@justprotein.bsky.social
Of course you still need to worry about this, but not that much and we have a relatively scalable solution in LLMs for coding today.
One thing I’ve learnt with this problem is that you need curiousity, ask a lot of why, skim through, move on, this is if you want to move fast.
Code is verifiable.
One thing I’ve learnt with this problem is that you need curiousity, ask a lot of why, skim through, move on, this is if you want to move fast.
Code is verifiable.
August 25, 2025 at 8:31 AM
Of course you still need to worry about this, but not that much and we have a relatively scalable solution in LLMs for coding today.
One thing I’ve learnt with this problem is that you need curiousity, ask a lot of why, skim through, move on, this is if you want to move fast.
Code is verifiable.
One thing I’ve learnt with this problem is that you need curiousity, ask a lot of why, skim through, move on, this is if you want to move fast.
Code is verifiable.
Envoy intercepts all traffic and consults OPA for authorization decisions as I have service level policies and user level policies before the request can proceed.
July 17, 2025 at 4:51 AM
Envoy intercepts all traffic and consults OPA for authorization decisions as I have service level policies and user level policies before the request can proceed.
Haven’t implemented OPA with kube-mgmt or OPA Gatekeeper yet, but the enforcement I meant here was for network traffic between services in my service mesh and for API authorization.
July 17, 2025 at 4:44 AM
Haven’t implemented OPA with kube-mgmt or OPA Gatekeeper yet, but the enforcement I meant here was for network traffic between services in my service mesh and for API authorization.
One lesson about the two sidecar approach (Envoy + OPA) was how it helps separate enforcement logic from the decision making logic, that’s aside from the separation of concern, reduced attack surface, potential independent scaling, etc.
July 16, 2025 at 11:07 PM
One lesson about the two sidecar approach (Envoy + OPA) was how it helps separate enforcement logic from the decision making logic, that’s aside from the separation of concern, reduced attack surface, potential independent scaling, etc.
This was interesting as I went a bit more into my basic knowledge of Kubernetes (which I only started using here).
Learning about what a sidecar means, OPA, reading Rego policy, Envoy Proxy, and why all this is even important. I have a BFF external service and then internal services (2 for now)
Learning about what a sidecar means, OPA, reading Rego policy, Envoy Proxy, and why all this is even important. I have a BFF external service and then internal services (2 for now)
July 16, 2025 at 11:07 PM
This was interesting as I went a bit more into my basic knowledge of Kubernetes (which I only started using here).
Learning about what a sidecar means, OPA, reading Rego policy, Envoy Proxy, and why all this is even important. I have a BFF external service and then internal services (2 for now)
Learning about what a sidecar means, OPA, reading Rego policy, Envoy Proxy, and why all this is even important. I have a BFF external service and then internal services (2 for now)
With LLMs, it feels like one can do anything coding related, but that’s a lie.
There were several instances where I was stuck and didn’t even know the question to ask, makes me wonder how someone can vibe code a production grade product with zero programming knowledge
There were several instances where I was stuck and didn’t even know the question to ask, makes me wonder how someone can vibe code a production grade product with zero programming knowledge
July 16, 2025 at 10:49 PM
With LLMs, it feels like one can do anything coding related, but that’s a lie.
There were several instances where I was stuck and didn’t even know the question to ask, makes me wonder how someone can vibe code a production grade product with zero programming knowledge
There were several instances where I was stuck and didn’t even know the question to ask, makes me wonder how someone can vibe code a production grade product with zero programming knowledge
Seeing this all work so well to setup a service mesh of my initial go microservices and a BFF all running locally and a one click deployment to AWS gave me a lot of joy considering how little about these things I knew before getting started.
Although I somehow lost $1.51 in AWS charges 😃
Although I somehow lost $1.51 in AWS charges 😃
July 16, 2025 at 10:49 PM
Seeing this all work so well to setup a service mesh of my initial go microservices and a BFF all running locally and a one click deployment to AWS gave me a lot of joy considering how little about these things I knew before getting started.
Although I somehow lost $1.51 in AWS charges 😃
Although I somehow lost $1.51 in AWS charges 😃
Main tools I use for this is Jetbrains Junie, OAI Codex, and recently GitHub Copilot.
A lot of things in the project are automated with makefiles or magefiles and lost of test scripts. I’ve somehow managed to successfully ensure I am running fully local and not deploying except I manually trigger
A lot of things in the project are automated with makefiles or magefiles and lost of test scripts. I’ve somehow managed to successfully ensure I am running fully local and not deploying except I manually trigger
July 16, 2025 at 10:49 PM
Main tools I use for this is Jetbrains Junie, OAI Codex, and recently GitHub Copilot.
A lot of things in the project are automated with makefiles or magefiles and lost of test scripts. I’ve somehow managed to successfully ensure I am running fully local and not deploying except I manually trigger
A lot of things in the project are automated with makefiles or magefiles and lost of test scripts. I’ve somehow managed to successfully ensure I am running fully local and not deploying except I manually trigger
CI/CD includes GitHub Actions, Trivy, Detekt, CodeQL, Argo CD. Keycloak for identity management, and many other tools.
These tools are all new to me, just learning as I’m going, reading a lot of materials from LLM chats and some books I got as reference. Been reallly overwhelming but exciting
These tools are all new to me, just learning as I’m going, reading a lot of materials from LLM chats and some books I got as reference. Been reallly overwhelming but exciting
July 16, 2025 at 10:49 PM
CI/CD includes GitHub Actions, Trivy, Detekt, CodeQL, Argo CD. Keycloak for identity management, and many other tools.
These tools are all new to me, just learning as I’m going, reading a lot of materials from LLM chats and some books I got as reference. Been reallly overwhelming but exciting
These tools are all new to me, just learning as I’m going, reading a lot of materials from LLM chats and some books I got as reference. Been reallly overwhelming but exciting