Categories

Jacar categories — explore the topics A rocket whose eyes follow your cursor.
Methodologies

Practical DevSecOps with Sigstore and cosign

Signing images and artifacts with Sigstore has stopped being a rare experiment: projects like Kubernetes already use it. The keyless model in cosign, Fulcio, and Rekor removes private-key management, but it only protects you if deployment verifies who signed, not just whether a signature exists.

Methodologies

Flux CD vs ArgoCD: Which to Choose for Your Platform

Flux CD and ArgoCD are the two CNCF-graduated GitOps tools for deploying to Kubernetes with Git as the source of truth. ArgoCD offers a centralised visual UI that manages several clusters from one instance, while Flux is a set of Kubernetes-native controllers with built-in image automation. Neither choice is wrong: it depends on your team and use case.

Architecture

GitOps With ArgoCD: From Hype to Stable Production

ArgoCD has established GitOps as the standard deployment practice for Kubernetes: the Git repository is the single source of truth for the desired state, and the agent continuously reconciles the cluster. This guide covers the four formal GitOps principles, sync policies, common production mistakes, and a comparison with Flux.

Architecture

Platform Engineering: Internal Developer Platforms

Platform engineering formalizes the internal product development teams need. An Internal Developer Platform (IDP) centralises deployment, observability and self-service behind a unified interface so product teams deliver value without becoming infrastructure experts. Investment pays off from around 30 to 50 developers.

Methodologies

SLSA Level 3: Hardening the Software Supply Chain

SLSA v1.0, published in April 2023, defines four maturity levels for securing the software supply chain, from basic provenance to isolated builds. Level 3 requires every build to run in an ephemeral, stateless environment, eliminating attacks like build contamination and insider threat, and is achievable with GitHub Actions and OIDC signing via Sigstore.

Methodologies

FinOps: Controlling Cloud Cost Without Slowing the Team

FinOps turns cloud cost into an engineering discipline rather than a finance problem. The Inform-Optimize-Operate framework delivers per-team visibility, continuous waste reduction, and cost SLOs. Rigorous tagging and open-source tools like Kubecost or Infracost let teams regain control of the bill without slowing delivery.

Methodologies

Applying Google’s SRE Book Without Being Google

Google's SRE book (2016) is canonical reading, but it is written for thousands of engineers and in-house datacenters: applying it literally on a small team creates friction. Five principles do travel (SLOs, error budgets, blameless postmortems, toil management, humane on-call); what does not scale is Google's infrastructure and dedicated roles.

Methodologies

Contract Testing with Pact for Microservices

With 30 or more microservices, end-to-end tests become slow, fragile and impractical. Pact implements consumer-driven contract testing: the consumer defines what it expects, the provider verifies it in its own CI pipeline, with no shared environment needed. The result is integration proof in seconds, not minutes.

Methodologies

Prometheus: Writing Alerts That Won’t Get Ignored

To write Prometheus alerts that won't get ignored, alert on customer-observable symptoms (latency, error rate, saturation) instead of internal causes like CPU or memory, define SLOs with multi-window burn rate to scale severity, add a watchdog alert that confirms the system is still alive, and review the signal-to-noise ratio every quarter.

Methodologies

MoSCoW Method: Effective Requirements Prioritisation

The MoSCoW method organises project requirements into 4 categories: Must have (essential), Should have (important), Could have (desirable), and Won't have (out of scope). Its purpose is to force an explicit priority conversation before committing team resources and time.

Methodologies

The Kano Model: Improving Customer Satisfaction

The Kano model classifies product features into three types: basics (what customers take for granted), performance (where more investment yields more satisfaction), and emotional delighters (unexpected extras that build loyalty). Knowing which category each feature belongs to sharpens every roadmap decision.

Methodologies

Design Thinking: Methods and Strategies

Design thinking is a user-centred problem-solving methodology structured around five iterative phases: empathise, define, ideate, prototype, and test. Following the Design Council Double Diamond model, it first identifies the right problem, then designs the right solution. Applicable to digital products, internal processes, and business models alike.

Methodologies

OKR Methodology: Maximise Your Objectives

The OKR (Objectives and Key Results) methodology is a goal-management system that aligns the entire organisation, from the CEO to every team, around ambitious, measurable goals. Each qualitative objective pairs with quantifiable key results, reviewed every quarter to keep focus without the rigidity of an annual plan.

Methodologies

Agile Methodologies: Optimising Project Development

Agile methodologies (Scrum, Kanban, Extreme Programming) replace rigid upfront planning with short, iterative cycles: each sprint delivers working software, brings in real customer feedback, and lets teams correct course before a mistake becomes expensive. Born from the 2001 Agile Manifesto, they are now applied well beyond software, in marketing, design, and research too.

Methodologies

Methodologies for Defining Objectives: A Strategic Approach

SMART, OKR, and Balanced Scorecard are the three reference methodologies for defining strategic objectives: SMART validates that each objective is specific and measurable, OKR vertically aligns organisational ambition through quarterly reviews, and Balanced Scorecard connects financial indicators with processes, customers, and learning across four complementary perspectives.