From Manual to GitOps: Simplifying Grafana Dashboard Configuration with Git Sync

Starting from version 12, Grafana introduces the ability to configure dashboards using a GitOps approach through an experimental feature called Git Sync.

This is a very interesting capability that can help manage dashboards in large and complex environments.

Git Sync is available as an experimental feature in both Grafana OSS and Enterprise editions, and activation can also be requested for the Cloud version (currently as a private preview).

You can find the relevant documentation on this page, and below I am including a demo video.

 

           

OpenSSF - Open Source Project Security Baseline

Today, I wanted to share with you a new initiative by OpenSSF called the Open Source Project Security Baseline. 

The TL;DR can be summarized as a series of checks that a project maintainer must have in place in their software repository to demonstrate a secure security posture. 

The baseline is divided into three levels, which are well described. I find it to be an interesting initiative and easy to apply for improving and certifying one's security level.

The initiative has been announced here, and here you can find the website for this new and interesting initiative!

KubeCon EU 2025 London

The countdown to KubeCon EU (London) has begun, and I couldn’t be more thrilled to announce that, for the third year in a row, I’ll have the incredible privilege of attending!

This year is extra special because, for the second time, I’ll be managing a booth alongside my amazing colleagues. Why? Because ReeVo (the company that SIGHUP has now joined) will proudly be a sponsor of this big event!

Being a sponsor at KubeCon is no small feat! It means rolling up our sleeves for an exciting whirlwind of extra work and packing plenty of throat lozenges to keep my voice intact through all the conversations (and trust me, there will be a lot of them!). It’s multitasking on steroids but I wouldn’t have it any other way!

The real magic of KubeCon lies in the connections. It’s an unparalleled opportunity to meet and engage with brilliant minds from every corner of the globe. It’s about putting faces to names, building meaningful relationships with partners, collaborators, and project contributors people I’ll be working closely with throughout the year. These moments of connection are what make this event truly unforgettable.

I’m beyond excited and absolutely energized to dive into this experience once again.

So, see you in London! If you’re attending the conference, don’t miss out come by our booth and say hi! 

Let’s make (also) this KubeCon one to remember! 🚀🚀🚀

CyberArk Conjur cloud cli - how fix zsh: operation not permitted: ./conjur

As a consultant, it's always a pleasure to explore new tools, and since the end of 2024, we have been experimenting with CyberArk's SaaS offering.

The first component we started working with is Conjur Cloud, the SaaS version of Conjur Enterprise, which we are already very familiar with.

Conjur Cloud features an impressive UI that allows users to configure and manage most settings 

seamlessly. 

Like Conjur Enterprise, it also has its own dedicated CLI, which is available for download on the CyberArk Marketplace.After installing the Conjur Cloud CLI on macOS 15.2, I encountered the following error when attempting to execute it:

conjur -version
zsh: operation not permitted: ./conjur

 


After some troubleshooting, I discovered that the binary had been quarantined by macOS 15.2. Running the following command confirmed this:

xattr -l /Applications/ConjurCloudCLI.app/Contents/Resources/conjur/conjur

where I got as output:

com.apple.quarantine: 0187;678a416a;Microsoft\\x20Teams\\x20WebView;

To resolve this issue, I removed the quarantine attribute using the following command:

xattr -d com.apple.quarantine /Applications/ConjurCloudCLI.app/Contents/Resources/conjur/conjur

After applying this fix, I was able to successfully launch the CLI:

conjur --version Conjur Cloud CLI version 1.1.2

macOS, Podman Desktop and the Podman machine: pay close attention to the Podman version.

Using Podman as the standard tool requested by clients for running local containers outside of a Kubernetes environment, I decided to start the year by installing Podman Desktop on my company MacBook.

Podman Desktop features a user interface (UI) similar to Docker Desktop, making it easier to manage containers and images. It also includes plugin management to extend its functionality (e.g., deploying containers on Kubernetes).

After installing Podman Desktop version 1.15.0, I proceeded with the setup but encountered issues with the Podman machine (the virtual machine dedicated to running containers), which failed to start (no errors, it just hung).

After performing all the necessary checks and finding no logs, I tried the usual troubleshooting steps, including cleaning up and reinstalling. 

This resolved the issue and revealed the cause: my MacBook previously had an older version of Podman installed in the past, that I totally forgot.

podman --version
podman version 4.3.1

Following the new installation of Podman Desktop, since no existing version was detected, the setup prompted me to install a newer version:

podman --version
podman version 5.3.1

At this point, the setup for Podman Desktop identified that the existing Podman machine was incompatible with the current release.

After confirming the removal of the unsupported Podman machine and proceeding with its recreation, the Podman machine started successfully.

Confirmed as KubeWeekly Editor: Giving Back to the Cloud-Native Community in 2025

One of the pleasures of working with open-source software (OSS) and community-driven initiatives is the endless opportunities they offer. If you ever find yourself with "not enough" to do at work (yes, that's ironic!), there's always an easy way to take on something extra and meaningful.

Contributing back to the community you're part of is a wonderful way to express gratitude. After all, how could anyone be luckier than to give back to something they love? 😊

For 2025, one of my ongoing community chores will be serving as a KubeWeekly editor—for the second consecutive year!

For those unfamiliar, KubeWeekly is a fantastic mailing list that curates the latest news, trends, and updates in the cloud-native ecosystem. If you work in this space, I highly recommend subscribing so you don’t miss out!

Here’s the link: KubeWeekly

KCD Italy will return in 2025 with a new name

Yesterday, the organizers of KCD Italy announced that the conference will return in 2025, once again in Bologna in June!!

For various organizational reasons, the conference will change its name to Cloud Native Days Italy, but the quality will remain the same.

At the moment, nothing else is known. Start marking a reminder in your calendar, see you in Bologna!