April 2026, Prague DevOps meetup
Details
Talk 1 – ArgoTs: TypeScript-Powered GitOps with ArgoCD
By: Jiří Soukal - Senior Cloud Engineer, from PriceFX
Kubernetes is the de facto standard for cloud-native infrastructure, but managing it often means drowning in YAML. Tools like Kustomize, Helm, and ArgoCD overlays ease the pain, yet feel like patchwork rather than a fix. TypeScript-native solutions such as Pulumi or Terraform exist, but they rely on external state to diff and apply changes—adding complexity for GitOps teams.
This talk introduces a new approach: using TypeScript as the source of truth for Kubernetes infrastructure without external state. By extending ArgoCD to understand TypeScript, we can dynamically generate all resources, from workloads to ArgoCD Applications and even cloud provider resources via ConfigConnector or Crossplane.
Talk 2 – Securing AI Deployments: From Prompts to AIBOM
By: Marek Sottl, CEO of Hackihub
Are you interested in the security of AI application deployments? This packed session will focus on protecting language models and the obstacles that can arise during their deployment from a security perspective. We will explore deployment strategies in AWS and Azure environments, input validation using NLP, prompt tracing, and above all, we will emphasize the importance of AIBOM and MLBOM.
Talk 3 - GitOps, IaTS, OpenRouter and OpenClaw come to a bar
By Martin Pohl
GitOps, IaTS, OpenRouter and OpenClaw come to a bar.
The bartender says, “Great… who actually has production access?”
GitOps says, “Not me, I only sync what’s in git.”
IaTS says, “I just generate the infrastructure.”
OpenRouter says, “I only route the requests.”
OpenClaw says, “Relax, I already decided for everyone.”
The bartender slowly reaches for the incident button:
“So… which one of you started the outage?”
All four reply:
“According to the logs, it was a collaborative effort.”
Today’s infrastructure tooling is incredibly powerful platforms like ArgoCD, TypeScript-based GitOps, and modern cloud-native stacks allow us to build and manage systems with unprecedented flexibility. But at the same time, we are introducing entirely new layers of complexity and attack surface.
This talk explores the intersection of GitOps, TypeScript-driven infrastructure, and emerging AI tooling such as OpenRouter and autonomous agent-style setups like OpenClaw. As infrastructure evolves from static, declarative definitions into dynamic, runtime-generated systems, we are no longer just managing code we are operating systems that can interpret inputs, generate logic, and in some cases act autonomously.
With this shift comes a new set of security challenges: prompt injection, tool misuse, model supply chain risks, and limited observability into AI-driven decision-making. The session connects these emerging risks with concepts like AIBOM and modern AI deployment security practices.
Ultimately, this talk asks a critical question: are we building the future of platform engineering or creating systems we no longer fully control?
More about Talk 1:
Combining GitOps with the expressiveness of TypeScript creates infrastructure that is both declarative and dynamic, reducing toil while enabling richer abstractions, safer collaboration, and more maintainable platform engineering practices across the CNCF ekosystem.
Benefits to the ecosystem
- Clarity & Maintainability: Reduces YAML complexity and templating hacks by introducing a strongly typed, programmatic way to define infrastructure.
- GitOps Alignment: Preserves ArgoCD’s declarative, state-free model while unlocking the flexibility of TypeScript.
- Scalability: Makes it easier to manage multi-cluster and multi-environment setups with reusable, composable infrastructure definitions.
- Innovation in Platform Engineering: Demonstrates how the Kubernetes ecosystem can evolve beyond YAML-first thinking, inspiring new tools and workflows that balance developer experience with operational reliability.
- Community Value: Provides a concrete path for teams frustrated with YAML sprawl to adopt a more maintainable, type-safe, and future-proof approach—without abandoning the CNCF ecosystem’s GitOps best practices.