Production reference

Reference sheets for shipping under pressure

Command-first references for Kubernetes, security, APIs, Linux, DevSecOps, Docker, Git, SQL, and Python. Each sheet is written for real production work: what to run, when to use it, and what can go wrong.

Open Kubernetes security Use with courses

KubernetesSecurityAPIsLinuxDevSecOpsData/SQL

Cloud native security

References for production infrastructure

Use these sheets when the decision has operational risk: identity, authorization, runtime defense, network paths, API authentication, and artifact trust.

K8SReference

Security

Kubernetes Security

RBAC audit, PodSecurity standards, NetworkPolicy default-deny, secrets, image signing, runtime forensics, and security warnings for cluster changes.

RBACPodSecurityNetworkPolicySecrets

Open sheet

CTLReference

Cloud native

Kubernetes kubectl

Core kubectl commands for pods, deployments, services, debugging, logs, configs, and secrets.

kubectlPodsDeploymentsDebugging

Open sheet

IDReference

Cloud native

SPIFFE & SPIRE

SPIFFE IDs, SVID issuance, SPIRE CLI commands, registration entries, federation, and workload attestation patterns.

SPIFFE IDSVIDSPIRE CLIFederation

Open sheet

OPAReference

Reference

OPA & Rego

Rego syntax, OPA policy patterns, Kubernetes admission examples, Gatekeeper constraints, and policy testing flows.

RegoGatekeeperAdmissionPolicy-as-Code

Open sheet

APIReference

Security

API Security

JWT validation, OAuth2 flows, secure headers, mTLS, webhook signing, and OWASP API defenses.

JWTOAuth2mTLSWebhooks

Open sheet

NETReference

Reference

Linux Networking

iptables, nftables, tcpdump, OpenSSL, certificate debugging, eBPF tracing, and routing inspection.

iptablestcpdumpOpenSSLeBPF

Open sheet

IRReference

Security

Runtime Security

Falco rules, eBPF observability, Tetragon, syscall context, and production alert tuning patterns.

FalcoeBPFTetragonSyscalls

Open sheet

MESHReference

Cloud native

Service Mesh

Istio traffic management, Envoy diagnostics, mTLS configuration, and AuthorizationPolicy examples.

IstioEnvoymTLSAuthZ

Open sheet

CIReference

Reference

DevSecOps & Supply Chain

cosign, SBOMs, SLSA provenance, GitHub Actions hardening, and CI/CD gates for artifact trust.

SigstorecosignSBOMSLSA

Open sheet

Daily toolkit

Engineering essentials

Compact references for the commands engineers reach for repeatedly: containers, source control, query debugging, and Python runtime work.

DOCEssentials

Docker

Build, run, compose, volumes, networks, multi-stage builds, and container debugging commands.

BuildComposeVolumesDebug

GITEssentials

Git

Branch, merge, rebase, stash, reset, log, diff, cherry-pick, and recovery workflows.

RebaseStashResetRecovery

SQLEssentials

SQL

SELECT, JOIN, GROUP BY, window functions, CTEs, indexes, and query performance patterns.

JoinsWindowsCTEsIndexes

PYEssentials

Python

Core syntax, list comprehensions, f-strings, decorators, OOP, file I/O, errors, and virtual environments.

IdiomsOOPvenvErrors

Practical use

Command lists are not enough

These sheets include production notes, security warnings, and hardened alternatives so the command is tied to a decision. Pair them with courses for depth and labs for practice.

Cloud native security course Kubernetes security lab Engineering guides