Beyond the Prompt: The Architecture of Loop Engineering
Prompt engineering micro-managed text. Context engineering hydrated it. Loop engineering builds the feedback loop the AI runs inside — and the token economy that makes or breaks it.
Practitioner notes on SRE, Platform Engineering, Kubernetes, and how AI changes the way we ship. DevOps, SRE, Platform Engineering, and AI-driven delivery — by Haggai Philip Zagury.
Prompt engineering micro-managed text. Context engineering hydrated it. Loop engineering builds the feedback loop the AI runs inside — and the token economy that makes or breaks it.
Companies across the globe—and Israeli high-tech especially—are mass-laying off in the name of AI. But is AI really the reason, or just the best available excuse?
A short note on why I refreshed the 5-part SOC 2 for ISVs series in 2026 — modernized imagery, and a reset of my own field knowledge from +-5-7 years of customer engagements.
Anthropic wants the option to pause frontier AI development. A platform engineer reads the data behind the 'recursive self-improvement' warning — and the timing.
A follow-up to The AI Headcount Panic. The numbers crossed 150,000, and the first codebases gutted of senior engineers are starting to break. The bill arrives on a lag.
Three forces pushed Cilium onto my roadmap: a VPC-CNI silent-drop bug, a FedRAMP project, and a pattern in every recent breach I've reviewed. Here's the series.
A quick-reference glossary of NIST SP 800-53 control families referenced throughout the FedRAMP series — RA, CM, SA, AC, AU, SI — and what each one means for platform engineers.
Drawing the FedRAMP authorization boundary is the most consequential platform decision in the program — what's in, what's leveraged, what's external, and how 20x turns the boundary from a Visio diagram into a data structure.
Everyone prototypes an AI agent in a weekend. Almost nobody ships it cleanly. Here's the wall you're about to hit — and how the platform is evolving to remove it.
FIPS-validated crypto is a hard requirement inside a FedRAMP boundary — not a best practice. A practitioner's walkthrough of where FIPS lands across 800-53 control families, and how the Building for Compliance supply-chain work maps onto it.
A platform engineer's plain-English walkthrough of what FedRAMP actually is — impact levels, the document set (SSP, SAR, POA&M), the ATO process, and how Rev5 and 20x change the picture in 2026.
Why masked CI variables and GitHub encrypted secrets are not enough — and how to replace them with OIDC-based access to HashiCorp Vault, AWS Secrets Manager, or GCP Secret Manager.
How I set up my personal blog and portfolio using Astro and GitHub Pages — zero cost, full control, and a git push away from publishing.
How to connect GitHub Actions runners to private infrastructure using Cloudflare Zero Trust WARP and a service account — enabling Terragrunt to reach private endpoints without IP allowlisting.
Wiring a signed Wolfi toolchain image into a real consumer pipeline, verifying it at deploy time with Sigstore policy-controller, and digest-pinning with Renovate — the series finale.