Adrian Mouat
@adrianmouat.com
Technical community advocate at Chainguard. Bad guitarist. He/him.
Pinned
Adrian Mouat
@adrianmouat.com
· Apr 11
Want to see how secure your container images are? Try out the CHPs scorer. Here's a run on an example Python project that's pretty typical of what you find in the wild.
There was a recent post that hit Hacker News about a server getting hacked and running Monero.
blog.jakesaunders.dev/my-server-st...
I wanted to call out a few points...
blog.jakesaunders.dev/my-server-st...
I wanted to call out a few points...
I got hacked, my server started mining Monero this morning.
I got hacked, my server started mining Monero this morning.
blog.jakesaunders.dev
December 24, 2025 at 10:00 AM
There was a recent post that hit Hacker News about a server getting hacked and running Monero.
blog.jakesaunders.dev/my-server-st...
I wanted to call out a few points...
blog.jakesaunders.dev/my-server-st...
I wanted to call out a few points...
Reposted by Adrian Mouat
via The New Yorker, Ellis Rosen cartoon
December 23, 2025 at 5:31 AM
via The New Yorker, Ellis Rosen cartoon
We've just added support for "Custom Certificates" to @chainguard.dev's Custom Assembly tool.
This means you can provide us with your org's public certs and we will build them into your images. Simple, but it saves a massive amount of time and resources for our customers.
tinyurl.com/vkwvsjsa
This means you can provide us with your org's public certs and we will build them into your images. Simple, but it saves a massive amount of time and resources for our customers.
tinyurl.com/vkwvsjsa
Custom Certificates are now available in Custom Assembly
Custom Certificate support for Custom Assembly allows you to add your enterprise certificate authority certificates directly to Chainguard Containers
www.chainguard.dev
December 23, 2025 at 10:45 AM
We've just added support for "Custom Certificates" to @chainguard.dev's Custom Assembly tool.
This means you can provide us with your org's public certs and we will build them into your images. Simple, but it saves a massive amount of time and resources for our customers.
tinyurl.com/vkwvsjsa
This means you can provide us with your org's public certs and we will build them into your images. Simple, but it saves a massive amount of time and resources for our customers.
tinyurl.com/vkwvsjsa
If you're an AWS user, you can now get @chainguard.dev images directly from ECR.
So now you can get your secure, zero CVE images faster and with less networking costs.
You can try it out right away:
docker pull public.ecr.aws/chainguard/wolfi-base:latest
aws.amazon.com/blogs/contai...
So now you can get your secure, zero CVE images faster and with less networking costs.
You can try it out right away:
docker pull public.ecr.aws/chainguard/wolfi-base:latest
aws.amazon.com/blogs/contai...
Expanding container security and choice with Amazon ECR Public | Amazon Web Services
Today, we're excited to announce that Amazon ECR Public now offers Chainguard Wolfi Images—security-hardened, minimalist base container images that dramatically reduce vulnerabilities in your…
aws.amazon.com
December 22, 2025 at 1:59 PM
If you're an AWS user, you can now get @chainguard.dev images directly from ECR.
So now you can get your secure, zero CVE images faster and with less networking costs.
You can try it out right away:
docker pull public.ecr.aws/chainguard/wolfi-base:latest
aws.amazon.com/blogs/contai...
So now you can get your secure, zero CVE images faster and with less networking costs.
You can try it out right away:
docker pull public.ecr.aws/chainguard/wolfi-base:latest
aws.amazon.com/blogs/contai...
I have found the original inspiration for space invaders
December 22, 2025 at 1:06 PM
I have found the original inspiration for space invaders
Reposted by Adrian Mouat
Unpopular opinion:
Current code review tools just don’t make much sense for AI-generated code
When reviewing code I really want to know:
- The prompt made by the dev
- What corrections the other dev made to the code
- Clear marking of code AI-generated not changed by a human
Current code review tools just don’t make much sense for AI-generated code
When reviewing code I really want to know:
- The prompt made by the dev
- What corrections the other dev made to the code
- Clear marking of code AI-generated not changed by a human
December 14, 2025 at 2:24 PM
Unpopular opinion:
Current code review tools just don’t make much sense for AI-generated code
When reviewing code I really want to know:
- The prompt made by the dev
- What corrections the other dev made to the code
- Clear marking of code AI-generated not changed by a human
Current code review tools just don’t make much sense for AI-generated code
When reviewing code I really want to know:
- The prompt made by the dev
- What corrections the other dev made to the code
- Clear marking of code AI-generated not changed by a human
Top networking tip: do not plug both ends of an ethernet cable into the same switch.
December 14, 2025 at 3:25 PM
Top networking tip: do not plug both ends of an ethernet cable into the same switch.
"Any fool can write code that a computer can understand. Good programmers write code that humans can understand."
I stumbled across this quote from Refactoring by Martin Fowler when looking at dannorth.net/blog/cupid-f... by @tastapod.com .
I stumbled across this quote from Refactoring by Martin Fowler when looking at dannorth.net/blog/cupid-f... by @tastapod.com .
December 12, 2025 at 1:56 PM
"Any fool can write code that a computer can understand. Good programmers write code that humans can understand."
I stumbled across this quote from Refactoring by Martin Fowler when looking at dannorth.net/blog/cupid-f... by @tastapod.com .
I stumbled across this quote from Refactoring by Martin Fowler when looking at dannorth.net/blog/cupid-f... by @tastapod.com .
New video on updating container images with Renovate.
The demo uses the Renovate GitHub Action but pairs it with Octo-STS so you don't need to create a PAT.
www.youtube.com/watch?v=I0hW...
The demo uses the Renovate GitHub Action but pairs it with Octo-STS so you don't need to create a PAT.
www.youtube.com/watch?v=I0hW...
Updating Container Images with Renovate (and no PATs!)
YouTube video by Chainguard
www.youtube.com
December 11, 2025 at 5:53 PM
New video on updating container images with Renovate.
The demo uses the Renovate GitHub Action but pairs it with Octo-STS so you don't need to create a PAT.
www.youtube.com/watch?v=I0hW...
The demo uses the Renovate GitHub Action but pairs it with Octo-STS so you don't need to create a PAT.
www.youtube.com/watch?v=I0hW...
Just finished @nealstephenson.bsky.social's Baroque Cycle. I'm not a fast reader so it was a bit of an undertaking. Worth it though.
And in relation to recent news, it definitely has an ending and even goes some lengths to wrap up various story arcs. Infinite Jest it is not.
And in relation to recent news, it definitely has an ending and even goes some lengths to wrap up various story arcs. Infinite Jest it is not.
December 11, 2025 at 1:07 PM
Just finished @nealstephenson.bsky.social's Baroque Cycle. I'm not a fast reader so it was a bit of an undertaking. Worth it though.
And in relation to recent news, it definitely has an ending and even goes some lengths to wrap up various story arcs. Infinite Jest it is not.
And in relation to recent news, it definitely has an ending and even goes some lengths to wrap up various story arcs. Infinite Jest it is not.
Please remember a Lewis is for life, not just Xmas.
On the 12th day of Quizmas, my true love gave to me… 12 ugly sweaters and a Lewis Denham-Parry.
We’re giving away limited-edition Edera Holiday Sweaters. It’s punny. It’s festive. It's a-lotl.
How to enter:
1. Reshare this post
2. Register for Runtime Rumble: The Quizmas Clash
edera.link/vev5bsky
We’re giving away limited-edition Edera Holiday Sweaters. It’s punny. It’s festive. It's a-lotl.
How to enter:
1. Reshare this post
2. Register for Runtime Rumble: The Quizmas Clash
edera.link/vev5bsky
December 10, 2025 at 10:24 PM
Please remember a Lewis is for life, not just Xmas.
Reposted by Adrian Mouat
fucking bryan is both very, very good -- again -- and also funny, again. I especially dig the fact that building a solution is about trust built into the future. It's human thing.
December 9, 2025 at 4:18 PM
fucking bryan is both very, very good -- again -- and also funny, again. I especially dig the fact that building a solution is about trust built into the future. It's human thing.
Reposted by Adrian Mouat
I fucking love memes you can understand through the language barrier, holy shit
December 6, 2025 at 3:39 PM
I fucking love memes you can understand through the language barrier, holy shit
A f*"**ng tab just broke my GitHub action. Why do we still have these invisible battles 😭
December 2, 2025 at 1:16 PM
A f*"**ng tab just broke my GitHub action. Why do we still have these invisible battles 😭
What was Matthew's job again?
There was no state. Who does she think crucified him, an anarchist collective?
November 28, 2025 at 3:08 PM
What was Matthew's job again?
At a private event last week Bogomil Balkansky shared his thoughts on what he looks for when investing and advising companies.
The quote that stuck with me was "Velocity is the primary determinate of success for a company".
The quote that stuck with me was "Velocity is the primary determinate of success for a company".
November 28, 2025 at 11:03 AM
At a private event last week Bogomil Balkansky shared his thoughts on what he looks for when investing and advising companies.
The quote that stuck with me was "Velocity is the primary determinate of success for a company".
The quote that stuck with me was "Velocity is the primary determinate of success for a company".
Not sure if I can bear to watch this given that I nearly stopped the panel 10 minutes early 🫣
November 24, 2025 at 9:31 PM
Not sure if I can bear to watch this given that I nearly stopped the panel 10 minutes early 🫣
Reposted by Adrian Mouat
Videos for the talks I was a part of for KubeCon + CloudNativeCon NA 2025 have dropped!
youtu.be/VWi105l6tzs
youtu.be/VWi105l6tzs
Taming the Complexity Beast... Moderated by Katie Norton, Alex Zenla, Jason Hall & Jon Ceanfaglione
YouTube video by CNCF [Cloud Native Computing Foundation]
youtu.be
November 24, 2025 at 6:02 PM
Videos for the talks I was a part of for KubeCon + CloudNativeCon NA 2025 have dropped!
youtu.be/VWi105l6tzs
youtu.be/VWi105l6tzs
When I've had to explain what containers are in the past, I've often used this quote from @bcantrill.bsky.social
"Docker will do to apt what apt did to tar."
"Docker will do to apt what apt did to tar."
November 21, 2025 at 4:02 PM
When I've had to explain what containers are in the past, I've often used this quote from @bcantrill.bsky.social
"Docker will do to apt what apt did to tar."
"Docker will do to apt what apt did to tar."
What were everyone's favourite sessions from KubeCon last week?
I spent most of time on the booth and hallway track and I'm looking forward to catching up (at double speed!) when the videos come out.
#kubecon
I spent most of time on the booth and hallway track and I'm looking forward to catching up (at double speed!) when the videos come out.
#kubecon
November 19, 2025 at 9:44 PM
What were everyone's favourite sessions from KubeCon last week?
I spent most of time on the booth and hallway track and I'm looking forward to catching up (at double speed!) when the videos come out.
#kubecon
I spent most of time on the booth and hallway track and I'm looking forward to catching up (at double speed!) when the videos come out.
#kubecon
"Done right, vibe coding isn’t just about faster output, it’s about strengthening the code review muscle. "
@mattmoor.dev
@mattmoor.dev
November 18, 2025 at 8:27 PM
"Done right, vibe coding isn’t just about faster output, it’s about strengthening the code review muscle. "
@mattmoor.dev
@mattmoor.dev
For a few months now, @chainguard.dev have had "catalog pricing", which gives customers access to the entire container catalog. But until recently, requesting new images was a manual process. That all with the introduction of self-serve.
Chainguard's Self Serve Catalog
This video introduces Chainguard's self serve feature for catalog customers.About ChainguardFounded by the industry's leading experts on open source software...
www.youtube.com
November 17, 2025 at 11:10 PM
For a few months now, @chainguard.dev have had "catalog pricing", which gives customers access to the entire container catalog. But until recently, requesting new images was a manual process. That all with the introduction of self-serve.
Reposted by Adrian Mouat
Hey @strongjz.bsky.social our entire conversation was worth it for this headline...
November 14, 2025 at 6:08 PM
Hey @strongjz.bsky.social our entire conversation was worth it for this headline...
Reposted by Adrian Mouat
End of an era, watch your Ingress NGINX plans!
What are you replacing NGINX with?
What are you replacing NGINX with?
Ingress NGINX Retirement: What You Need to Know
To prioritize the safety and security of the ecosystem, Kubernetes SIG Network and the Security Response Committee are announcing the upcoming retirement of Ingress NGINX. Best-effort maintenance will...
www.kubernetes.dev
November 14, 2025 at 4:10 AM
End of an era, watch your Ingress NGINX plans!
What are you replacing NGINX with?
What are you replacing NGINX with?
@puerco.mx kicking off Open Source SecurityCon by demonstrating how to prevent cats messing with your training data.
November 10, 2025 at 2:33 PM
@puerco.mx kicking off Open Source SecurityCon by demonstrating how to prevent cats messing with your training data.