I build cloud & Kubernetes tooling that helps engineers understand whatβs really happening in their systems β before drift, misconfigurations, or βsurprisesβ make it to production.
My comfort zone sits where AWS, Kubernetes, platform engineering, and cloud security overlap. I enjoy turning invisible problems (drift, diffs, permissions, workflows) into things you can see, reason about, and fix.
Iβm especially interested in systems that are:
- π§ boring in production
- π easy to inspect
- π secure by default
- π§ clear to own when something breaks
π https://github.com/dcotelo/helm-drift-check
A GitHub Action to detect Helm drift by comparing whatβs currently deployed in Kubernetes with whatβs about to change in a PR.
- Reads deployed versions from Argo CD Application / ApplicationSet
- Uses dyff to produce readable YAML diffs
- Posts results directly as PR comments
- Designed for multi-service repos, not toy examples
π§ Motivation: drift happens quietly β this makes it visible before it hurts.
π https://github.com/dcotelo/actions
A web-based editor and visualizer for GitHub Actions workflows.
- Edit and validate workflow YAML in real time
- Visualize jobs, steps, and dependencies as a diagram
- Explore complex workflows without reading 300 lines of YAML
- Includes a live demo via GitHub Pages
π§ Motivation: workflows are code β they deserve good UX.
π https://github.com/dcotelo/helm-chart-diff-viewer
A web app to compare Helm chart versions from any Git repository.
- Diff charts across tags, branches, or commits
- Supports custom values (file-based or inline)
- Clean, human-readable output
- Easy to deploy (Docker / Vercel)
π§ Motivation: upgrades are safer when diffs are obvious.
- Amazon EKS (including EKS Auto Mode)
- Multi-region & geo-distributed systems π
- Capacity planning, failure domains, traffic boundaries
- GitOps with ArgoCD, Helm, and Kustomize
- IAM least privilege & blast-radius reduction
- Secure CI/CD (OIDC, no long-lived credentials π)
- Terraform state & secrets hygiene
- Finding misconfigurations before attackers do
- Cloud & infra CTFs to stay sharp βοΈ
- Opinionated Terraform modules that age well
- CI/CD patterns teams actually trust
- Tooling that reduces cognitive load
- Clear ownership models β fewer 3 a.m. incidents π΄
- Metrics, logs, traces, and SLOs
- Debugging latency across app β kube β network β AWS
- Runbooks written for tired humans, not ideal conditions
I donβt collect languages β I use them intentionally.
- πΉ Go β tooling, automation, infrastructure services
- β‘ TypeScript β web tools, CI/CD UX, workflow tooling
- π Python β scripting, analysis, security experiments
- 𧩠Bash β glue, debugging, survival
Readable > clever. Maintainable > impressive.
AWS: EKS, IAM, VPC, DynamoDB, ALB/NLB, Route53, KMS, S3
Kubernetes: EKS Auto Mode, Karpenter
GitOps / CI: ArgoCD, Helm, Kustomize, GitHub Actions
IaC: Terraform, Terraform Cloud
Observability: Datadog
Containers: Docker
- π Security is an architecture problem, not a checklist
- π§ββοΈ The best platforms fade into the background
- π§ Clear ownership beats perfect tooling
- π If you canβt explain it at 3 a.m., itβs too complex
- βοΈ Email: me@dcotelo.dev
- πΌ LinkedIn: https://www.linkedin.com/in/dcotelo/
- π§βπ GitHub: https://github.com/dcotelo