Jenkins 10. Drawing the Boundary Between Jenkins and Kubernetes Deployment
A CI/CD boundary guide that separates Jenkins image build responsibilities from Kubernetes desired-state reconciliation.
Security, Rust, AI Engineering, and DevOps Notes
This blog covers malware analysis, Rust, AI harness/tooling work, and DevOps. Posts are organized in Korean and English around document malware research, Rust learning guides, AI system operations, Docker, and operations automation.
Focus Areas
Featured Posts
Representative posts from the Security, AI Engineering, Rust, and DevOps tracks.
- Docker 04. Why Docker Builds Become Slow and Where Cache Gets Invalidated DevOps Explains how Docker build cache is reused, when cache gets invalidated, and why Dockerfile ordering matters.
- Rust 13. Build a Small CLI Project Rust Practical Rust guide to building a small word counter CLI by combining project structure, file input, collections, and tests.
- AI Agent Token Management: Context Stability Matters More Than Cost AI Engineering Explains token management as a stability, latency, and context-control problem in agent systems, not just a cost issue.
- [Macro] Analysis of a Document-Based Malware Sample Security Analysis of a macro-based document malware sample, covering its execution flow and dropper behavior.
Recent posts
Jenkins Troubleshooting Guide: Separate Queue, Agent, Credential, Plugin, and Pipeline Failures
An operations-focused Jenkins troubleshooting guide for narrowing build failures to queue, agent, credential, plugin, or Pipeline causes before rerunning.
Jenkins 08. Building Docker Images and Pushing to a Registry in Jenkins
A Jenkins Pipeline guide for Docker image builds, registry pushes, tag rules, credentials, and agent boundaries.
Jenkins 07. Practical Jenkinsfile: environment, parameters, when
A practical Jenkinsfile guide covering environment variables, user parameters, and conditional stage execution.
Jenkins 06. How to Read a Jenkinsfile: agent, stages, steps, and post
A practical guide for first-time Jenkinsfile readers to separate agent, stages, steps, and post by execution flow.
Jenkins 05. Introduction to Declarative Pipeline
An introductory Jenkins post explaining why beginners should start with Declarative Pipeline before moving into advanced Pipeline patterns.
Jenkins 04. Freestyle Job vs Pipeline
A comparison of Jenkins Freestyle Job and Pipeline from the perspective of UI configuration and code-based automation.
Jenkins 03. Managing Plugins, Credentials, and Tools
A Jenkins operations guide that treats plugins, credentials, and tools as operational surfaces rather than simple convenience features.
Jenkins 02. Jenkins Installation and Initial Setup
A checklist-style Jenkins installation guide covering Java requirements, JENKINS_HOME, initial password, and first plugin choices.
Jenkins 01. What Jenkins Is and Why It Is Still Used
An introductory Jenkins guide that connects Git, Docker, CI/CD automation, controller, agent, plugin, and Pipeline concepts.
Git 08. PR/MR Collaboration Flow and Review Criteria
A guide to understanding pull requests and merge requests on top of Git branch collaboration, with practical review criteria.
Git 07. Connecting tags, releases, and Docker Image Versions
A guide to separating Git tags, GitHub releases, and Docker image tags while connecting them into deployment history.
Git 06. Why rebase, squash, and force push Need Care
An explanation of how Git rebase and squash rewrite history, and why force push should be handled carefully.
Git 05. Reproducing and Resolving a Basic Conflict
A beginner-focused guide to why Git merge conflicts happen and how to resolve them with status, file edits, add, and commit.
Git 04. Separating remote, fetch, pull, and push
A beginner-focused explanation of remote repository flow through remote, fetch, pull, and push.
Git 03. When and How to Use branch and merge
An explanation of Git branch and merge as development flow and history connection, not folder copying.
Git 02. Understanding Change Flow with status, diff, add, commit, and log
A beginner-focused walkthrough of Git’s basic change flow using status, diff, add, commit, and log.
Git 01. What Git Records and What It Does Not Record
A beginner-focused explanation of how Git treats commits, the index, and the working tree, and what Git does not automatically guarantee.
Codex Project Operations Template: Requests, AGENTS.md, Config, Skills, and Verification
A practical operating template that combines Codex task requests, AGENTS.md, config, skills, subagents, and verification.
Codex Subagent Usage Criteria: When Parallel Agents Are Worth It
Explains when Codex subagents are worth using and when a single-agent flow is safer.
Codex Skill Usage Criteria: When to Standardize Repeated Workflows
Explains when to move repeated writing, review, and release procedures into Codex skills.
Codex Config Operations: Fix Model, Permissions, Sandbox, and MCP Defaults
Explains why model, permission, sandbox, and MCP defaults should be fixed in Codex config for repeatable work.
Codex Plan-First Operations: Fix Scope and Verification Before Editing
Explains how to run complex Codex tasks plan-first by clarifying scope, risk, and verification before edits.
AGENTS.md Length Criteria: Why Shorter Project Instructions Work Better
Explains why a long AGENTS.md increases token cost, duplicate instructions, and mixed responsibilities.
AGENTS.md Writing Guide: Short Operating Rules for Codex
Explains how to write a Codex AGENTS.md with repository purpose, inspection paths, working rules, and verification criteria.
Codex Task Request Template: Goal, Scope, Constraints, and Verification
Shows how to write a first Codex task request with goal, scope, constraints, completion criteria, and verification.
Why Everything Claude Code Is Trending: The Repository Turning Claude Code into an Operating System
A quick analysis of the 168K-star Everything Claude Code repository, based on its code structure, Claude Code’s official extension model, external articles, ...
Codex Harness Design: Why Better Prompts Are Not Enough
Explains why reliable Codex work needs project rules, permissions, and verification, not only better prompts.
Codex Operating Model: Treat It as a Work Execution Agent, Not a Code Generator
Explains why Codex should be treated as a repository work agent, not just a code generator.
Docker 05. Registry Push and Image Management Criteria for Deployment
A beginner-focused explanation of Docker registry, repository, tag, push flow, and image management criteria for deployment.
Codex vs Claude Code Token Management: Different Context Consumption Patterns
Explains how token-management strategy should be adjusted to the different context-consumption patterns of Codex and Claude Code while keeping the same harne...
Docker 04. Why Docker Builds Become Slow and Where Cache Gets Invalidated
Explains how Docker build cache is reused, when cache gets invalidated, and why Dockerfile ordering matters.
Agent Context Compression Criteria: What to Keep and What to Drop
Explains that token savings are not about deleting as much as possible, but about preserving control information while raising information density and priori...
Docker 03. How to Understand Dockerfile Basics and Build Context
Explains Dockerfiles, WORKDIR, CMD, ENTRYPOINT, build context, and .dockerignore from a beginner perspective.
Working State Summary Design: Save Tokens Without Losing Task Context
Explains how to replace full history with a short working-state summary that directly controls the current task.
Docker 02. How to Understand Images, Layers, Tags, and Digests
Explains the differences between Docker images, layers, tags, and digests, and what should stay mutable versus pinned for deployment.
Agent Context Bloat: How Long Logs, Plans, and Memory Create Risk
Explains why logs, plans, memory, and prior conversation history often bloat agent context and weaken execution quality.
Docker 01. What Is Different Between Containers and VMs?
Explains Docker containers versus VMs from a beginner perspective, including images, writable layers, volumes, and bind mounts.
AGENTS.md and CLAUDE.md Token Waste: Shared Problems in Long Instruction Files
Explains why AGENTS.md, CLAUDE.md, and system prompts often bloat into structures that waste tokens and weaken execution quality.
Rust 13. Build a Small CLI Project
Practical Rust guide to building a small word counter CLI by combining project structure, file input, collections, and tests.
AI Agent Token Management: Context Stability Matters More Than Cost
Explains token management as a stability, latency, and context-control problem in agent systems, not just a cost issue.
Rust 12. Serde with JSON and TOML Basics
Beginner-friendly Rust guide to serializing and deserializing JSON and TOML with serde, serde_json, and toml.
Observable Harness Migration: Making Document-Centered Agent Ops Verifiable
A practical roadmap for moving from document-centered operations to an observable harness.
Rust 11. File I/O and Command-Line Input
Rust guide to file and CLI input with std::fs::read_to_string, write, std::env::args, and Result.
Agent Approval and Guardrail Boundaries: Why Empty Boundaries Break Systems
Explains why agent systems become unstable when approval boundaries and guardrails are missing.
Rust 10. Testing in Rust
Beginner-friendly Rust testing guide to cargo test, unit tests, integration tests, assert_eq!, and Result-based tests.
Agent Trace Design: Why Execution Records Matter More Than Results
Explains why results alone are not enough and why trace matters for operations, debugging, and evaluation.
Rust 09. Crates, Packages, and Project Layout
Rust guide to crates, packages, main.rs, lib.rs, mod, use, and pub in a Cargo project.
Harness Enforcement Design: Turning Principles into System Rules
Explains how to turn natural-language principles into concrete system rules and enforcement.
Rust 08. Vec, String, &str, and HashMap Basics
Beginner-friendly Rust guide to Vec, String, &str, and HashMap with examples and a word-frequency walkthrough.
Multi-Agent Usage Criteria: Treat It as an Option, Not the Default
Explains why multi-agent setups are not the default answer and when a single agent is the better baseline.
Rust 07. Modules, Smart Pointers, Concurrency, and Async
Rust fundamentals guide to modules, smart pointers, concurrency, and async with examples.
AI Agent Verification Loop: Why Build and Test Are Not Enough
Explains why build and test alone are not enough to validate an agent and what extra checks are needed.
Rust 06. Generics, Error Handling, Closures, and Iterators
Rust fundamentals guide to generics, error handling, closures, and iterators with examples.
Handoff Schema Design: Turning Free-Form Notes into a Verifiable Contract
Explains why handoffs should move from free-form prose to schema-based contracts and how to design them.
Rust 05. Structs, Enums, Pattern Matching, and Traits
Rust fundamentals guide to structs, enums, pattern matching, and traits with examples.
Project Instruction File Scope: Why AGENTS.md and CLAUDE.md Should Not Be Control Planes
Explores what a project instruction file should own and where it should stop inside a larger harness.
Harness Engineering Concept: Designing the Agent Execution Environment
Explains harness engineering as the design of the tools, permissions, and verification around AI.
AI Coding Tool Result Drift: Why the Harness Changes the Output
Explains why AI coding tools produce different results by looking beyond prompts to the execution environment.
Rust 04. Ownership, Borrowing, and Lifetimes
Rust fundamentals guide explaining ownership, borrowing, and lifetimes through examples.
Rust 03. Variables, Types, Control Flow, and Functions
Beginner guide to Rust variables, basic types, control flow, and functions with examples.
Rust 02. Debugging with rust-analyzer and CodeLLDB
Practical VS Code guide to debugging Rust projects with rust-analyzer and CodeLLDB.
Rust 01. Install Rust and Run Hello World
Beginner-friendly guide to installing Rust on Windows with VS Code and running Hello World.
[RTF] Analysis of a Document-Based Malware Sample
Analysis of an RTF-based malware sample, focusing on its exploit chain and execution flow.
[Macro] Analysis of a Document-Based Malware Sample
Analysis of a macro-based document malware sample, covering its execution flow and dropper behavior.