Tech Notes
Notes on tech, programming, and DevSecOps for the modern developer
Latest Posts
Deploying to GitHub Pages with GitHub Actions: Beyond the Defaults
The default GitHub Pages workflow skips caching, leaks artifacts, and has no deployment gate — this post rebuilds it from scratch with OIDC authentication, npm caching, and a reviewer-gated GitHub Environment.
GitHub Actions: Reusable Workflows vs. Composite Actions — Know the Difference
Reusable workflows and composite actions solve different problems — understand the secret-passing rules, matrix scoping, and status-check semantics before you pick one.
GitHub Advanced Security: What You Get and How to Use It
GitHub Advanced Security provides integrated tools like secret scanning, dependency review, and security dashboards to help DevSecOps teams embed proactive security checks into their development and CI/CD workflows.
DevSecOps Metrics That Matter: What to Measure, How to Track It in GitHub, and Why It Matters
Learn the essential DevSecOps metrics, how to track them using GitHub APIs and workflows, and why they matter for balancing speed, security, and reliability.
DevOps Culture: What It Is, Why It Exists, and Why It Matters
DevOps culture prioritizes collaboration and shared responsibility over tools and automation. Learn why cultural transformation is essential for faster delivery, better quality, and sustainable software development practices.
CodeQL Deep Dive: Static Analysis for DevSecOps Engineers
Master CodeQL's query-based static analysis by treating your codebase as a database. Learn to write custom queries, integrate with CI/CD pipelines, and detect vulnerabilities with precision.
Shift Left Without Slowing Down: DevSecOps Pipeline Design
Learn how to securely manage secrets on GitHub using secret scanning, environment variables, and best practices to prevent credential leaks and security breaches.
Security as Code with GitHub Actions: Automating DevSecOps
Learn how to implement Security as Code using GitHub Actions. Explore reusable workflows, Marketplace integrations, matrix builds, and best practices for embedding security into CI/CD pipelines.
Secrets Management on GitHub: Best Practices and Pitfalls
Learn how to securely manage secrets on GitHub using secret scanning, environment variables, and best practices to prevent credential leaks and security breaches.
Getting Started with Eleventy
Eleventy is a simpler static site generator. Learn why it's great for building fast, modern websites and how to get started with your first project.
5 Tailwind CSS Tips for Better Productivity
Boost your productivity with these practical Tailwind CSS tips and tricks. Learn how to write cleaner, more maintainable utility-first CSS.
Why GitHub is the DevSecOps Platform of Choice
Why GitHub is a strong platform choice for DevSecOps teams - built-in automation, native security tooling, and auditability.