DevOps

After building CI/CD pipelines with GitLab CI, Jenkins, and GitHub Actions for years, I thought deployment was just another pipeline step. Then Flux CD showed me the fundamental difference between Push and Pull models—and solved problems I didn't even know I had.

Encountering 'nginx.ingress.kubernetes.io/server-snippet annotation cannot be used' errors after upgrading ingress-nginx? Here's how to fix the breaking changes in version 1.9 with proper Helm configuration and security considerations.

从 "by user" 到 "by client" 架构的演进过程。深入分析 Sealbox 多客户端架构设计中的技术权衡，探讨零信任安全模型、Envelope Encryption 实践，以及如何在团队协作与安全性之间找到平衡点。

How we evolved from "by user" to "by client" architecture in Sealbox. A deep dive into the technical tradeoffs of zero-trust security models, Envelope Encryption implementation, and balancing team collaboration with security in secret management systems.

Deployed your Astro site on Cloudflare Pages only to discover mysterious 308 redirects killing your SEO? I spent hours chasing the wrong solution. Here's what actually fixes the trailing slash problem and why Astro's trailingSlash config won't help you.

After struggling with HashiCorp Vault's complexity for a simple API key storage task, I built Sealbox—a lightweight, single-binary secret manager in Rust with end-to-end encryption, SQLite storage, and zero cloud dependencies. Here's the story and technical decisions behind it.