Browse All DevOps Content (595)

Microsoft Developer explains practical ALM patterns for taking Copilot Studio agents from experimentation to production, focusing on repeatable deployments, environment isolation, and governance-friendly configuration using solutions, environment variables, and connection references.

Jingwei Wang introduces “Open in VS Code” from Azure Copilot in the Azure Portal, a guided workflow that takes AI-generated Terraform configurations into an Azure-hosted VS Code environment so teams can validate, configure state backends, and deploy to Azure with fewer handoffs.

Allison summarizes what’s new in CodeQL 2.25.4 for GitHub code scanning, including Swift 6.3.1 support, improved C# and ASP.NET taint-flow modeling, expanded Java/Kotlin query sanitizers to reduce false positives, and new data-flow barrier extensions to tune results across many languages.

Kayla Cinnamon demonstrates how to use Visual Studio Code’s integrated browser to do web development without leaving the editor, including attaching browser tabs or specific UI elements to agent sessions to provide more context while you work.

Sandra Ahlgrimm explains how to customize GitHub Copilot’s modernization task lists so teams can modernize legacy Java apps safely: set constraints, split risky upgrades into smaller reviewable steps, validate the current state first, and ensure Copilot surfaces CVEs without making silent changes.

Allison announces the deprecation of GitHub’s synchronous SBOM REST endpoint and explains how to migrate scripts and integrations to the newer asynchronous SBOM report generation flow ahead of the November 13, 2026 removal date.

GitHub explains practical ways to contribute to open source projects without writing code, focusing on documentation work, improving examples, fixing typos, and helping answer questions so newcomers can start participating and learning right away.

Lee Reilly explains how he used GitHub Copilot CLI—especially /delegate—to build “GitHub Dungeons”, a GitHub CLI extension that turns any repository into a terminal roguelike. The post covers the core idea (seeded by commit SHA), how Copilot’s agent workflow fit into iteration, and the BSP approach used for dungeon generation.

kinfey explains why AI agents running model-generated code need stronger isolation than standard containers, then walks through deploying a GitHub Copilot SDK agent on AKS using Kata Containers (kata-vm-isolation) plus layered hardening like seccomp, NetworkPolicy egress allowlists, and deny-by-default tool permissions.

mohit-kanojia explains what AKS Arc is and how Azure Arc extends Azure’s control plane to run and manage Kubernetes on-premises, at the edge, and in multicloud. The post covers core components (Arc agents, custom locations, logical networks), a CLI-driven deployment flow, and practical networking and troubleshooting guidance.

Alex-wdy explains why Azure CLI on macOS is moving away from Homebrew Core and introducing new Preview installation options in Azure CLI 2.86.0, including a Homebrew Cask package and an offline tarball for restricted environments, with a focus on signed, notarized binaries and future enterprise authentication needs.

osmancokakoglu announces the winners of the AI Dev Days Hackathon and summarizes the projects and the Microsoft stack they used, including Azure AI Foundry, Azure OpenAI models, and the Microsoft Agent Framework, plus common Azure services and DevOps practices used to ship production-grade agentic apps.

Kedasha Kerr explains what open source is and walks beginners through finding beginner-friendly repositories on GitHub, evaluating whether a project is well maintained, and making a first contribution using a fork-and-pull-request workflow (with an example prompt for GitHub Copilot Chat).

robece announces General Availability of Stripe as a partner event source for Azure Event Grid, and outlines how to route Stripe events into Azure services (Functions, Logic Apps, Event Hubs, Service Bus) and Microsoft Fabric Eventstream for real-time processing and analytics.

GitHub introduces beginners to open source contributions, explaining what OSS is, how to find beginner-friendly projects on GitHub, how to read a repository, and the basic workflow for making a first contribution.

Allison announces an update to Dependabot that lets enterprises grant it access to internal repositories across organizations, enabling dependency update pull requests even when dependencies live in a different org within the same enterprise.

Paulams732 describes a reusable Azure DevOps YAML pipeline template for scaling GitHub Advanced Security across many repositories by detecting repo contents, running CodeQL only when relevant, and adding IaC scanning with centralized reporting and SARIF artifacts.

Allison announces that GitHub Mobile now lets you create new repositories directly from the iOS and Android apps, including options for visibility, templates, and initializing with a README, .gitignore, and license.

This roundup tracks a clear shift from agent capability to agent governance: more context, more observability, and more policy controls across Copilot, VS Code, and the CLI. On the platform side, Microsoft tightened the path from prototype to production with .NET agent building blocks, Azure AI Foundry deployment patterns, and data governance improvements that make RAG and operations easier to standardize. We also cover the less flashy work that keeps systems dependable at scale, including Fabric and Databricks operational updates, GitHub migration and ruleset changes, and security research that keeps token theft, privilege escalation, and supply chain risk in focus.

SagarPatra explains how enterprise QA teams can use GitHub Copilot to reduce the mechanical overhead of writing and maintaining automated tests, while keeping trust through human review, governance, and intentional test design that supports reliable regression cycles.

ranjan_ashish explains why Azure Resource Manager deployments can fail with the DeploymentQuotaExceeded (800) limit in a resource group, especially in high-frequency CI/CD scenarios using Bicep or ARM templates, and outlines practical cleanup and prevention approaches.

Brian Benz summarizes the first independent security audit of Inspektor Gadget, an eBPF-based Kubernetes observability and Linux host inspection tool, including the vulnerabilities found, the fixes shipped in recent releases, and practical hardening recommendations for teams running it in production.

shwetayadav explains how index-based Terraform for_each keys can trigger destructive disk churn on Azure, and shows a safer migration approach using stable keys plus terraform state mv, with a reusable GitHub Copilot skill to generate deterministic state-move commands.

mscagliola shows how to use GitHub Copilot skills for spec-driven development, turning a Medallion Architecture blog post into a repeatable repo that generates Terraform for Azure platform setup and Databricks bundle files for workloads, while enforcing strict placeholder/TODO rules to avoid invented environment values.

Allison announces a new GitHub setting that lets users disable commit comments by default across repositories owned by their personal account, while still allowing per-repository overrides and preserving existing comments.

Allison announces new “Agents” secrets and variables for Copilot cloud agent, enabling org-level configuration and finer repository access control so teams can roll out shared settings (like registry tokens or MCP server config) across many repos without duplicating Actions environment setup.

Allison announces CodeQL 2.25.3, highlighting new Swift 6.3 analysis support plus a set of query and extractor improvements across C/C++, C#, Java/Kotlin, JavaScript/TypeScript, Python, and GitHub Actions to improve code scanning accuracy and reduce false positives.

John Edward outlines an architecture for a “Daily Stand-Up Agent”: a custom AI copilot that pulls sprint activity from Jira and Azure DevOps, detects blockers, and generates consistent stand-up summaries. The post focuses on connectors, grounding ticket data, conversational reporting, and practical considerations like security and data quality.

SagarPatra explains how their QA team used GitHub Copilot as a practical assistant for test design, automation scaffolding, and maintenance work, while keeping human review and responsible AI practices non-negotiable.

Daniel Rosenwasser and James Montemagno build modern websites from scratch with TypeScript 7, showing how to set up an optimized VS Code environment and use newer Language Server Protocol capabilities to support fast, real-time web development workflows.

Rob Bos shares a real-world GitHub Copilot CLI mishap where an unintended Copilot CLI extension caused repeated prompts to close GitHub deployment-status notifications, and explains how he tracked down the source and removed it.

Landon Cox explains how GitHub instrumented GitHub Agentic Workflows to track LLM token usage in CI, then used automated “auditor” and “optimizer” workflows to reduce costs. The post covers token-usage logging, MCP tool pruning, replacing MCP calls with GitHub CLI steps, and an “Effective Tokens” metric to compare savings across models.

Kristen Womack introduces an Azure Developer CLI (azd) template from Curity and Microsoft that deploys an AI agent app to Azure with least-privilege authorization. It focuses on using short-lived OAuth 2.0 tokens (JWTs) and token exchange so APIs can enforce data boundaries even when agent behavior is nondeterministic.

Allison announces the public preview of Enterprise Live Migrations (ELM), a new GitHub Enterprise Server-to-Cloud migration option designed to reduce downtime by continuously syncing repository data and enabling a fast cutover, including support for large monorepos and coordination with GitHub Enterprise Importer.

Fokko at Work demos selected new features in Visual Studio Code 1.119 with a focus on GitHub Copilot, including sharing browser tabs with agents and OpenTelemetry tracing for agent sessions, plus a quick look at other updates and rollout constraints like enterprise policies and plan differences.

Andrea Griffiths shares a practical checklist for reviewing agent-generated pull requests, focusing on where AI-written changes tend to hide risk: weakened CI, duplicated utilities, subtle logic bugs that still pass tests, and unsafe LLM-powered workflows that can turn untrusted input into executed commands.

Steven Bucher announces the public preview of the Azure Resource Manager MCP Server, a remote MCP server that lets AI agents query and operate on Azure resources via Azure Resource Manager and Azure Resource Graph, including generating KQL queries from natural language and deploying ARM templates from within VS Code.

The Visual Studio Code Team shares the 1.120 (Insiders) updates, focusing on chat/agent workflow improvements, model context controls, safer handling of terminal password prompts, and new extension APIs like custom diff editors with unified diff rendering.

Reynald Adolphe walks through the April 2026 Visual Studio Code release highlights, focusing on the new Agents Window, tools for evaluating chat customizations, and updates to GitHub Copilot for CLI including “thinking effort” and remote control features.

Allison announces two updates to GitHub repository rulesets: you can add individual users as bypass actors (via UI, REST API, and GraphQL), and repository admins can rename rule-protected branches when the new name stays within the same ruleset scope.