I like having my SSH commit signing automatically configured. In a previous article, I discussed how you can do this using your dotfiles repository. If you want to add support for reading the SSH keys from 1Password, then there are just a few more things you need to know.

One challenge with the GitHub’s Actions Runner Controller (ARC) is that it does not officially support Windows containers for the runners. With a little bit of work, though, it’s possible to make this configuration work on a hybrid Linux/Windows cluster.

With automation you can simplify many things as a developer. This includes automating the process of configuring commit signing with dotfiles.

Creating a well-organized build or release workflow is both an art and a science. Done properly, the process can be testable and maintainable, able to work on any CI/CD system. Like many things in software, there’s even a pattern that helps!

Looking to maintain virtual machine or Docker images in the most efficient way possible? Trying to build an image for GitHub ARC and needing to ensure you’re always using the latest available base image and runner? Then what you need is an Image Factory.

It’s not unusual for teams to want to merge the same branch into multiple branches. If they create multiple pull requests from that branch to each of the other branches, they suddenly find that their Checks behave differently than expected and the branches start to share results. Understanding why this happens makes it easy to get Checks to behave as expected.

What you don’t know can hurt you, especially when it comes to code. Dependency chains can tend to have more security considerations than most people realize. In fact, most dependencies have far more abilities than most developers realize …

I previously mentioned that it’s possible to force a release build to act like a debug build. To do this, we need to understand how .NET knows when to treat an assembly as a debug build or a release build (hint: it’s not the AssemblyConfiguration attribute!). We also need to understand the options that the runtime provides for overriding the default settings. Time to explore how that process is implemented and the configuration options available for overriding those settings.

If you’re not completely sure about the differences between Debug and Release builds in .NET, you’re not alone. Like PDBs, there’s lots of myths and half-true stories coloring our views. Most developers know that they use debug builds when they are creating code. But what is .NET really doing that’s so different? They know they should use release builds for production, but they don’t necessarily understand why. Think the code is better optimized by the compiler? That’s not entirely true (or at least it’s not true if we’re speaking about Roslyn or MSBuild). This post will explore what’s happening under the covers with Roslyn and the just-in-time (JIT) compiler.

In part three of our discussion of PDBs and debugging, we explore an improvement to the debugging experience: SourceLink. Instead of using the symbol server tools to source index our PDBs, we can use an open source, standardized approach to map our symbols back to the files in source control that were used to build our binaries.