can use a Kubernetes service account and Google Workload Identity to authenticate to Google Cloud. No need for credential files anymore.

Read More

Signing a Certificate with a CA

April 14, 2023 - Patrick Kerwood

In this post I will use OpenSSL to create a Certificate Authority key pair, a certificate private key with a Certificate Signing Request with Subject Alternate Names and lastly I will sign the CSR with the CA.

Read More