DevOps - Ken Muse

Adding an MCP Server to a VS Code Extension

Thu, 19 Feb 2026 00:00:00 -0500

Learn how to embed an MCP server in a VS Code extension to take your development work to the next level.

GitHub Agentic Workflows Bring AI Agents to Actions

Fri, 13 Feb 2026 00:00:00 -0500

Explore GitHub's new Agentic Workflows -- AI coding agents in GitHub Actions with defense-in-depth security and natural language automation.

What Is MCP and Why Do Developers Care?

Sat, 31 Jan 2026 00:00:00 -0500

Discover Model Context Protocol (MCP), the open standard that lets AI models connect directly to your databases, APIs, and tools for deterministic results.

Configuring GitHub Runners With a Dotfiles Action

Fri, 23 Jan 2026 00:00:00 -0500

Transform your dotfiles repo into a GitHub Action that secures runners without tokens or manual cloning.

Storing Data in Git Objects With Notes

Thu, 15 Jan 2026 00:00:00 -0500

Learn how to use Git notes to attach metadata like build results or review comments to commits without rewriting history or breaking signatures.

Why Your Perforce Branch History Is Missing in Git

Thu, 08 Jan 2026 00:00:00 -0500

Your Perforce branch history vanishes in Git because Git has no place to store it -- here's why and how to help your team adapt.

Understanding How Git Merges Work

Fri, 02 Jan 2026 00:00:00 -0500

Demystifying Git merges -- from merge commits and fast-forwards to rebases and cherry-picks. Learn what's really happening under the hood.

Understanding How Git Stores Data

Mon, 29 Dec 2025 00:00:00 -0500

A deep dive into Git's internal storage model -- how blobs, trees, and commits work together to track your code's history without a traditional database.

Deploying Services on GitHub Runner Custom Images

Fri, 26 Dec 2025 00:00:00 -0500

Deploy persistent services on custom GitHub runner images to speed up builds, reduce egress costs, and cut external dependencies.

Caching Repositories on GitHub Runner Custom Images

Wed, 24 Dec 2025 00:00:00 -0500

Cache large repositories on custom GitHub runner images to speed up clones from minutes to seconds using Git reference clones.

Masking Sensitive Information on GitHub Runner Custom Images

Mon, 22 Dec 2025 00:00:00 -0500

Learn the best way to protect sensitive information from leaking into the logs on GitHub runner custom images during both build-time and run-time.

Using GitHub Custom Images with OIDC

Fri, 19 Dec 2025 00:00:00 -0500

Learn how to use OIDC tokens in GitHub Actions custom images to authenticate with private container registries without storing credentials.

Pre-Caching Docker Images on GitHub Runner Custom Images

Wed, 17 Dec 2025 00:00:00 -0500

Discover how to improve GitHub Actions performance and drastically cut the time and bandwidth required to use Docker images in your workflows.

Using GitHub Custom Images for Workflow Validation

Mon, 15 Dec 2025 00:00:00 -0500

Use pre-job scripts in custom runner images to enforce workflow validation and ensure only approved workflows run on your GitHub Actions runners.

Layering Approaches for Secure Secrets

Fri, 12 Dec 2025 00:00:00 -0500

Learn to layer secret management techniques through practical examples that build defense-in-depth security for GitHub Actions, containers, and more.

More Ways to Secure Secrets

Wed, 10 Dec 2025 00:00:00 -0500

Move beyond static credentials with federated auth, managed identities, and secret vaults -- learn the tradeoffs and security considerations.

Securing Access to Secrets

Mon, 08 Dec 2025 00:00:00 -0500

Explore practical approaches to storing secrets securely, from files to HSMs, with real-world hardening strategies you can implement today.

Custom GitHub Runner Images With Pre- and Post-Job Scripts

Fri, 05 Dec 2025 00:00:00 -0500

Learn how to capture custom GitHub-hosted runner images, add pre- and post-job hooks, and make them part of your daily workflows.

Using Azure Flexible Federation With GitHub Actions

Tue, 02 Dec 2025 00:00:00 -0500

Use Azure flexible federated identity credentials with GitHub Actions to secure your workflows with custom OIDC claims approval expressions.

How I Avoided Shai-Hulud's Second Coming (Part 2)

Fri, 28 Nov 2025 00:00:00 -0500

How signed commits and repository protections completed my defense against the Shai-Hulud supply chain attack.

How I Avoided Shai-Hulud's Second Coming (Part 1)

Wed, 26 Nov 2025 00:00:00 -0500

Simple security practices that protected my dev environment from the Shai-Hulud supply chain attack -- and how you can use them too.

Understanding IPv6: From GitHub's IPs to Kubernetes and ARC

Sat, 08 Nov 2025 00:00:00 -0500

Learn how IPv6 affects your DevOps workflows, from GitHub's IP ranges to Kubernetes networking, Docker containers, and the latest ARC improvements.

The Hidden Danger in Git Ref Names

Fri, 31 Oct 2025 00:00:00 -0400

A Halloween lesson: how a weaponized Git branch name let attackers inject code via a GitHub expression and the simple steps you can take to block it.

The Key to a Secure CI/CD Process

Mon, 20 Oct 2025 00:00:00 -0400

Learn how to create a secure CI/CD pipeline by starting with securing your most important asset: your people.

Speed Up Git Clones With Local References

Fri, 03 Oct 2025 00:00:00 -0400

Discover how to optimize Git clones by using references to share repository data and Git LFS objects across multiple systems.

Publishing npm Packages to GitHub Packages With Yarn

Sat, 27 Sep 2025 00:00:00 -0400

Trying to publish npm packages to GitHub Packages with Yarn? Learn how to authenticate and publish your GitHub Packages with Yarn v4.

The New DevOps - Why AI Is Not Taking Your Job (Yet)

Thu, 28 Aug 2025 00:00:00 -0400

Exploring why AI tools complement rather than replace developers, and how smart companies use AI to enhance team productivity instead of downsizing talent.

Adding Help (man) to Buildroot Packages

Fri, 22 Aug 2025 00:00:00 -0400

A step-by-step guide to adding configurable man page support to custom Buildroot packages, extending the GitHub CLI package with comprehensive documentation.

Creating a CodeQL Image for ARC With Python 2

Thu, 24 Jul 2025 00:00:00 -0400

Add Python 2 support to your CodeQL Docker image using multistage builds (and some Docker tricks) to support security scanning in ARC.

Creating a CodeQL Image for ARC

Sat, 19 Jul 2025 00:00:00 -0400

Learn how to build a custom Docker image with CodeQL pre-installed for GitHub ARC runners, eliminating download times and ensuring consistent analysis.

Creating a Custom Buildroot Package For Binaries

Fri, 11 Jul 2025 00:00:00 -0400

A step-by-step guide to creating your first custom Buildroot package for a binary package containing an installable GitHub CLI.

Speeding Up the Buildroot Toolchain

Sat, 05 Jul 2025 00:00:00 -0400

Speed up your Buildroot builds with prebuilt toolchains, SDK reuse, and CI/CD caching. Enjoy faster results and less frustration!

Configuring Buildroot for Crafting Images

Wed, 25 Jun 2025 00:00:00 -0400

Learn how to use Buildroot's menu system to create and configure a minimal, Bash-only image for Docker.

Building OCI Images With Buildroot

Sat, 21 Jun 2025 00:00:00 -0400

Build Docker images and OCI packages easily with Buildroot. Learn to automate, customize, and simplify your image creation process.

Calling Docker From Inside a GitHub Job Container

Sat, 24 May 2025 00:00:00 -0400

Learn to run Docker commands inside a GitHub Actions job container and understand the magic behind how Actions creates and manages job and service containers.

Authenticating Docker in Docker Containers in Kubernetes

Sat, 17 May 2025 00:00:00 -0400

Discover how to securely authenticate Docker-in-Docker containers inside Kubernetes to enable private registry access.

Why Exporting Environment Variables Doesn't Work In Actions

Sat, 10 May 2025 00:00:00 -0400

Ever wondered why you can't just export your environment variables in GitHub Actions? In this post, you'll learn why that happens and what you can do about it.

How to Dynamically Authenticate With Git

Tue, 06 May 2025 00:00:00 -0400

Discover practical techniques for dynamically authenticating with Git using environment variables or secret vaults to retrieve user credentials.

How Does Git Authentication Work?

Sat, 03 May 2025 00:00:00 -0400

Discover the intricacies of Git authentication, how it works, and how to configure credential helpers to allow fine-grained control over authentication.

Good Code Doesn't Care Where It Lives

Mon, 21 Apr 2025 00:00:00 -0400

Trying create code that is truly flexible? Learn how to write software and services that run everywhere: in VMs, containers, and serverless platforms.

Retrieving Properties From a Gitsigned Commit

Wed, 16 Apr 2025 00:00:00 -0400

Learn how to extract and validate signed Git commits using the Gitsign certificates and OpenSSL to enhance your software supply chain security.

Using Gitsign for Keyless Git Commit Signing

Sat, 12 Apr 2025 00:00:00 -0400

Use Gitsign and GitHub Actions for keyless Git commit signing to enhance supply chain security and ensure code provenance without managing private keys.

What's New in GitHub Actions Runner Controller

Mon, 31 Mar 2025 00:00:00 -0400

The new version of Actions Runner Controller has performance fixes, improved configurability, and a new approach to metrics. This post reviews those changes.

The Most Dangerous Phrase in Software Development

Sat, 01 Feb 2025 00:00:00 -0500

Discover why "it should work" is software development's most dangerous phrase and how this mindset leads to unreliable, untested code.

The Secret Life of Git Large File Storage

Sat, 25 Jan 2025 00:00:00 -0500

Uncover the hidden secrets and inner workings of Git LFS! Learn the tricks behind how it uses native Git extensibility features to manage your large files.

Migrating Git With An LFS Configuration File

Sat, 18 Jan 2025 00:00:00 -0500

Learn how to configure Git LFS endpoints and to safely migrate repositories that are using .lfsconfig to manage the storage location.

Defining an Infrastructure-as-Code Maturity Model

Sat, 11 Jan 2025 00:00:00 -0500

Infrastructure-as-code should continuously improve. This post introduces a maturity model to enhance how you develop testable and reusable IaC solutions.

Managing Pod Resource Requests and Limits in Kubernetes

Thu, 02 Jan 2025 00:00:00 -0500

In Kubernetes, we cannot manage resources at the pod level and must resort to setting requests and limits on containers. Learn how that's changing.

Distributing .NET Dependencies and Settings With Packages

Thu, 26 Dec 2024 00:00:00 -0500

Learn how to standardize development practices by distributing dependencies, settings, and analyzers using NuGet packages.

Using A Kubernetes Native Sidecar With GitHub ARC

Fri, 20 Dec 2024 00:00:00 -0500

Explore how to modernize the Docker-in-Docker support in GitHub Actions Runner Controller (ARC) using the latest Kubernetes feature: native sidecars.

Taking Advantage of Kubernetes Native Sidecars

Thu, 19 Dec 2024 00:00:00 -0500

Kubernetes has a powerful feature that can help you build more robust deployments. Learn about native sidecars, the problems they solve and how to use them.

Exploring The Three Flavors of GitOps

Sat, 14 Dec 2024 00:00:00 -0500

Discover the world of GitOps, where Git becomes your source of truth for deployments and learn the three models for defining your GitOps practices.

How to Test a .NET Package

Fri, 06 Dec 2024 00:00:00 -0500

Packages are code, too! Like any code solution, you need to test your work. Learn how to test a custom .NET package that adds ZIP support to the build process.

Distributing Custom .NET Tasks

Wed, 27 Nov 2024 00:00:00 -0500

There's a simple trick to easily share .NET build tasks between developers. Learn to create a NuGet package that automatically ZIPs your builds for deployment.

Creating a Zip Package in .NET

Sat, 23 Nov 2024 00:00:00 -0500

Compiling code and packaging it as a ZIP file to deploy a .NET application can be simplified to a single command with this native MSBuild feature.

Migrating Submodules That Use Large File Storage (LFS)

Sat, 09 Nov 2024 00:00:00 -0500

When repositories are migrated, it's easy to break the links to the submodules. In this post, learn why it happens, how to avoid it, and how to fix it.

What Is a GitHub Tool (And Why to Use Them)

Sat, 02 Nov 2024 00:00:00 -0400

GitHub tools make it easier to manage the dependencies of a project and ensure your environment remains consistent and stable. Learn how to use them (and why).

Defining The Process for Securing Your Supply Chain

Sat, 26 Oct 2024 00:00:00 -0400

A company's development practices are only as secure as their supply chain. Learn how to define a process for properly reviewing your supply chain.

Using React in Visual Studio Code Webviews

Fri, 18 Oct 2024 00:00:00 -0400

Build custom extensions and Webviews is for Visual Studio Code is just the start. Learn how to upgrade your views to use React.

Improved Blogging With Visual Studio Code Webviews

Fri, 11 Oct 2024 00:00:00 -0400

A custom extension in VS Code gives me a more efficient blogging process. Explore how I incorporate custom UIs using Webviews.

Improved Blogging With Visual Studio Code Extensions

Fri, 04 Oct 2024 00:00:00 -0400

Combining Visual Studio Code with Hugo has given me a great workflow for my blog. I made it even better by creating a custom VS Code extension.

Improved Blogging With Visual Studio Code Tasks

Tue, 01 Oct 2024 00:00:00 -0400

I use Visual Studio Code and Hugo to manage my blog and make it easier to create content. Today I explore how I use VSCode Tasks to automate the work I do.

Testing Kubernetes Operators and Controllers With Minikube

Fri, 27 Sep 2024 00:00:00 -0400

Sometimes you need to try out a modified image or custom chart you're creating in Kubernetes. Minikube can make that process easier.

How to Handle Step and Job Errors in GitHub Actions

Fri, 06 Sep 2024 00:00:00 -0400

In most cases, we write a workflow where all of the steps succeed. In this post, we'll explore how to create workflows that can handle a failing step or job.

Using Dynamic Environment Variables With GitHub

Sat, 31 Aug 2024 00:00:00 -0400

Learn how to dynamically generate environment variables in GitHub Actions, and learn how this technique can be used to configure Actions themselves.

Mastering the Jest TestEnvironment Event Types

Thu, 29 Aug 2024 00:00:00 -0400

If you're implementing a TestEnvironment, you'll need interact with the testing lifecycle. This post will explore events that are raised and how to use them.

A Crash Course on Jest TestEnvironments with TypeScript

Sat, 24 Aug 2024 00:00:00 -0400

Want to get the most out of Jest and you love TypeScript? Need some code that runs outside of the tests? Learn how (and why) to build custom TestEnvironments.

Implementing Processes for GHAS using GitHub Probot

Fri, 16 Aug 2024 00:00:00 -0400

GitHub Advanced Security helps teams to shift left and secure their development. When its processes don't quite fit the team's approach, it's time for Probot!

Planning Kubernetes Cloud Deployments

Sat, 27 Jul 2024 00:00:00 -0400

Understanding resource allocation is a critical skill for successful Kubernetes cluster deployments. Learn how the cloud providers reserve Kubernetes resources.

Understanding Kubernetes Resource Consumption

Fri, 19 Jul 2024 00:00:00 -0400

Surprised that you can't fit as many pods on a node as you thought? It turns out that there's a lot more to the story of how Kubernetes allocates resources.

The Ultimate Debugging Hack for Developers

Fri, 12 Jul 2024 00:00:00 -0400

Developers usually want to be able to directly connect to a system and start their debugger. What if there's a better way to get the information you need?

Scaling ARC on a Schedule

Wed, 03 Jul 2024 00:00:00 -0400

The Actions Runner Controller (ARC) can't configure the minimum runner count based on a schedule. Learn to use native `CronJob` resources for the task!

The Top 5 Things To Know About ARC

Fri, 21 Jun 2024 00:00:00 -0400

Actions Runner Controller (ARC) is a powerful way to manage ephemeral, self-hosted GitHub runners. There are five keys that can make you successful using it.

The Importance of Kubernetes Logs

Thu, 13 Jun 2024 00:00:00 -0400

If you really want to master your Kubernetes environment, it begins with understanding the value of a logging and how to implement good logging practices.

The Magic of Scaling and Auto-Scaling

Thu, 06 Jun 2024 00:00:00 -0400

Scaling systems is a journey. It's not just about adding more resources. It's about understanding the bottlenecks and how to overcome them.

Strategies for Upgrading ARC

Thu, 30 May 2024 00:00:00 -0400

Understand the best practices for upgrading Actions Runner Controller and minimizing downtime, including when (and if) you can skip a release.

Building Base Images for ARC

Thu, 09 May 2024 00:00:00 -0400

If you're using Actions Runner Controller, the provided base image may not be enough. Learn what's needed in your image to make your workflows run smoothly.

Supply Chain Security in CI/CD Systems

Thu, 02 May 2024 00:00:00 -0400

Your supply chain is frequently the most vulnerable part of your development process. In this post, we'll explore how you can protect your CI/CD systems.

Fashion, DevOps, and Certificates

Sat, 20 Apr 2024 00:00:00 -0400

Google has announced an initiative that will change the way certificates are issued, impacting 50% of companies. Are your dev practices up for the challenge?

Building GitHub Runner Images With an Action Archive Cache

Fri, 29 Mar 2024 00:00:00 -0400

If you want to make images for GitHub Actions Runner Controller (ARC) that are fast and network-friendly, learn how to include an Action archive cache.

Building GitHub Actions Runner Images With A Tool Cache

Thu, 28 Mar 2024 00:00:00 -0400

If you want to make an efficient image for GitHub Actions Runner Controller (ARC), you need to first understand how to prepopulate the runner's tool cache.

What Is ARC Doing & How Does It Interact With Kubernetes?

Sat, 16 Mar 2024 00:00:00 -0400

Understanding ARC begins with understanding what it does (and does not do) to create runners on Kubernetes. In this post, I explore the basics of the process.

What Developers Should Know About Floating Point Numbers

Fri, 01 Mar 2024 00:00:00 -0500

Fun fact: adding 0.1 to 0.2 doesn't exactly equal 0.3 in most programming languages. Learn why floating point numbers don't behave the way you think they do.

GitHub Actions and Monitoring

Fri, 23 Feb 2024 00:00:00 -0500

Whether you’re developing drivers, building appliances, or testing system deployments, you need to test your code. For many, this means installing GitHub Actions Runners (or other agents) on the system under test. But is this really the best way to test your code?

For many teams, this doesn’t seem to create any direct issues. By monitoring the system as they deploy, they can directly assess whether the deployment is working correctly. This approach has several significant drawbacks. If you’re testing system drivers (or low-level components), the first issue is obvious: system failures will kill the current agent and the pipeline process. When the system restarts or crashes, the runner or agent is also killed. Because the system is no longer accessible, teams look for ways to reconnect to the environment to query the root cause. The common work around is to treat those as “failures” and then try to assess what happened manually. When manual processes are required, we lose efficiency. We need to be able to assess the outcome and report it as easily as possible in order to enable the problem to be remediated.

Troubleshooting Git Authentication

Fri, 16 Feb 2024 00:00:00 -0500

Whether you're dealing with bad credentials or connectivity issues, there are a few tricks with Git that can make it easier to understand what's happening.

Mounting Files as Volumes

Fri, 02 Feb 2024 00:00:00 -0500

Kubernetes and containerized systems mount drives and folders as volumes, but there is another option. Learn how to mount a file and treat it like a drive.

Understanding Container Image Layers

Sat, 27 Jan 2024 00:00:00 -0500

To master containers, it's important to understand the concept of layers. In this post, I'll explain how layers work and the basis behind their implementation.

Automating Azure OIDC Application Federation

Mon, 22 Jan 2024 00:00:00 -0500

I was recently asked if I knew how to automate creating Azure Entra ID (formerly Active Directory) applications. More specifically, they wanted to know if they could use PowerShell to automate creating the OIDC federation between Azure AD and GitHub. To do this, we just need to use a few PowerShell modules that save us the trouble of crafting several REST calls. These modules work with PowerShell 5.x and 7.x.

More Best Practices for Deploying GitHub ARC

Thu, 11 Jan 2024 00:00:00 -0500

There are some common issues that lead to teams struggling to set up ARC, and nearly all can be avoided with these recommendations.

Best Practices for Deploying GitHub ARC

Fri, 05 Jan 2024 00:00:00 -0500

There are some common issues that lead to teams struggling to set up ARC. Nearly all of them can be avoided with these recommendations.

Why You Should Use Dedicated Clusters For GitHub ARC

Sat, 30 Dec 2023 00:00:00 -0500

I recommend using a dedicated Kubernetes cluster with GitHub Actions Runner Controller (ARC) to get the best performance and security. This post explains why.

GitHub Actions Injection Attacks

Thu, 21 Dec 2023 00:00:00 -0500

Security is important, even in your CI/CD processes. Learn the basics of injection exploits with GitHub Actions and how to avoid them.

The Two GitHub ARCs (and Why You Should Only Use One)

Sat, 16 Dec 2023 00:00:00 -0500

Many teams want to have GitHub self-hosted runners on Kubernetes using ARC, but aren’t aware there are two different versions. This post attempts to explain.

Enabling GitHub ARC Metrics

Sat, 09 Dec 2023 00:00:00 -0500

Learn to enable metrics in GitHub's Actions Runner Controller (ARC) and get visibility into the processing queue and the performance of jobs and runners.

Understanding OIDC and Identity Federation

Fri, 24 Nov 2023 00:00:00 -0500

Adopting OIDC can be challenging for teams that don't understand how the process works. This post explores OIDC and explains what's happening under the covers.

Automatic SSH Commit Signing With 1Password

Fri, 10 Nov 2023 00:00:00 -0500

Learn how to automate SSH commit signing with 1Password and dotfiles to enable others to verify the authenticity of your Git commits.

Windows Runners on Actions Runner Controller

Thu, 26 Oct 2023 00:00:00 -0400

GitHub's Actions Runner Controller (ARC) does not officially support Windows containers for runners. With a little bit of work, we can make it possible.

Automatic SSH Commit Signing With Dotfiles

Thu, 19 Oct 2023 00:00:00 -0400

I previously talked about how dotfiles can improve the development experience. By automating the processing of setting up your environment, you are free to focus on more important things. One of the more mundane tasks for developers is setting up commit signing and verification. By doing this, others can verify that you are the author of a specific commit. It just requires some setup, especially if you want automatic support in your dev containers. For these examples, I’m going to use SSH-based commit signing. It’s a common approach, and it doesn’t require sharing a private key between environments.

Organizing Build Processes

Thu, 05 Oct 2023 00:00:00 -0400

Most automated processes aren't maintainable. There are practices you can use to create CI/CD workflows that are maintainable, testable, and reusable.

The Image Factory Pattern

Thu, 28 Sep 2023 00:00:00 -0400

Looking to maintain virtual machine or Docker images in the most efficient way possible? Use the Image Factory pattern to automate creation and distribution!

Shared Commits and GitHub Checks

Thu, 21 Sep 2023 00:00:00 -0400

Using a pull request to merge the same commit to multiple branches causes GitHub Checks and validations to fail. Learn the technique needed to fix this issue.

The Hidden Dangers in Dependencies

Thu, 14 Sep 2023 00:00:00 -0400

When it comes to code, what you don't know can hurt you. Dependencies come with more security considerations than most people realize. Learn to tighten it up!

Forcing .NET Into Debug Mode

Thu, 07 Sep 2023 00:00:00 -0400

How does .NET determine debug or release at runtime? It's more than just specifying a build configuration. And it's more configurable than most people realize.

Understanding .NET Debug vs Release

Thu, 24 Aug 2023 00:00:00 -0400

Not completely sure about the differences between Debug and Release builds in .NET? Explore the implementation and the implications.

An Introduction to SourceLink

Thu, 17 Aug 2023 00:00:00 -0400

Instead of using symbol servers to index our PDBs, we can use an open, standardized approach to map our symbols to source code and improve the debug experience.

Understanding Symbol Servers

Thu, 10 Aug 2023 00:00:00 -0400

It's not really an exploration of PDBs and debugging without talking about symbol servers. Today we'll learn about what they do and when you need one.

What Every Developer Should Know About PDBs

Thu, 03 Aug 2023 00:00:00 -0400

Almost a decade ago, John Robbins opened up the details of PDBs to the developer world. It's time to re-examine the format and how it works in modern .NET.

Universal Packages on GitHub With ORAS

Fri, 14 Jul 2023 00:00:00 -0400

Most package management systems support "universal artifacts" storage. Although not explicitly documented, GitHub also supports universal packages via ORAS.

Creating GitHub Checks (and Understanding the Checks API)

Thu, 06 Jul 2023 00:00:00 -0400

If you need to integrate an external system or execute parts of the CI process asynchronously, the GitHub Checks API can provide a way to make that happen.

The Many SHAs of a GitHub Pull Request

Fri, 30 Jun 2023 00:00:00 -0400

Executing a GitHub Action for a pull request creates a surprising number of SHA commits. Learn the purpose of the different SHAs and when to use each one.

Why You Should (Not) Prefer Monorepos For Git

Fri, 23 Jun 2023 00:00:00 -0400

Monorepos are often seen as the simple solution to complex collaboration and code management problems. Like with most quick fixes, the devil's in the details.

That Template Repository Trick

Thu, 15 Jun 2023 00:00:00 -0400

Many people are familiar with the idea of the template repository. It provides a great way to centralize configurations for common projects for teams. I can declare a repository, configure it with files and folders, and set up one or more branches. After marking it as a template in the Settings, it becomes available to other team members when they create a repository.

GitHub Actions Workflow Permissions

Thu, 08 Jun 2023 00:00:00 -0400

GitHub Actions provide powerful workflow support but rely on trusting third-party code. Learn how to secure your GitHub Actions workflows using permissions.

Improving Dev Container Feature Performance

Thu, 01 Jun 2023 00:00:00 -0400

Dev container features provide a quick way to add functionality. The tradeoff for the ease of use is often speed. Learn the tricks to preserving performance.

Dynamic Build Matrices in GitHub Actions

Thu, 04 May 2023 00:00:00 -0400

GitHub Actions allows you to create matrix builds to execute steps multiple times with different parameters. Learn how to define them programmatically!

GitHub, Maven, and Packages

Thu, 27 Apr 2023 00:00:00 -0400

It's important to understand how to securely access package repositories when doing a Java build. Understand how GitHub Actions supports this process.

Mythical Development Heroes

Thu, 20 Apr 2023 00:00:00 -0400

Last week, we examined some common myths about time. Did you know that software also has hero myths? These are mythologies that have crept into development practices that ultimately have a negative impact on teams. Normally, we like to think of a a hero as someone admired for their achievements that overcomes adversity. They “save the day”, rescuing others from imminent dangers. In software development, however, a hero is often a problem.

Mythical Development Time

Thu, 13 Apr 2023 00:00:00 -0400

There are three common ways we misuse time in development. Believing in the myths of how to manage time can reduce productivity and introduce unnecessary risk.

Preventing GitHub Actions Injection Attacks

Fri, 07 Apr 2023 00:00:00 -0400

Everything coded can be exploited, including GitHub Actions. The powerful expressions syntax can also break your systems. Learn better ways to handle them.

The Life of a Commit After Git Squash

Fri, 31 Mar 2023 00:00:00 -0400

Explore what happens to files in Git after squashing a set of commits that have a tag applied to them. What happens to the commits and the tag may surprise you!

Modeling the Hidden Costs of Development

Thu, 02 Mar 2023 00:00:00 -0500

Create financial models that help you understand the actual costs of your technical debt and bad development practices.

The Hidden Costs of Bad Development Practices

Thu, 23 Feb 2023 00:00:00 -0500

Major products and companies disappear without a trace. From Blackberry to Internet Explorer, they all succumbed to fatal technical debt. Learn how to fix it.

Doing DevOps With Databricks

Thu, 03 Nov 2022 00:00:00 -0400

Databricks is an exciting and powerful platform for creating solutions that can process big data into actionable content. Originally, the platform lacked several important aspects that are necessary to fully automate the platform. This historically limited the ability to integrate it into a holistic DevOps practice. Thankfully, those days are long past. Those limitations have been removed, making it possible to utilize the platform more fully.

There are three parts to the DevOps story with this platform: infrastructure, notebooks, and jobs. Over the last few years, the Databricks team has worked hard to build up the DevOps story around these aspects. Today, we’ll explore some of those features!

Implementing DevOps for Azure Data Factory

Thu, 27 Oct 2022 00:00:00 -0400

There’s a lot of documentation around using Azure Data Factory, but surprisingly little on implementing DevOps practices. There’s even less when it comes to implementing an automated workflow. Typically, the system expects you to design and build the pipelines within the provided user interface, then press Publish.

The Native CI/CD Process

Under the covers, edits in ADF create a series of JSON files which stores the configuration. Changes in the portal are stored to these files. When the configuration is published, those JSON documents are used to generate ARM templates. If ADF is configured to use a Git repository, a copy of the published templates is pushed to the publish branch (typically, adf_publish). This branch can then be reused for automation and deployment to other environments.

Azure Data Factory DevOps

Thu, 20 Oct 2022 00:00:00 -0400

It’s been fun spending time re-exploring the data platform this week. After months away from the world of big data, I’ve been amazed at how far the tools have come. Two years ago, the support for DevOps tools and practices was very limited. Now, it’s substantially more robust. Don’t get me wrong — you could create workable solutions. It was just harder than necessary.

Azure Data Factory (ADF) was a surprising entry into the big data space. Microsoft actually started the project as code-first, so there was a level of support for DevOps from the beginning. It generates code that can be edited and modified by users, and the environment could be integrated with Git. It wasn’t a perfect solution, but it was great to see them thinking about the problem.

Dev Containers and AWS Credentials

Wed, 03 Aug 2022 00:00:00 -0400

Did you know it's possible to share your AWS credentials between your host computer and your Dev Containers? Once again we explore the power of Docker mounts!

Dev Containers and node_modules

Wed, 27 Jul 2022 00:00:00 -0400

There's a trick you can use with dev containers and Docker volumes to make it easier to manage your node_modules folder.

Coloring Consoles in ANSI

Wed, 13 Jul 2022 00:00:00 -0400

Explore how to use ANSI escape sequences to force PowerShell (and other tools) to colorize console outputs.

Creating a .gitattributes Without Committing

Wed, 06 Jul 2022 00:00:00 -0400

Did you know that you can specify file handling in Git without committing a .gitattributes file? Learn how to configure a Git repo without a commit.

What Is The .gitattributes File?

Wed, 29 Jun 2022 00:00:00 -0400

Sometimes you see the file in a project. It’s just sitting there, somehow influencing Git. But what is .gitattributes? In short, it is a basic text document that associates attributes and behaviors with specific file types. At its most basic, it configures how files matching certain patterns (usually file extensions) are handled. Common scnearios include configuring how the line feeds are handled, whether the document is treated as a binary (non-diffable), and providing special processing before a commit or after checkout.

Creating a .gitignore Without Committing

Thu, 23 Jun 2022 00:00:00 -0400

Did you know that you can ignore files and folders in Git without committing a .gitignore file? Learn a trick for working with Git more effectively.

Variable Groups in GitHub

Thu, 16 Jun 2022 00:00:00 -0400

Missing your Azure DevOps variable groups? Learn techniques you can use to implement variable groups in GitHub Actions.

Distributing Templates with GitHub

Fri, 22 Apr 2022 00:00:00 -0400

To make the packages we've created available to the rest of our team, we need a package management solution, such as GitHub Packages.

Custom .NET Item Templates

Fri, 15 Apr 2022 00:00:00 -0400

Explore creating a reusable template that uses dotnet new to package and distribute a file.

Deploying to Azure from Private Container Registries

Thu, 17 Mar 2022 00:00:00 -0400

How to use private registries and GitHub Container Registry with services like Azure Container Instances, Azure App Services, and Azure Container Apps.

Using Azure Run From Package

Fri, 04 Feb 2022 00:00:00 -0500

Learn how to use "Run From Package" to create atomic deployments to your Azure App Service.

Have It Your Way - The Magic of dotfiles

Thu, 20 Jan 2022 00:00:00 -0500

Have your favorite configurations follow you in your Dev Containers by creating a dotfiles Git repository.

Using Development Containers

Tue, 19 Oct 2021 00:00:00 -0400

Learn how to implement development environments using infrastructure-as-code with Dev Containers, Codespaces, and Gitpod!

Reusing GitHub Workflows and Centralized Processes

Thu, 07 Oct 2021 00:00:00 -0400

It’s almost Friday, so we’ll keep today’s post short.

This week, GitHub officially launched the public beta of reusable workflows. Reusable workflows make it easy to treat a workflow like an Action. It can be referenced and executed from other workflows in the caller’s context. This allows teams to share common patterns, to centralize best practices, and to centralize the development of processes.

My Experience Migrating to Hugo

Mon, 16 Aug 2021 00:00:00 -0400

It’s that time of the season. Just over a year ago, I moved to Piranha for my CMS hosting. At the time, I wanted something quick and easy to setup and didn’t have time to consider Hugo. It’s a year later, and things have changed. Earlier this year, I had to reconsider that decision as I went through the process of upgrading my Piranha install.

Piranha is powerful and easy to use, and I’ve been able to sustain a rather steady amount of traffic with minimal Azure resources (and a little CDN magic). It also uses Markdig, which is definitely my favorite CommonMark compliant Markdown processor. I love the fact that it integrates extensions from GitHub Flavor, PHP Markdown, and Pandoc. This makes it incredibly easy to author content without having to spent my time finding workarounds for missing formatting features. Frankly, it provides me with the best aspects from multiple markdown tools.

Restoring Azure Tests for SonarQube

Wed, 25 Sep 2019 00:00:00 -0400

Continuing from the previous post, SonarQube expects a certain set of files to be present in $(Common.TestResultsDirectory). When it doesn’t find the files in the folder, it can prevent it from reporting the results correctly. Because of changes to the vstest task, that folder is cleaned up once the tests results are uploaded, meaning that the files may not exist when SonarQube looks for them. We have a few options for resolving this issue.

Missing Tests on Azure DevOps

Tue, 24 Sep 2019 00:00:00 -0400

The customer was having a rough day. They had lots of unit tests, but were seeing an unexpected behavior from Azure DevOps and SonarQube. Because some tests were written in XUnit and others with MSTest, they had separated the execution into two tasks in their build. At the end of the build, results were sent to SonarQube for analysis. The problem was that each time the second set of tests ran in Azure DevOps, the results from the first pass disappeared. The assumption was that the files were being overwritten by the second test run. The fix seemed simple – copy the results before the second set of tests executed.

Understanding ARM Templates _artifactsLocation

Mon, 18 Feb 2019 00:00:00 -0500

I’m someone that is always interested in seeing what’s behind the curtain, pulling apart designs to understand the why and the how. When I began working with ARM templates, I noticed there were two parameters that Microsoft always included in the default template. These parameters were used in the template, but generally never had a value assigned to them. I’m talking about:

_artifactsLocation
_artifactsLocationSasToken

I decided it was time to understand the reason for these parameters and how to best take advantage of them. I find that a lot of people don’t understand these fields. So – let’s discuss!

ARM Templates and Cloud Init

Thu, 07 Feb 2019 00:00:00 -0500

If you’ve been spending much time with Linux VMs, you may have encountered Cloud-Init. Cloud-Init is an easy way to specify the configuration which needs to be applied to a deployed virtual machine. Executed when the machine is first provisioned, it can easily configure the environment on your behalf.

The process of using Cloud-Init with ARM has been documented several times on the Microsoft site. In each case, it tends to rely on base64 encoding the template and including it into your ARM template. This ensures that it is deployed automatically as part of the virtual machine.

Data DevOps: Deploying SQL Server DACPACs to Docker

Mon, 31 Dec 2018 00:00:00 -0500

In order to truly optimize the workflow and create a culture of DevOps, we need to be able to quickly build and deploy databases. To automate this process, we need to rely on improving our ability to utilize infrastructure as code. In this post, I’m going to show you how to use sqlpackage to automate the process of deploying a DACPAC to SQL Server 2017 on a Linux container.

What is a DACPAC?

If you’re not familiar with the terms, DACPACs are a way of encapsulating the definition of a SQL Server database for automated deployment. Essentially, it’s a ZIP file (or, more specifically, an Open Packaging Convention document) which contains the details of the schema and an optional set of pre-deployment and post-deployment scripts to be executed. The benefit of this model is that it uses state-based deployments to update the schema of the database. Think of this as desired state configuration for your database schema. Rather than manually creating migration scripts, you can instead focus on defining the end state and allowing DACFx (Database Application Framework) to determine how to best apply the migration.

DevOps and Creating Documentation

Mon, 05 Nov 2018 00:00:00 -0500

Just because your software iterations are fast and lean doesn’t mean that you shouldn’t have good documentation. In fact, with shorter release cycles documentation becomes even more important. Consequently, it’s important to have a a process that makes rapid updates possible.

I was faced with just such a situation the other day. I had to assist with some documentation which were authored as Markdown and stored in source control. The documents were manually published by converting them to HTML using a Python 3 package called Grip. This formatted the documents and gave them an appearance based on Github’s look and feel. The results were packaged in a ZIP file for distribution. A repetitive process like this seems like a great excuse to automate!

Conditional Build and Release Tasks in VSTS

Mon, 25 Jun 2018 00:00:00 -0400

One of the most overlooked features in VSTS is the ability to determine whether a task will be executed using custom conditions. What are custom conditions? It’s the ability to specify a short expression which evaluates to a boolean value. If the result is true, the task will be executed. If the value is false, the task is ignored. For example, let’s take this expression:

This expression evaluates the built-in variable Build.Reason to determine if the task is executing the build as part of a pull request branch policy. If the build status is currently failed and the build was triggered by a pull request, the task will execute. In all other cases, the task will be skipped.

Enabling Release Annotations in VSTS

Mon, 11 Jun 2018 00:00:00 -0400

Application Insights is a powerful component of Azure. It provides us with real-time logging about the performance of our application, the reliability of the site, and any exceptions that might arise. It’s an important and often overlooked part of the DevOps lifecycle — monitoring the application in production.

New releases can introduce new issues. Whether its a new bug being exposed as part of the release or simply some latency issues during the rollout, it’s important to understand the relationship. Today’s post will explore how we can use VSTS to automatically add annotations to our Application Insights environment.

Handling “Open File – Security Warning”

Wed, 31 Jan 2018 00:00:00 -0500

It seems like a simple enough task. Use an Azure File share to store an executable and use a PowerShell script to execute the application on a new virtual machines. In practice, however, you might find that the executable is quietly failing to run. Running the executable on the server manually, the problem becomes apparent as a dialog box appears with the title:

“Open File – Security Warning”

This issue typically occurs when executing files that originated from the internet. In this case, the cause is different: the UNC path is treated as part of the Internet Zone, restricting the permissions.

DevOps News From Connect(); 2017

Thu, 16 Nov 2017 00:00:00 -0500

The Microsoft Connect(); 2017 online event is nearly over, and so far we’ve heard lots of exciting news from Microsoft about Azure and changes to improve their support for DevOps. In fact, DevOps has been a big part of the theme this year.
So let’s recap some of the announcements that have been made…

Azure DevOps Projects

If you’re new to Azure and VSTS, it can be difficult to know how to begin building a DevOps pipeline thatand configuring everything to deploy to Azure. Microsoft is introducing the Azure DevOps Project public preview to try to solve that. If you open https://portal.azure.com/#create/Microsoft.AzureProject, you will be presented with a Wizard that will walk you through the process of creating a code repository and CI/CD pipeline for a new application. You can choose from a set of sample applications in .NET, Node.js, PHP, Python, Java, or pure HTML … or bring your own code. The wizard will create a Git Repository with the code and a CI/CD pipeline in VSTS. It will also create all of necessary the Azure resources, including Application Insights monitoring. This promises to make it easier for everyone to get started.

Using SSH with Visual Studio Team Services

Mon, 13 Nov 2017 00:00:00 -0500

In April 2016, Visual Studio Team Services introduced support for using SSH to connect to Git repositories. Over the summer of 2017, Microsoft made a number of improvements to reduce latency and improve performance for Git connections. These changes take advantage of Azure Traffic Manager to route the traffic over the Azure Global Network. According to the Microsoft announcement, the results were a success – an overall improvement in transfer speeds and latency. Of course, changes like this have a cost. In this case, Microsoft needed to change the URLs used for SSH connections. Consequently, Microsoft announced that on November 17, the old URLs will be deprecated and no longer work. That day is almost here – so consider this a friendly reminder!

Creating a Temporary Visual Studio Environment

Thu, 24 Aug 2017 00:00:00 -0400

Learn to create a temporary environment on an Azure VM for your Visual Studio project.

DevOps: Connecting VSTS to Azure

Fri, 11 Aug 2017 00:00:00 -0400

Learn how to manually connect Visual Studio Team Services (VSTS) to Microsoft Azure.