Welcome to Let's Hack a Pipeline! In this series of posts, we'll walk through some common security pitfalls when setting up Azure Pipelines. We don't really want to get hacked, so we'll also show off the mitigation.
Episode I is titled Argument Injection. Episode II and Episode III are now also available.
Preface on security
A quick note ...
The Azure Boards team has been hard at work fixing bugs and shipping new features. We have a few features that are now generally available as well as few public preview features. Check out all of the Azure Boards Sprint 174 goodies
Happy Friday! This week brings us a variety of stories -multistage build pipelines, building lab environments, deployment patterns, cross-cloud ARM64 builds, and using containers for development and build.
Happy Friday and welcome to August! This week we have a nice variety of posts, ranging across supporting infrastructure as code, workflow management, integrating with GitHub, and working with Raspberry Pi build agents. We top it off with a tips and tricks article that may have a new trick or two for you.
Happy Friday! It's the fifth Friday in July, so I'm going to try something a bit different today. There's a lot of interest in GitHub Actions, so we've got a number of Actions-related posts today. Let me know how you like the Actions content in the comments!
Happy Friday! Reading these blog posts has been a great way to lead into this weekend. We start with flipping the infrastructure as code idea towards Azure DevOps, then we have a number of posts around different CI/CD aspects, and close out with some thoughts on pull request reviews.
As part of our ongoing commitment to Azure DevOps, we'd like to share with you some key features we're planning on delivering over the next quarter. Each of these highlighted features includes links to our public roadmap project where you'll find more details on the item and where you can check its status.
Happy Friday! Today's selection of posts covers a variety of topics - from container scanning to authentication with Google Play and from reusing YAML templates to custom badges for all your status needs.
Happy Friday! This week, we've got a few stories around improving the pull request/code review process, with a bit of containers and infrastructure-as-code thrown in for flavor. Enjoy!