Do you know what the main threat is to your CI/CD systems? It’s not the code you write, the tools you use, or the cloud provider you rely on. It’s the supply chain, and that is frequently the most vulnerable part of the development process. Today, let’s understand why.

Minimizing network activity improves your build times, speeds up builds, and reduces costs. With ARC, you rely on multiple Actions steps in your workflow. What if you could avoid needing to download your most frequently used Actions? This post walks you through creating images with an Actions archive cache to eliminate those downloads.

If you’re going to build custom images for ARC or standalone VM runners, then you probably want to take some time to preload it with the tools that matter to your builds. If you want that process to work well for the GitHub-provided tools and actions/setup- Actions, then you’ll want to know how to prepopulate the runner’s tool cache.

Understanding ARC begins with understanding what it does (and does not do) to create runners on Kubernetes. The process is surprisingly straight-forward, and understanding it is key to mastering ARC.

The world of dev containers is constantly changing. Sometimes, even with community-driven specifications, there is a bit of room for interpretation. The initializeCommand lifecycle script is a great example of this, and the specification has been updated to align with the implementations. Learn how this affects your dev containers (and why your scripts should always be idempotent).

Whether you’re dealing with bad credentials or connectivity issues, there are a few tricks with Git that can make it easier to understand what’s happening. This post will dive into features of Git that you can use for understanding the credential flow and troubleshooting problems.

Sometimes you just need a little human interaction. And sometimes you need that to happen when you’re starting up a dev container so you can configure the environment. Thankfully, there is a way to get user input that works with most of the dev container implementations.

Ever needed to automate creating an Azure Entra ID (Azure Active Directory) application and federating it with GitHub? With just a little PowerShell, you can!

Continuing the discussion from last week, here are a few additional recommendations that can improve your ability to manage and scale your ARC deployments.

There are some common issues that lead to teams struggling to set up ARC. Nearly all of these can be avoided by following a few simple guidelines. In the first of a two-part post, I’ll outline some of my recommendations for improving your experience setting up ARC.