I spent years as the person who got paged at 2am. Most incident investigations follow a pattern, and the hard part was never any individual step. It's maintaining context across all of them without skipping something. Agents don't replace the judgment, they execute the investigation without losing context halfway through. The bottleneck moves from execution to judgment, and that's where SREs become more valuable, not less. stack72.dev/sres-dont-need-r…

If you require me to login to Calendly using X and it has these permissions, then that's a BIG no from my side:

I've spent the last two months talking about building the machine that builds the machine. The idea isn't complicated: stop treating AI as a better interface for humans to do work, and start building systems that can create, modify, operate, and improve other systems. For infrastructure, that means the goal isn't an AI that writes Terraform faster. It's a system that can understand infrastructure, reason about it, change it safely, and get better at doing that every time it runs. Last week at Microsoft Build, @steipete gave a talk called "Build the Thing That Builds the Thing." - lnkd.in/eGPE3VUZ That title stood out because it describes exactly how I think about AI. Most people spend their time prompting agents. I spend my time building the systems around the agents. The goal isn't to become better at prompting. The goal is to build a machine that can reliably produce outcomes, improve itself, and do more of the work without requiring constant human intervention. We're not heading toward a world where humans sit in front of chat windows all day. We're heading toward a world where we build machines that build machines. The biggest opportunity isn't replacing individual tasks. It's creating systems that continuously generate, operate, and improve the next layer of systems above them. That's what I've been writing about throughout this blog series (stack72.dev/the-lifecycle-of…), and it's what we've been building at swamp-club.com for months already. It feels like the industry is finally converging on the same idea and I am excited about it!

Every IaC tool I've worked on promised "any system." I helped make that promise. Provider ecosystems were built for humans who fill in the gaps. Agents can't so if a capability isn't in a schema, an agent has to infer it from prose. The challenge for me is, were provider ecosystems designed for the consumers that matter in an agentic world? New post on why I don't think so. stack72.dev/every-platform-p…

so I can't unsubscribe from @Railway emails unless I log into their app :/ That feels an unnecessary step

So @currys is a perfect example of how AI can be integrated incredibly poorly into your system. An automated response to my tweet meant that I messaged them back and now I have another AI but trying to interact with me via DM.

Every production environment has someone who can't go on holiday without their phone buzzing. Not because the team is bad. Because everything that person learned from incidents over the years never made it anywhere except their head. That's not a people problem. It's an encoding problem. New post on why this is the first thing to solve before AI agents go anywhere near your infrastructure. stack72.dev/the-first-step-o…

The sovereign cloud movement has an $80B budget but the the cost to switch is the real blocker to make it happen. Your automation is coupled to your provider. Moving means rewriting everything for zero new functionality. We started replacing our GitHub usage with Forgejo and in a couple of days it was working (including actions replacement). Two years ago that's a quarter-long project. The implementation was straightforward. Being precise about what we actually needed was the real work. stack72.dev/intent-is-archit…

Getting agents to generate IaC code faster isn't the answer. It's still probabilistic output driving your infrastructure. The agent doesn't know your conventions or your breaking changes. You won't know how well it guessed until apply time — or until you have to review and debug it. What if agents worked against typed schemas instead? No code generation. Deterministic execution. Same inputs, same result, every run. stack72.dev/deterministic-au…

A lot of the stories about AI agents failing come down to two things: * no trust (gates everywhere, agents wait for permission) * chaos (everyone ships, nobody coordinates). The fix isn't better tools. It's building the systems that make trust safe. stack72.dev/high-trust-teams…

I'm not sure why but @claudeai has starting asking me for permission to use a skill... that seems new the past couple of days - anyone seen that? I am going to try adding to settings.json to bypass it but it feels a UX step backward

Bug reports that looked like noise turned out to be three compounding architectural problems. In a traditional team, you patch and move on. We had agents, so we rearchitected the whole thing. Six parallel workstreams, eight days, landing to main the whole time. If it hadn't worked? Eight days lost, not six months. stack72.dev/the-rearchitectu…

Every team gets told to ship faster. When agents make that trivially easy, speed stops being the problem and direction does. Planning as we know it is meaningless. Your PM is about to have an existential crisis. The hardest skill now is taste. And that's not something an agent can help you with. stack72.dev/when-building-is…

I've been writing about how AI agents changed my work. Stopped typing code, started making better decisions, how we are building swamp with agents doing all the implementation. The fear is real. The shift is real. The difference is structure. stack72.dev/take-the-leap-be…

I haven't written code in months (probably for the best). Five of us build swamp, none of us write code manually. The job got bigger, not smaller. The code was never the job — the understanding was. New post up: stack72.dev/the-code-was-nev…

An agent can open a PR in thirty seconds that takes an hour to review. Multiply that by every repo with an issue tracker and you have the current state of open source. We banned external code contributions and here's why. stack72.dev/the-community-pu…

I sorted every agent tool into two buckets: can git checkout undo it, or does it touch something external? Eliminated 90% of permission prompts. Kept the ones that matter like gh pr create. stack72.dev/agent-trust-is-a…

4,236 unit tests passed yet the binary was broken. A separate UAT suite running against the real compiled artifact caught it in four minutes. Three recent bugs, same pattern: all unit tests green, bug at an integration seam, no user ever saw it. stack72.dev/the-gate-between…

Agents open PRs in our repo. So the diff is untrusted input flowing into models with merge authority. That's a recipe for disaster Multiple AI reviews, each scoped to a different concern. Minimal tool sets and a security review that audits changes to the CI pipeline itself — because the reviewers are defined in workflow files too. stack72.dev/anatomy-of-a-swa…

Vibe coding works great for ten PRs*. Then you do it two hundred more times and the codebase quietly stops making sense. The fix isn't better prompts. It's giving agents the same structural context a senior engineer carries in their head. Build the machine. The vibes don't scale. stack72.dev/the-vibes-dont-s… * The number may vary depending on the weather and the timezone ;)