Skip to content

Tag: devops

All the articles with the tag "devops".

Stop Living Dangerously on :latest Docker

Stop Living Dangerously on :latest Docker

· Updated:

Using :latest in production is a ticking time bomb. Pin your Docker image versions or watch a surprise update break everything at 2 AM.

Understanding PostgreSQL Connection URIs

Understanding PostgreSQL Connection URIs

· Updated:

Decode the postgresql:// connection string — host, port, database, SSL mode, and the gotchas that cause connection refused at deploy time.

Garden vs Tilt vs Skaffold

Garden vs Tilt vs Skaffold

Three inner-loop dev tools for Kubernetes — Garden, Tilt, and Skaffold. Which one actually makes K8s development bearable? Honest comparison, no fluff.

Compose Watch: Faster Dev Loops

Compose Watch: Faster Dev Loops

Docker Compose Watch syncs your code into running containers without rebuilds. Here's how to set it up and why your dev loop is about to get a lot less painful.

ko vs Jib vs Buildpacks

ko vs Jib vs Buildpacks

Build container images without writing a single Dockerfile — ko for Go, Jib for Java, Paketo Buildpacks for everything else. Real benchmarks, real tradeoffs.

Cosign Keyless: Sign Without Keys

Cosign Keyless: Sign Without Keys

Cosign keyless signing uses GitHub OIDC + Fulcio + Rekor to sign container images without managing private keys. Here's how it actually works and why you want it.

Docker Bake vs Compose Build

Docker Bake vs Compose Build

Orchestrating multi-image Docker builds: docker buildx bake vs compose build, matrix targets, multi-arch, caching, and when each one actually wins.

Nerdctl vs Docker CLI

Nerdctl vs Docker CLI

nerdctl is the containerd-native docker CLI replacement — when it's a drop-in, when it's not, and why you'd bother switching at all.

Trivy vs Grype vs Docker Scout

Trivy vs Grype vs Docker Scout

Trivy, Grype, and Docker Scout go head-to-head on speed, CVE coverage, CI integration, and cost. Pick the right scanner for your home lab or pipeline.