SealedSecrets: Storing Secrets in Git Without the Risk
How SealedSecrets lets you commit encrypted secrets to Git safely, why the real risk is losing the controller's private key, and how to back it up.
7 posts
How SealedSecrets lets you commit encrypted secrets to Git safely, why the real risk is losing the controller's private key, and how to back it up.
Moving beyond the happy path of Kubernetes policy enforcement. Real-world Kyverno pitfalls, mutation loops, and the gap between docs and production.
Don't let invalid manifests break your GitOps pipeline. Learn how to use kubeconform and Kyverno exclusions to catch errors before they hit production.
How to back up and recover SealedSecrets encryption keys in Kubernetes
Stop manual applies. Learn how to build a production-ready CI/CD pipeline for your infrastructure using OpenTofu and GitHub Actions.
How the ArgoCD app-of-apps pattern brings real GitOps discipline to homelab Kubernetes — repo structure, examples, and what I'd do differently.
How I built a multi-node Proxmox cluster running Kubernetes with GPU passthrough, GitOps, and dozens of services — and what broke along the way.