Running a Terraform Workflow in GitHub with Slack Notifications
March 11, 2025 - Patrick KerwoodAutomating infrastructure deployments using Terraform and GitHub Actions is a common practice. In this post, we’ll walk through setting up a Terraform workflow in GitHub that runs a Terraform Plan and sends a Slack notification with the diff whenever there are changes detected.
Read MoreTraefik v3 Configuration with Let's Encrypt
March 5, 2025 - Patrick KerwoodIn this post, we’ll walk through setting up Traefik as an application proxy with Docker Compose, including automatic provisioning of Let's Encrypt TLS certificates via HTTP and DNS validation.
Read MoreConfluence Updater
February 2, 2025 - Patrick KerwoodIf you prefer keeping your documentation in Git, love writing in Markdown, but need to publish it in Confluence, Confluence Updater is the perfect solution. This tool allows you to set up a CI/CD pipeline that automatically converts Markdown to HTML and uploads it to Confluence Cloud whenever changes are made.
Read MoreUsing multiple SSH keys for Github
December 26, 2024 - Patrick KerwoodIf you use GitHub, you likely rely on an SSH key to clone repositories and sign commits. However, when working with a GitHub Enterprise-managed account, you must set up a separate SSH key because the same key cannot be shared across different accounts. This guide will show you how to create and configure a new SSH key for a second account. Additionally, you'll learn how to configure Git to automatically apply specific settings for repositories that match certain URL patterns.
Read MoreSetting up Workload Identity Federation in Google Cloud for Github pipelines
June 6, 2024 - Patrick KerwoodSetting up authentication for pushing images to Google Artifact Registry from a Github pipeline is usually done by creating a static, forever valid, credential file for at service account, which will probably never be rotated. An alternative to that is to use Workload Identity Federation to exchange a Github issued JWT token with a Google token and use that for authentication.
Read MoreCreating a bash script with commandline arguments
May 5, 2024 - Patrick KerwoodWhen creating a good bash script for others to use, it's important to create a good user experience. Creating good usage arguments makes all the differnce and really makes your script look proffesional instead of just a list of commands bunced together in a file.
Read MoreLocal Development With Mirrord
November 30, 2023 - Patrick KerwoodWith Mirrord you can intercept traffic for your pods in your Kubernetes cluster, which allows you to develop your application locally as if it was deployed in your cluster. Utilizing the pods network, environment or even the filesystem. In this post I will be writing some examples that I personally use.
Read MoreCreating Kubernetes CRDs with Rust
June 19, 2023 - Patrick KerwoodYou can extend Kubernetes with your own custom objects, but before you can do that you will need create a Custom Resource Definition so that Kubernetes knows what the object is allowed to look like. In this post I will create a very simple Kubernetes CRD for a Book kind using Rust and kube-rs.
Read MoreSetup Google Cloud Workload Identity in GKE
June 6, 2023 - Patrick KerwoodUsing a Google service account in your GKE cluster is easy, just create the credential file, apply it as a secret and it's ready for use. But now you have a long lived credential that, if compromised, can be used from anywhere any time. Instead you can use a Kubernetes service account and Google Workload Identity to authenticate to Google Cloud. No need for credential files anymore.
Read MoreSigning a Certificate with a CA
April 14, 2023 - Patrick KerwoodIn this post I will use OpenSSL to create a Certificate Authority key pair, a certificate private key with a Certificate Signing Request with Subject Alternate Names and lastly I will sign the CSR with the CA.
Read More