// CI/CD

Chris Reddington is joined by Thomas Thornton — DevOps specialist at Kainos — for a practical deep dive into real-world DevOps. They cover CI/CD pipeline design, Git branching strategies (including trunk-based development), pull request workflows, Infrastructure as Code with Terraform, Kubernetes, and GitOps. Thomas draws on experience managing 83 Azure subscriptions and 120+ GitOps-driven applications in production.

Security vulnerabilities don't wait to be discovered — and developers are often unknowingly shipping them through open source dependencies. In this episode, Chris is joined by DeveloperSteve Coochin, Developer Advocate at Snyk, to explore the real-world state of vulnerabilities in modern applications. Steve shares findings from his research into the PHP ecosystem and explains how developers can shift vulnerability detection left — catching CVEs in dependencies before they reach production, by integrating tools like Snyk directly into their CI/CD pipelines and GitHub workflows.

Continuous Integration (CI) is a DevOps practice where engineers frequently merge small code changes into a central repository, triggering automated builds and test suites to catch regressions early. This video explains how CI applies equally to application code, Infrastructure as Code, database schemas, and data science notebooks, and shows how GitHub Actions and Azure Pipelines act as automated gatekeepers through pull request workflows.

In this episode, Chris is joined by Mert Yeter — software architect, Azure MVP, and Traefik Ambassador — for a live-demo-driven tour of DevOps on Azure. Starting with Azure DevOps Starter, Mert walks through spinning up a full CI/CD pipeline for a containerized .NET application in just a few clicks, covering Azure Container Registry, Azure Container Instances, and Azure Kubernetes Service. The session then dives into Traefik: an open-source cloud-native reverse proxy and load balancer with powerful pluggable middleware, dynamic service discovery, and a rich dashboard for managing Kubernetes ingresses. Whether you are new to containers or looking to level up your AKS deployments, this episode covers the essential building blocks.

Chris is joined by Karl Cooke (IrishTechie) for a live deep-dive into the GitHub Actions workflows powering CloudWithChris.com. They explore why GitHub was chosen over Azure DevOps, walk through a real-world CI/CD pipeline for a Hugo static site deployed to Azure Blob Storage with CDN purging, and examine how to manage secrets and approvals using GitHub Environments. The session also covers linting Markdown with GitHub Super Linter, early thinking on Playwright-based UI tests, the security considerations around third-party actions from the marketplace, and building a custom .NET GitHub Action for content cross-posting.

Weekly Vlog #20 celebrates hitting 500 YouTube subscribers ahead of schedule, then reviews one of Chris's most content-heavy weeks: Azure Pipelines-as-code tutorials, an event-driven architecture walkthrough using Azure Event Grid and Azure Functions, and a candid mental health live stream. The headline Azure announcement is Azure Static Web Apps reaching general availability with built-in CI/CD, serverless API integration, and free SSL. GitHub rounds out the episode with new hardware security key support for SSH operations and native video uploads to issues and pull requests.

You may have heard about Software Code or Infrastructure as Code. Well, in this video, we'll be talking about pipelines as code. If you're familiar with tools like Azure DevOps, Circle CI, GitHub, GitLab and Jenkins, you may notice a trend where these platforms are allowing you to define your pipelines as code. Throughout this video, we'll be defining a multi-stage pipeline in Azure DevOps, and picking up some tips along the way.

Recently on Twitter, I was asked by @thegraycat on whether I knew of any resources to manage pipelines in version control. I sent across several top of mind thoughts over Twitter, but it got me thinking that there may be others with the same question and it could make a good blog post. So here we are, as I talk through some of my considerations for pipelines as code.

Once you have a working GitHub Actions workflow, the next challenge is safely deploying across dev, staging, and production with the right secrets in the right places. This episode deep-dives into GitHub Actions Environments: how to scope secrets per environment to enforce the principle of least privilege, configure required reviewers and wait timers as production gates, and assign service principals with minimal Azure RBAC permissions. A live demo deploys the cloudwithchris.com Hugo site to Azure Storage, making every concept concrete.

Karl Cooke (irishtechie.com) interviews Chris Reddington about the full architecture and GitHub workflow powering CloudWithChris.com. The session covers Azure Storage static website hosting, Azure CDN with a custom rules engine for enforcing HTTPS and security headers (CSP, HSTS, Permissions Policy), Hugo as the static site generator, multi-environment GitHub Actions pipelines (preview, staging, production), GitHub Codespaces for in-browser editing, and practical security hardening using securityheaders.com and Mozilla Observatory.