Skip to content
View didiberman's full-sized avatar
🫥
Artificial Intelligence is teaching me about itself.
🫥
Artificial Intelligence is teaching me about itself.

Block or report didiberman

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
didiberman/README.md
██████╗  ██╗ ██████╗  ██╗
██╔══██╗ ██║ ██╔══██╗ ██║
██║  ██║ ██║ ██║  ██║ ██║
██║  ██║ ██║ ██║  ██║ ██║
██████╔╝ ██║ ██████╔╝ ██║
╚═════╝  ╚═╝ ╚═════╝  ╚═╝

DevOps / Platform Engineer  ·  Kubestronaut  ·  didibe.dev

I build and operate Kubernetes infrastructure, cloud-native platforms, and automation pipelines.
Currently exploring Internal Developer Platforms w/ Backstage, Crossplane & Supply Chain Security (trivy hack)


Selected Work

Project Description
practical-aks Guided AKS build: blank Azure subscription → Workload Identity-secured, Trivy-scanned cluster running a live LLM proxy. CI/CD pipeline includes supply chain hardening: SHA-pinned Actions and harden-runner network egress control - the kind of attack the March 2026 Trivy compromise demonstrated.
Azure Trivy harden-runner
gke-labs 18-exercise GKE lab covering Cloud SQL, Memorystore, Terraform, Helm, CI/CD, observability, Temporal workflows, and incident response.
Google Cloud Temporal Prometheus
kratix-platform Self-service IDP: Kratix + Backstage + Flux on k3s, deployed from scratch with one command.
Kratix Backstage Crossplane
Tokenguard Operator Kubernetes operator scoring ServiceAccount least-privilege by comparing RBAC grants against audit log usage. Detects external IP token abuse. Go, Kubebuilder, controller-runtime.
Kubebuilder
NinjaDevOps Interactive DevOps challenge platform - 80+ real-world challenges covering Linux, Docker, and Kubernetes (CKAD, CKA, CKS) in live GCP VMs. Broken servers, misconfigs, k8s emergencies - all from a browser terminal.
Linux Docker Kubernetes React Firebase Cloud Run
Sovereign-Mesh Multi-tenant AI PaaS on Hetzner. Private RAG enclaves (vLLM, Qdrant, TEI) on a zero-trust K3s cluster with CKS-grade isolation and GitOps via ArgoCD.
ArgoCD Qdrant vLLM

Ongoing embedded contractor for a German eCommerce agency - production RAG pipelines (AWS Bedrock Knowledge Bases) and n8n automation across their content, SEO, and operational workflows.


Stack

Kubernetes & Orchestration

Kubernetes Helm Docker Karpenter KEDA vCluster

GitOps & IDP

ArgoCD Flux Kratix Backstage Crossplane

Cloud & Infra

AWS Google Cloud Azure Terraform GitHub Actions

AI, Workflows & Automation

kagent Temporal n8n

Security

Trivy harden-runner


Certifications

AWS-SAA · CKA · CKAD · CKS · KCNA · KCSA · Kubestronaut 🎖️


Other Projects

Show older experiments

Pinned Loading

  1. terraform-k8s-argocd-cicd-pipeline terraform-k8s-argocd-cicd-pipeline Public

    Zero-touch K3s cluster on Hetzner + Cloudflare, fully managed via Telegram with live CI/CD log streaming.

    JavaScript

  2. content-machine content-machine Public

    Video generating Telegram bot with Kie.ai that works async with AWS Lambda + SQS

    JavaScript

  3. terraform-kusama-k8s-validator-project terraform-kusama-k8s-validator-project Public

    A cluster of Kusama validators that can expand / contract

    Shell

  4. kubelab kubelab Public

    Didi's kubernetes lab

    HCL

  5. Cloud-Run-Google-Drive-Transcriber Cloud-Run-Google-Drive-Transcriber Public

    An automation that triggers on new Google Drive folder file, transcribes, run AI analysis & Email - all within Google Ecosystem

    JavaScript

  6. video-music-saas-serverless-terraform video-music-saas-serverless-terraform Public

    Simple SaaS frontend with Google login, async Video and song generation from short Prompt

    Python