Daniel Abrahamberg

Dotnet, NodeJs, DevOps and more…

  • Your Coding Agent Can Read Your .env — And That Changes Your Security Model

    Your Coding Agent Can Read Your .env — And That Changes Your Security Model

    A few days ago, I was working with on my side project gogetcv.com, suing a coding agent (OpenCode) and and noticed something uncomfortable. It opened my appsettings.dev.json. These was LLM API keys for different providers and I had to rotate all of them. It hit me, the normal local development config file that almost every…

  • Spec-Driven Development and the Ralph Loop: The Good, the Bad, and the Ugly

    Spec-Driven Development and the Ralph Loop: The Good, the Bad, and the Ugly

    Spec-driven development, or SDD, is not new. But it has recently come back into focus because of agentic programming. A good place to start is Martin Fowler’s website, Understanding Spec-Driven Development. The core problem with agentic coding, or vibe coding if you prefer, is simple: AI can generate code faster than humans can responsibly review…

  • Code Is Worthless, Senior Developers Are Priceless!

    Code Is Worthless, Senior Developers Are Priceless!

    Once upon a time, code was one of the most valuable assets a company could own.It took years to build a serious codebase, and that effort created a real competitive advantage. That is no longer true in the same way. Today, with the right AI tools and a small number of strong engineers, it is…

  • Securing Kubernetes Ingress with oauth2-proxy and Azure Entra ID

    Securing Kubernetes Ingress with oauth2-proxy and Azure Entra ID

    Protecting specific routes in your Kubernetes applications is essential—especially when handling sensitive internal tools or admin panels. One effective way to do this is by using oauth2-proxy at the ingress level, allowing you to offload authentication and authorization directly at the edge. This not only simplifies your app logic but also aligns well with enterprise-grade…

  • Kubernetes Database Migration with Helm and CI/CD Pipelines

    Kubernetes Database Migration with Helm and CI/CD Pipelines

    Managing database migrations in secure and isolated environments presents a remarkable challenge. This blog post delves into the intricacies of setting up or migrating databases where there is a Kubernetes environments in use and direct access to database is restricted. We’ll explore strategies for handling database migrations when the database is not directly accessible by…

  • GitHub Federated integration: Azure Key Vault & ACR- Example

    GitHub Federated integration: Azure Key Vault & ACR- Example

    You’ve probably noticed too how GitHub is fast becoming the go-to platform for companies and enterprises navigating the digital landscape. It’s an exciting shift, but it’s not without its challenges, especially when it comes to working with cloud services. Take Azure Key Vault and Azure Container Registry (ACR), for instance. To work smoothly, these services…

  • React: Call Child Functions from Parent Functional Component

    React: Call Child Functions from Parent Functional Component

    In the dynamic world of React development, one question often leads to another, unfolding layers of complexity and elegance in code. Recently, a junior programmer on my team approached me with a seemingly straightforward query: “How can I call child functions from a parent functional component in React?” Another colleague quickly interjected, “You can’t do…

  • Repository Pattern in DDD: Bridging the Domain and Data Models

    Repository Pattern in DDD: Bridging the Domain and Data Models

    In our DDD journey, we’ve delved into Entities, Value Objects, and how to implement Aggregates from a developer’s viewpoint. Now, we’ll tackle the repository pattern. Simply put, this pattern neatly separates data access from domain logic. While there’s a wealth of online resources, check out Microsoft’s “Design the Infrastructure Persistence Layer” for hands-on implementation in…

  • Entities and Value Objects: Diving Deep into Domain-Driven Design

    Entities and Value Objects: Diving Deep into Domain-Driven Design

    In the realm of Domain-Driven Design (DDD), understanding core concepts such as entities, value objects, aggregates, and aggregate roots is essential. As we’ve previously explored the intricate nature of aggregates and aggregate roots, today’s discussion is centered on two foundational blocks: entities and value objects. Remember that we are using eShopOnContainers’ Order Service as our…

  • Mastering DDD: A Developer’s Guide to Implementing Aggregates

    Mastering DDD: A Developer’s Guide to Implementing Aggregates

    Welcome back to our series on Domain-Driven Design (DDD)! In our previous article, we skimmed the surface of some fundamental DDD concepts like Aggregates, Entities, and Value Objects. If you found that intriguing, buckle up because we’re about to take a deep dive into these core components, specifically through the lens of a developer. While…

  • Getting Started with Domain-Driven Design for Developers

    Getting Started with Domain-Driven Design for Developers

    There are certainly a lot of articles and books about DDD. A several years ago, when I started to learn about it, it took a little time for things to click. At that time, I was really eager to understand DDD from a developer’s perspective, but most of the material was focused on the architectural…

  • Enterprise Development: Guidelines, Guardrails, and Golden Paths

    Enterprise Development: Guidelines, Guardrails, and Golden Paths

    After having a lengthy conversation with one of my colleagues on the topic of why people often disregard guardrails in his organization, a particular question came to my mind. Towards the end of our discussion, I asked my colleague what keeps cars between the guardrails in the real world. He replied, somewhat unsure of where…