Recently, I received a message from a recruiter about an open position. We chatted, I sent my CV, and after a week they asked about my desired salary. Then they set a time to sign an NDA before any interview. That was my first warning sign.
I read the NDA carefully and found a few red flags worth sharing (my personal view, not legal advice):

Very broad definition of “Confidential Information.”
The NDA says “Confidential Information” means “any and all information…in whatever form,” including “business plans, forecasts, projections, analyses, compilations, records and other materials” . This could cover even simple chat notes - so you might break the agreement just by asking a normal question.

Three‑year term.
The NDA stays in force for three years from signing . For a one‑time interview, this long period seems too much. It could stop you from working on similar projects elsewhere for a long time.

Foreign jurisdiction.
All disputes must go to the DIFC Courts in Dubai under DIFC law . If you disagree, you could face high travel and legal costs to defend yourself there.

No warranties on information.
The NDA states there are no promises about the accuracy or completeness of the shared information . Yet if you accidentally misuse something, you are fully responsible.

Surprise timing of the NDA.
The recruiter never mentioned the NDA at the start. It only appeared at a late stage - after salary discussions and interview timing agreement. That “tricky” timing feels like a hidden catch.

Always read an NDA line by line. Ask:
- “What exactly counts as confidential?”
- “Why is the term so long?”
- “Am I okay with this jurisdiction?”
A few clear questions now can save you big headaches later.

Have you ever reviewed an NDA with similar points? What questions did you ask before signing?

Logging operator for Kubernetes

https://github.com/kube-logging/logging-operator

simple terminal UI for git commands

https://github.com/jesseduffield/lazygit

AWS Senior Solution Architect Specialist Sébastien Allamand outlines how Amazon VPC Lattice combined with EKS Pod Identity IAM session tags enables secure communication across multiple Kubernetes clusters. This post demonstrates encryption in transit, fine-grained attribute-based access control, and Envoy sidecar proxies to simplify cross-cluster connectivity.

https://aws.amazon.com/blogs/containers/secure-cross-cluster-communication-in-eks-with-vpc-lattice-and-pod-identity-iam-session-tags/

In “Using Go Instead of Bash for Scripts,” Krzysztof Kowalczyk showcases how Go programs can supplant traditional shell noscripts for running, testing, and deploying applications. This tutorial outlines a single multi-purpose Go command-line tool with flags and helper functions for process execution, file handling, and environment management.

https://blog.kowalczyk.info/article/4b1f9201181340099b698246857ea98d/using-go-instead-of-bash-for-noscripts.html

Trim 📏 your KUBECONFIG automatically

https://github.com/alexellis/kubetrim

🐸 a database management tui

https://github.com/achristmascarl/rainfrog

This article explains how AWS’s open-source Bottlerocket OS strips away unnecessary components to provide a lean, secure foundation for running containers at scale. It highlights integration benefits with services like EKS and lays out performance, security, and operational gains for cluster operators.
https://aws.amazon.com/blogs/containers/benefiting-from-bottlerocket-an-open-source-container-optimized-operating-system/

In this blogpost the AWS Containers team walks through a real-world scenario, showing how to streamline container deployment pipelines using native AWS tooling and best practices. Readers gain practical guidance on automating builds, scaling workloads, and monitoring production clusters with minimal overhead.
https://aws.amazon.com/blogs/containers/16532-2/

Kamaji is the Hosted Control Plane Manager for Kubernetes.

https://github.com/clastix/kamaji

Effortlessly visualize mod graph with all external dependencies for your Go projects

https://github.com/bayraktugrul/modview

The write-up by Overcast explores whether Kubernetes pods are truly evicted because of CPU pressure or if other scheduler nuances are at play. By dissecting eviction events and kubelet metrics, the author equips operators with actionable tips to diagnose and prevent unexpected pod terminations.
https://overcast.blog/do-pods-really-get-evicted-due-to-cpu-pressure-2b27274a670c

This piece argues that GitHub’s network effects, developer experience, and strategic acquisitions ultimately cemented its dominance in the code-hosting world. It contrasts competing platforms and offers lessons for toolmakers seeking to build thriving ecosystems.
https://blog.gitbutler.com/why-github-actually-won/

Laminar - open-source all-in-one platform for engineering AI products. Create data flywheel for your AI app. Traces, Evals, Datasets, Labels. YC S24.

https://github.com/lmnr-ai/lmnr

vCluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces.

https://github.com/loft-sh/vcluster?tab=readme-ov-file

The post from Massdriver demonstrates how to generate clean Infrastructure-as-Code configurations from resources that already exist in your cloud accounts. Through step-by-step examples, it shows teams how to regain version control and security compliance without rebuilding everything from scratch.
https://www.massdriver.cloud/blogs/generating-infrastructure-as-code-from-existing-cloud-resources

In his overview, Martin Heinz unpacks a recent technical challenge and walks readers through the solution, complete with code snippets and performance benchmarks. The candid narrative emphasizes practical learning and encourages experimentation in everyday development workflows.
https://martinheinz.dev/blog/111

Pretty fancy and modern terminal file manager

https://github.com/yorukot/superfile

Real-time monitoring of Linux process network traffic, including the client IP, port, and transfer speed for each connection.

https://github.com/CDWEN0526/tmd-top

This story dives into structuring Argo CD repositories with ApplicationSets so that teams can manage dozens of Kubernetes environments from a single source of truth. Clear diagrams and YAML examples make the pattern easy to adopt for both greenfield and legacy clusters.
https://medium.com/containers-101/how-to-structure-your-argo-cd-repositories-using-application-sets-1150e75d05b3

The publication on Random Tinkering details how to schedule lightweight CronJobs that scrape node-level metrics with Node Exporter and ship them to Prometheus. It balances operational guidance with security considerations, ensuring observability without overloading the control plane.
https://randomtinkering.hashnode.dev/how-to-collect-kubernetes-node-metrics-with-node-exporter-using-cronjobs