Satisfy markdown lint

Signed-off-by: David Young <davidy@funkypenguin.co.nz>
2025-12-13 01:36:23 +00:00 · 2023-02-10 23:25:42 +13:00
parent 4dfdefb92f
commit 4aa9d0ef7f
2 changed files with 2 additions and 2 deletions
--- a/docs/blog/posts/notes/layered-kubernetes-security-is-a-pita.md
+++ b/docs/blog/posts/notes/layered-kubernetes-security-is-a-pita.md
@@ -23,7 +23,7 @@ Here's how the process went:
 4. Image must be signed using [cosign](https://github.com/sigstore/cosign) on both the dev and prod infrastructure (*separate signing keys are used*). [Connaisseur](https://github.com/sse-secure-systems/connaisseur) prevents unsigned images from being run in any of our clusters[^2].
 5. Image is in the repo, now to deploy it... add a deployment template to our existing database helm chart. Deployment pipeline (*via [Concourse CI](https://concourse-ci.org/)*) fails while [kube-scor](https://github.com/zegl/kube-score)ing / [kube-conform](https://github.com/yannh/kubeconform)ing the generated manifests, because they're missing the appropriate probes and securityContexts
 6. Note that if we had been able to sneak a less-than-secure deployment past kube-score's static linting, then [Kyverno](https://kyverno.io/) would have prevented the pod from running!
-7. Fixed all the invalid / less-than-best-practice elements of the deployment. Ensure resource limits, HPAs, securityContexts are applied. 
+7. Fixed all the invalid / less-than-best-practice elements of the deployment. Ensure resource limits, HPAs, securityContexts are applied.
 8. Manifest deploys (*pipeline is green!*), pod immediately crashloops (*it's not very obtuse code!*)
 9. Examine Cilium's [Hubble](https://github.com/cilium/hubble), determine that the pod is trying to talk to FoundationDB (*duh*), and being blocked by default.
 10. Apply the appropriate labels to the deployment / pod to align with the pre-existing regime of [Cilium NetworkPolicies](https://docs.cilium.io/en/latest/security/policy/) permitting ingress/egress to services based on pod labels (*thanks [Monzo](https://monzo.com/blog/we-built-network-isolation-for-1-500-services)!*)
--- a/docs/blog/posts/reviews/review-nextcloud-24.md
+++ b/docs/blog/posts/reviews/review-nextcloud-24.md
@@ -44,7 +44,7 @@ It's been a few years since I published a Docker Swarm recipe for Nextcloud, com

 TL;DR - It's still boring on the inside. But that's good. The outside though, is increasingly sexy and well-polished.

-In the process of running the latest recipe through its paces in CI, I noticed that the UX has come a long way. Under the hood, NextCloud is much the same, with some extra polish, and a few years more ecosystem maturity. Now apps like[ Nextcloud Talk](https://nextcloud.com/talk/) (which was beta at the the time) is de-facto, and the integration of 3rd-party apps is well-established.
+In the process of running the latest recipe through its paces in CI, I noticed that the UX has come a long way. Under the hood, NextCloud is much the same, with some extra polish, and a few years more ecosystem maturity. Now apps like [Nextcloud Talk](https://nextcloud.com/talk/) (which was beta at the the time) is de-facto, and the integration of 3rd-party apps is well-established.

 Nextcloud (*now called "Nextcloud Hub II" for some reason!*) no longer looks like a boring, corporate file collaboration suite. The default page is a "Dashboard", which can be extended with "Widgets" which integrate with the various apps (*of which there are over 100!*) which can be installed from their app store.