GHAS Will Win the AppSec Wars
GitHub Advanced Security is positioned to win the “AppSec Wars”. In this post I go over why I think this is the case.
Runners, Runners - Everywhere!
on build, deployment
Hosted runners for Actions are great - but there are some scenarios where you’ll need self-hosted runners, such as deploying to private networks. But how can you effectively manage your self-hosted runners? In this post I’ll cover some thoughts.
Consuming Environment Secrets in Reusable Workflows
on build, deployment
One canonical use of reusable workflows is a reusable deployment job. While this is definitely possible with reusable workflows, it’s not easy to get it working. In this post I’ll show you how to do it.
Displaying Help for Custom CodeQL Queries
on security
The latest release of CodeQL CLI now includes the ability to display help files for custom queries. In this post I walk through how to get your custom help files to display.
GitHub Actions: Authenticate to Azure Without a Secret using OIDC
Authenticating to Azure in GitHub Actions requires a secret for a Service Principal. However, at Universe, GitHub released a new OIDC-based authentication mechanism that eliminates the need for secrets in secure deployments.
Enforcing Reusable Workflows for Standardization
Reusable workflows are great, but how do you ensure that teams are using your reusable workflows? In this post I show how you can structure repos, teams and environments to ensure standardization for your workflows.
Comparing Code Quality Metrics with Code Security
on security
Code security is becoming more important for modern software development. What about code quality metrics? How do code quality metrics and code security compare and contrast? I’ll discuss some thoughts in this post.
On Demand Ephemeral Self-Hosted Runners
Do you need to deploy to private VNets using GitHub Actions, but don’t want to have to keep self-hosted runners running all the time? In this post I show you how you can use Ephemeral Runners to create on-demand self-hosted runners.
Musings on GitHub Actions Reusable Workflows
Newly released Reusable Workflows allows you to reuse workflows in your GitHub workflows. While this still has some limitations, it’s still better than copy/paste!
Create Azure DevOps Work Item Action
If you’re managing backlogs in Azure Boards but using GitHub Actions for CI/CD, you may have scenarios where you want to create Work Items from an Action.
