← All posts

#devops

11 posts

Infrastructure testing — why your Terraform plan is not a test

Terraform plan tells you what will change. It doesn't tell you if the change is correct. Real infrastructure testing requires real assertions.

iactestingopentofudevops

Azure DevOps Pipelines — the parts they don't document

The official docs cover the happy path. Here's what I learned from the edge cases: conditional stages, variable group scoping, and service connection gotchas.

azure-devopsci-cddevopspipelines

The CI/CD pipeline nobody maintains — why pipeline-as-code needs ownership

Pipeline YAML is code. It has bugs, tech debt, and dependencies. But nobody owns it, so it rots in place until something breaks at 2 AM.

ci-cddevopsplatform-engineeringculture

Your cluster is not as secure as you think — common K8s security gaps

Default Kubernetes is designed for convenience, not security. Most clusters have the same five gaps, and most teams don't know until something breaks.

securitykuberneteshardeningdevops

When AI-generated YAML breaks production — lessons from real failures

AI-generated infrastructure code looks correct. It passes linting. Then it breaks in ways you didn't think to test for. Three failures I learned from.

aidevopsyamllessons-learned

Prompt engineering for infrastructure — what works and what doesn't

Most prompt engineering advice assumes you're writing marketing copy. Infrastructure prompts have different failure modes, and the patterns that work are counterintuitive.

aiprompt-engineeringdevopsclaude-code

The platform engineer's job is to delete toil, not build portals

Platform engineering got hijacked by portal builders. The actual job is making repetitive work disappear, not putting a UI on top of it.

platform-engineeringdevopsautomation

GitOps is not about Git

Most teams adopt GitOps and end up with git-flavored CI/CD. The part that actually matters is the reconciliation loop, not the repo.

gitopsfluxcdplatform-engineeringdevops

AI won't replace your pipeline — it will replace your patience

Senior DevOps engineers spend most of their time reviewing YAML, not writing it. AI is starting to change that, and the shift matters more than the hype suggests.

aidevopsautomationclaude-code

Your homelab is your best interview

Running production-grade infrastructure at home taught me more about DevOps than any certification prep course. Here's why I think every engineer should try it.

homelabcareerdevopskubernetes

Zero secrets in pipelines — and why most teams still get this wrong

Stored credentials in CI/CD pipelines are a liability. How Azure Workload Identity federation eliminates the most common secret management failure.

securityazureci-cdworkload-identitydevops

Rico Twesten-Weber

Principal DevOps Engineer. I build platforms that run themselves, and write about DevOps and AI.

Explore

Connect

© 2026 Rico Twesten-Weber Impressum Datenschutz