Browse All DevOps Content (508)

vdivizinschi explains how to run diagnostic and remediation commands across Azure VM Scale Set instances using Azure Run Command via the control plane, avoiding RDP/SSH. The post covers prerequisites, RBAC permissions, orchestration-mode differences (Uniform vs Flexible), and provides Bash/Azure CLI loops to run scripts across all instances.

Jesse Houwing summarizes GitHub’s update that GitHub Copilot can now keep inference processing and associated data within US or EU data residency regions, and shows the enterprise/org policy you must enable to restrict Copilot to data-resident models.

Emanuele Bartolesi explains why Remote Desktop is a poor fit for day-to-day development on customer VMs, and shows how VS Code Remote Tunnels restores a normal local-editor workflow while keeping code and execution on the remote machine.

Reenu Saluja breaks down the main Azure hosting options for production AI agents and explains when to use each, with a deeper walkthrough of Microsoft Foundry Hosted Agents (deployment, lifecycle management, observability, scaling, and invocation patterns).

sachoudhury explains GitHub Copilot Custom Skills: repo- or user-scoped SKILL.md “runbooks” that Copilot can discover and execute in agent mode to automate multi-step developer workflows (commands, scripts, and report generation).

David Sanchez lays out a practical DevOps playbook for teams adopting AI coding agents (including GitHub Copilot Cloud Agent), focusing on readiness prerequisites, human–agent collaboration patterns, pipeline changes, governance, and security controls needed to keep quality and accountability intact as non-human contributors scale up.

In this community post, nishantmv breaks down a production-grade Azure serverless architecture for an enterprise facility-management IoT platform, covering a multi-provider telemetry pipeline, template-driven device modeling, an event-driven rule engine, and the security/resilience hardening that made it ready for production.

Allison announces that Dependabot and code scanning can now use OpenID Connect (OIDC) for organization-level access to private registries, reducing reliance on long-lived secrets and enabling short-lived, dynamically issued credentials.

Allison announces new GitHub features that surface deployment and runtime context in repository properties and security alert pages, helping teams automate policy enforcement and prioritize Dependabot and code scanning alerts based on real production risk.

Kristen Womack explains how `azd update` simplifies keeping the Azure Developer CLI current across Windows, macOS, and Linux, including how to switch between stable and daily release channels.

Gloridel Morales announces April patches for Azure DevOps Server, summarizing key fixes (pull request completion reliability, safer sign-out redirect validation, and GitHub Enterprise Server PAT connection) and showing how to verify the patch is installed.

Allison announces a public preview feature that lets teams link GitHub code scanning alerts to GitHub Issues, making it easier to track and prioritize security remediation work in existing planning workflows.

Joseph Katsioloudes introduces Season 4 of GitHub’s Secure Code Game, a hands-on set of challenges where you exploit and fix vulnerabilities in an agentic AI assistant (ProdBot) to learn real-world AI-agent security risks like prompt-based tool misuse, memory poisoning, and sandbox escape.

Allison summarizes GitHub Secret Scanning updates that expand push protection defaults, improve enterprise fork coverage, and add new API capabilities for alert validity, provider filtering, scan history, and enterprise-wide dismissal request reporting.

Microsoft Developer features Jonathon Frost from the Microsoft Azure PostgreSQL team, walking through migrating to managed PostgreSQL on Azure (homogeneous and heterogeneous scenarios) and demonstrating AI-assisted Oracle-to-Postgres migration using VS Code with GitHub Copilot.

Allison explains how GitHub’s SBOM export flow moved to an asynchronous model in the Dependency Graph UI and REST API, removing hard timeouts and adding a generate/fetch pattern for reliably downloading SBOM reports from large repositories.

Dorothy Pearce introduces GitHub’s free Code Security Risk Assessment, a one-click scan that uses CodeQL to surface vulnerabilities across up to 20 active repositories, and explains how the results help teams prioritize remediation (including where Copilot Autofix may apply).

Allison announces updates to GitHub Code Quality standard findings (public preview), including faster triage features like file-path search, bulk dismiss/reopen, and richer per-finding context, with fix suggestions generated by GitHub Copilot Autofix.

Andrew Lock explains how to build and publish custom Docker Sandbox templates so AI-agent sandboxes start with the tooling you need, including an example that installs the .NET SDK and a more advanced approach that swaps the base image while reapplying the sandbox layering.

Allison announces a new “Fix with Copilot” button on github.com that uses Copilot cloud agent to resolve merge conflicts, verify builds/tests, and push updates from a cloud development environment, plus @copilot commands for PR fixes and workflow failures.