It's been a while since I've posted, and I generally post about things I've learned / have helped me in my day to day role. This is a quick blog post about easily decoding base64 encoded secrets in kubernetes, using Kubectl and jq. Before diving into decoding Kubernetes secrets, let's set

CVE's. Gamified? Maybe. Useful? Maybe. Fast-becoming-too-complex to manage? I think so. But. This is currently one of the best ways of unified reporting & alerting of vulnerabilities to a wide audience. There's certainly room for improvement. Recently, I got an inside view on the process. My current ${DAY_JOB} is heavily

Last weekend, we traveled to the Alpine town of Garmisch, explored the beautiful Neuschwanstein Castle, and on our return trip to Stuttgart, visited the Dachau memorial. Words cannot express what we experienced while walking through the memorial site. The utter disregard for humanity. The engineered, optimized methodology for corralling, oppressing,

Hi there! So. You're running Open Shift Container Platform 4.12+ and you're wanting to deploy that shiny new Red Hat Keycloak Operator (v22) and set up Oauth from Keycloak into Open Shift. How do you deploy Keycloak as an IDP for Open Shift? The magic words being "Configure Keycloak

Ok, this is a very highly specific post - but I hope it is useful for that sysadmin who's tearing their hair out trying to figure out wtf is going on with smtp failing with a vague error message. Recently, I was configuring a Postfix SMTP relay on a FIPS140-2

Those of you who've been following my sporadic social media postings will know that the BadgerFam moved to Germany last summer. I'm doing some work for some people that involves a lot of yaml, stiggin', bare metal -> openshift, fips, fapolicyd, selinux and much more fun. I'll let you draw