Do you know what the main threat is to your CI/CD systems? It’s not the code you write, the tools you use, or the cloud provider you rely on. It’s the supply chain, and that is frequently the most vulnerable part of the development process. Today, let’s understand why.

The world of software development is changing rapidly. With Google’s latest announcement, part of how we deploy systems is getting ready to change for the better for nearly half of all companies. Are your teams ready for the challenge?

Minimizing network activity improves your build times, speeds up builds, and reduces costs. With ARC, you rely on multiple Actions steps in your workflow. What if you could avoid needing to download your most frequently used Actions? This post walks you through creating images with an Actions archive cache to eliminate those downloads.

If you’re going to build custom images for ARC or standalone VM runners, then you probably want to take some time to preload it with the tools that matter to your builds. If you want that process to work well for the GitHub-provided tools and actions/setup- Actions, then you’ll want to know how to prepopulate the runner’s tool cache.

Understanding ARC begins with understanding what it does (and does not do) to create runners on Kubernetes. The process is surprisingly straight-forward, and understanding it is key to mastering ARC.

The world of dev containers is constantly changing. Sometimes, even with community-driven specifications, there is a bit of room for interpretation. The initializeCommand lifecycle script is a great example of this, and the specification has been updated to align with the implementations. Learn how this affects your dev containers (and why your scripts should always be idempotent).

What’s the best way to test drivers or deployments using GitHub Actions? Today we explore why you shouldn’t run your pipeline on the system under test.

Whether you’re dealing with bad credentials or connectivity issues, there are a few tricks with Git that can make it easier to understand what’s happening. This post will dive into features of Git that you can use for understanding the credential flow and troubleshooting problems.

Sometimes you just need a little human interaction. And sometimes you need that to happen when you’re starting up a dev container so you can configure the environment. Thankfully, there is a way to get user input that works with most of the dev container implementations.

Part of mastering Kubernetes or containers is understanding how they work and how they interact with the host system. You’ve probably seen how to mount drives or folders into a containerized system, but there is another approach – mounting a file like a drive. This post will explore how to do this using a loop device in Linux.