2026-06-13
Keyless GCP Secrets in GitHub Actions: Workload Identity, Scoped to One Secret
Drop the service-account JSON key. Federate GitHub Actions into GCP with OIDC, then scope the service account to read one named secret — not the whole project.
9 min2026-06-13Serving a Next.js Static Site on Cloudflare (Like This One)
A Next.js static export on Cloudflare is fast, free, and has no server to patch — the whole setup, MDX to Terraform, in a clonable starter repo.
10 min2021-06-15SUSE Cloud Native Foundations: My Study Notes
Structured study notes from the SUSE Cloud Native Foundations scholarship. Covers cloud native design, Docker, Kubernetes basics, and open source PaaS.
14 min