Ken Muse

It was time for another update to my site’s functionality. I needed to improve the experience for both my visitors and Google. With a few changes to the Hugo template and some tweaks to my approach, I was able to add some new features to make it easier to know when I’m speaking. Introducing an updated speaking calendar!

With the rise of OIDC, we no longer need to rely on secret keys or passwords to connect two services together. Instead, we can configure a trust relationship between the services and use that to securely request tokens for accessing resources. Adopting this approach can simplify things, but it can be scary for security teams and developers; they want to understand what makes this process work. In this post, walk through what’s happening under the covers.

It can be challenging too understand the differences between Azure DevOps and GitHub Actions. Sometimes, what you really need is a mapping of the features and terminology. Perhaps something annotated with how to support features that don’t have a direct equivalent. Perhaps something like this …

I like having my SSH commit signing automatically configured. In a previous article, I discussed how you can do this using your dotfiles repository. If you want to add support for reading the SSH keys from 1Password, then there are just a few more things you need to know.

I’ve seen lots of teams trying to increase the availability of GitHub runners for their organization by implementing GitHub Actions Runner Controller (ARC). In some cases, they hope to try to exceed GitHub’s 99.9% SLA. Unfortunately, the math works against them. In this post, I’ll explain why.