// Content

Vlog #11 debuts a refreshed brand and on-screen layout, then covers a busy week: the third instalment of Chris's GPG commit-signing series (linking keys to Git and GitHub), the Cache Aside cloud design pattern episode, and a preview of the upcoming YubiKey-focused Part 4. Azure news centres on the preview of Trusted Launch VMs (defending against bootkits and rootkits), Azure Defender for Storage's new malware-upload detection, and Naraya — the ML system Microsoft uses to predict and proactively mitigate infrastructure failures at scale. On the security operations side, GitHub and Azure DevOps announce automated token revocation for leaked PATs found on public GitHub repositories.

The cache-aside pattern loads data on demand from a data store into a cache, placing the synchronisation logic in the application layer when the cache does not natively support read-through or write-through operations. This episode covers cache-miss handling, expiration and eviction policies for Azure Cache for Redis, consistency challenges across distributed instances, and when to pre-warm the cache at startup instead.

Okay, part 3! At this point, I'm assuming that you have already familiarised yourself with [part 1](./blog/gpg-git-part-1) and [part 2](./blog/gpg-git-part-2) of the series. As a quick recap, part 1 focused on why we would consider using GPG Keys in general. Part 2 focused on how to generate GPG keys along with some recommended practices on splitting out our master (Certification) key, from our specific purpose-driven keys. This post (part 3) focuses on using those keys as part of our usual development workflow using Git. We'll be assuming that GitHub is our end target, as GitHub supports [commit signature verification using GPG Keys](https://docs.github.com/en/github/authenticating-to-github/managing-commit-signature-verification).

The Azure CLI provides cross-platform command-line management of Azure resources from Windows, macOS, Linux, Docker containers, and Azure Cloud Shell. This Cloud Drop demonstrates az login, az account set, az group list, az upgrade, and the az config set auto-upgrade.enable=yes command for keeping your CLI automatically up to date.

Vlog #10 is a milestone episode: Chris celebrates his birthday and a full year of Cloud With Chris with a new Shure SM7B microphone upgrade. The bulk of the episode is a walkthrough of Microsoft Ignite announcements, covering Azure Arc-enabled Machine Learning for on-premises data sovereignty scenarios, the Azure Communication Services and Microsoft Teams interoperability story, and significant security updates including Azure Key Vault Managed HSM (preview) and Trusted Launch for VMs. GitHub Actions fans also get a bonus segment on four lesser-known platform capabilities, including semantic release note generation and bring-your-own-environment workflows.

Chris is a Senior Azure Engineer at Microsoft. He'll explore how GitHub Actions can be used to deploy your own static sites (or other apps!) to Azure.

When modernising a legacy application, rewriting everything from scratch is rarely feasible. The Sidecar and Ambassador cloud design patterns offer a pragmatic alternative — attach a companion process to offload cross-cutting concerns like retry logic, circuit breaking, and protocol translation without modifying the application itself. Chris and Peter explore both patterns in depth, covering when to use each, how they relate to service meshes, and their role in Kubernetes-based architectures.

Hopefully by now you've had a chance to read [part 1](gpg-git-part-1) of this series, which explains why you may be interested in using GPG keys to sign your commits. Congratulations on getting to the second part! In part two, we're going to focus on how I worked through setting up GPG in my Windows environment, and generating a set of keys for use. There were some challenges/hurdles along the way, and we'll talk through those too!

Ever thought about what it takes to host a multiplayer game in the cloud? In the second episode of Cloud Gaming Notes, Chris and Lee Williams go hands-on with Halo 5 Guardians to explore the engineering behind matchmaking services. They cover the Actor model and Azure Service Fabric, skill-based matchmaking algorithms, the critical role of latency in competitive gaming, and how live ops and DevOps principles keep a game-as-a-service continuously updated without downtime. Real-world cloud architecture through the lens of AAA gaming.

Week nine of the vlog coincides with the one-year anniversary of the Cloud With Chris podcast. Chris kicks off a multi-part blog series on GPG key signing for Git commits, demonstrating how trivially easy it is to spoof a contributor's identity in Git without verification — and how GitHub's GPG validation feature closes that gap. Azure news this week is lighter than usual, covering serverless and low-code scenarios with PowerApps, the new Private Azure Marketplace, and the Azure Quota REST API, plus a significant list of retirement notices from the Azure Updates page all targeting 29 February 2024.