Continuing a trend started way back in the seventh post on this blog, a summary of the books that I read this year.

In the spirit of one of my favourite books - Seven Languages In Seven Weeks - I’ve been working through this year’s Advent of Code in Zig, a “general-purpose programming language and toolchain for maintaining robust, optimal, and reusable software”¹.

A real quick blog post just to record a useful technique I just discovered that I’ll want to have a record for in the future - if inserting into a Postgres table, so long as you’re on >9.5, you can upsert-and-overwrite with the following syntax:

Just a quick one to note that, following instructions on this article, I’ve added a meta tag to posts from this blog (<meta name="fediverse:creator" content="[email protected]" />¹) which should, hopefully, result in attribution when articles are shared on Mastodon (and apparently Discord too 🤷🏻‍♂️).

I’ve fallen out of the habit of blogging, recently, due to some personal/family stuff going down. In an effort to kickstart that process again, I’m taking on a smaller task that requires significantly less effortful thought - a rudimentary “Uses” page, inspired by the general practice of listing the stuff™️ used.

I just set up a step in my publication pipeline to automatically post on Mastodon when I publish a new blog post.

In my previous post, I had figured out how to inject Vault secrets into Kubernetes Secrets using the Vault Secrets Operator. My runthrough of the walkthrough worked, but I swiftly ran into namespacing issues when trying to use it “in production”.

A helpful pattern in testing is to take some cleanup action only if the test passes/fails. For instance, for a test which interacts with an on-filesystem database, the database should be deleted if the test passes, but it should stick around if the test fails so that the developer can examine it and debug.

Continuing my recent efforts to make authentication on my homelab cluster more “joined-up” and automated, this weekend I dug into linking Vault to Kubernetes so that pods could authenticate via shared secrets without me having to manually create the secrets in Kubernetes.

Setting up regular backup for my Keycloak installation was a lot trickier than I expected!