All Posts

A thumbnail image

Secure env secrets with XSOPS, SOPS, GPG, Yubikey and Azure Key Vault

AI coding agents have improved a lot lately and I use them more and more in autonomous mode to help with coding tasks. While this is a great productivity booster, it also raises security concerns, especially when it comes to managing application secrets like API keys, database credentials, and other sensitive information, as the agents might inadvertently expose these secrets in logs or code snippets or in calls home to their servers.

Dec 5, 2025 - 17 min read
A thumbnail image

Test driven development for Infrastructure as Code using Pulumi and Jest

I was always looking for ways to apply TDD while doing Infrastructure as Code development. Especially when developing a library of reusable components and the code base increases, regressions become inevitable without proper test coverage.

Oct 24, 2021 - 6 min read