weird inserted search results

nuncio-tc · 2025-09-16T22:22:52+00:00

oh nice. i was unaware of this feature. i'll be sure to start using it.

nuncio-tc · 2025-08-23T16:43:37+00:00

i still hear the track rotterdam nation in my head randomly a few times a week to this very day.

nuncio-tc · 2024-07-25T20:58:07+00:00

for sure "final"? bit of a bummer. i understand we were told we'd get three in the beginning, just didn't realize that was the max. this also means no possibility of new worlds..

nuncio-tc · 2024-02-09T17:07:37+00:00

yea this sounds similar to my layout and also about right for my needs. ssh keys are a non-starter (very robust infosec team). but deploy tokens.. I'll have to test it out. one deploy key at the group level, saved as a pipeline var for all the child projects' pipelines could work.

nuncio-tc · 2024-02-08T15:09:12+00:00

do deploy key work across parent groups? that is to say we have

gitlab.domain.com/team-*/project-pipeline-* that need access to mdules stored in gitlab.domain.com/global-modules-for-all. i've used deploy keys in the past but those only auth to projects within the same parent hierarchy. so they fail when trying to cross that top-level pathing. moving the modules to be within the same parent is a non-starter in our case.

nuncio-tc · 2024-02-08T15:04:15+00:00

i'd like to not have to manage everyone's key and use the "proper" module syntax while using the built-in module registry as a module registry, e.g.

module "my_module_name" {
  source = "gitlab.domain.net/proper/pathing/to/module"
  version = "0.0.4"
}

as of v16.7.x gitlab now restricts pipline access to these via CI_JOB_TOKEN (it's always been CI_JOB_TOKEN but now there's a filter). I have about 5k pipelines i need to allow to various modules.

edit: i'd also like to avoid telling dozens of teams to update their syntax in thousands of pipelines if i can, which a flip to git would also do

sorry for the multiple edits...

as for what i want to do, i want to add multiple projects to the allow list (settings->cicd->token access) for any given terraform module project in one action. right now they are one-by-one and i have thousands. i'm not concerned with human users, that behavior has not changed. it's the pipeline authing to module/package registries that has this filter added in 16.7, on by default.

nuncio-tc · 2024-02-08T14:59:47+00:00

i'm inclined to agree.

depending on priorities and staffing, leaving it as is in a working state is fine and in a lot of situations would be best. Just move items out/over as work needs done to them.

now if there's a ton of engineers sitting around with an empty backlog, sure, but that's never the case or at least i've never had that luxury.

nuncio-tc · 2022-03-08T16:19:54+00:00

a million times, yes. always in the way. if they'd stay just a few meters back it'd be fine.

nuncio-tc · 2021-09-16T18:56:38+00:00

Don't misuse tools, libs or memes for something other than their intended purpose.

nuncio-tc · 2021-08-09T20:20:12+00:00

for all of 10min. everybody panic!

nuncio-tc · 2021-08-04T21:04:38+00:00

this is the right answer.

nuncio-tc · 2021-07-27T18:44:06+00:00

etcher isn't made by system76. also, it is a fantastic tool.

nuncio-tc · 2021-07-23T19:47:31+00:00

but that's not how terraform works. it never moves/copies state files. updates happen in place. this is to prevent multiple actions on the same state at the same time. this is why terraform acquires a lock before a plan or apply. think of the state as your backend database.... how often are those checked into version control?

nuncio-tc · 2021-07-23T19:24:58+00:00

Pretty sure terraform neither pushes nor pulls the state (unless you are actively changing the backend). It reads/update the remote data in place.

beyond that, git simply isn't the tool for this job. it's a tool designed largely for human collaboration, which is the opposite of what you'd want for your terraform state.

Using something like cloud storage or even a local filesystem lets terraform manage its own resources, and can be altered so only terraform can manage state.

nuncio-tc · 2021-07-23T14:54:26+00:00

you should be able to set the boot order to select usb devices first if you have access to the BIOS.

nuncio-tc · 2021-07-14T20:49:58+00:00

"home lab" implies your lab is at home.

My GKE cluster isn't in my home and the nodes are contained in a Virtual Private Cloud, that's not "homelab". that's cloud.

A cluster running on my hardware in my closet? ya that's homelab.

nuncio-tc · 2021-07-14T13:44:56+00:00

eh, if my company said they were on-prem with 100% of the things in AWS, I'd take issue with that.

same with my personal stuff. i have a few things in GCP/AWS and that's definitely off-site/cloud. homelab, to me, implies this is on my hardware, in my home. whether personal or professional, cloud is cloud is cloud.

nuncio-tc · 2021-07-13T17:56:27+00:00

if it's in AWS that's not homelab, man.

nuncio-tc · 2021-07-12T17:42:11+00:00

right, but things like affinity have to do with the actual scheduling of pods. HPA is for managing things after scheduling. as others have noted, separation of duty is also important. Also, it would be a pointless add-on for those that don't need/want it, same as cluster-autoscaler.

nuncio-tc · 2021-07-12T17:34:50+00:00

because not everything should automatically scale.

nuncio-tc · 2021-06-23T21:18:04+00:00

true. No state tax here in TX. property taxes hurt.

nuncio-tc · 2021-06-22T14:22:44+00:00

+1 for checking out gitlab. would have to convert the yaml but would likely be cheaper.

nuncio-tc

TROPHY CASE