// GitHub

Chris Nesbitt-Smith traces how governance policies are typically born — emotionally, reactively, and as one-shot documents — then shows how applying software engineering principles transforms policy into a living, versioned artefact. The talk covers iterative policy management, Kubernetes admission control, open-source policy tooling, and the cultural shift required to make policy genuinely effective rather than just technically compliant.

GitHub is just that tool which developers use on Open Source projects, right? Not quite! You could be using Github in your day-to-day work. Have you thought about storing your SQL scripts, or machine learning workbooks in Git repositories? How about checking the quality of the content that you've version controlled? Or thinking about the security of your project? These are all things that GitHub can help with! Join Chris in this session as he provides a holistic overview for data professionals on GitHub, GitHub Enterprise and GitHub Advanced Security.

You've heard of GitHub. You've heard of GitHub Actions. You've heard of Azure. But how can GitHub Actions help you deploy your workloads to Azure? In this demo-filled, action-packed session, we will Introduce GitHub and GitHub Actions, Cover the fundamentals on what you need to know to build a GitHub Action Workflow, Identify resources that you can use to continue your journey in using GitHub Actions to deploy to Azure

You may be familiar with GitHub for your own Open Source (OSS) projects. But, did you know that you can use those same practices internally for your end-to-end development using GitHub Enterprise? Join Chris for a whistle-stop tour into GitHub Codespaces, GitHub Actions, GitHub Copilot and how you can bring DevSecOps best practices into your day-to-day work!

Azure RBAC is a critical security control — but managing custom role definitions manually is error-prone, hard to audit, and doesn't scale. In this episode, Chris is joined by Marcel Lupo, DevOps MVP and Solutions Architect, who demonstrates how GitHub Actions can automate the full lifecycle of custom Azure RBAC role definitions. This session goes beyond typical developer workflows to show how GitHub can serve as the governance backbone for your Azure security posture — with role definitions version-controlled, reviewed via pull requests, and deployed through automated pipelines.

The series officially rebrands from ToolUp Tuesday to ToolUp Days, giving Chris and Matt the flexibility to keep a consistent cadence. This episode focuses on rethinking the game's data model — simplifying the player state object, introducing a BarType enum, and scaffolding both a player creation API and a bar management controller, with GitHub Copilot generating much of the boilerplate in real time.

Chris joins Mert Yeter on Mert to the future show demonstrating how GitHub has some amazing capabilities beyond repositories! GitHub Projects, GitHub Copilot, GitHub Codespaces, GitHub Actions and more! Tune in to find out!

In a couple of previous blog posts, I provided a writeup on the GitHub Projects Beta. I wrote two posts on automation within GitHub Projects (Adding Issues to GitHub Projects with GitHub Actions for a user profile and Adding Issues to GitHub Projects with GitHub Actions for an Organization profile). I'm pleased to say that the capabilities went Generally Available last week! As a result of the GA announcement and resulting changes, I need to post updates to my older samples.

GitHub is one of my passion areas. You may have realised that already, with the amount of content that I've written about it. That's only going to continue, because I've recently been hired there as an Enterprise Advocate. I've been supporting customers in their DevOps journey for the past 9 years or so. Interestingly, there are some reoccurring themes that I've found that are common. One of those themes is that DevOps is an App Development concept. In fact, it's something that can be applied across domains (e.g. Infrastructure, Data, etc.) This is the start of a new blog series that will address those common themes, particularly in the context of GitHub.

Chris and Matt set up federated identity credentials (OIDC) for passwordless GitHub Actions authentication to Azure, deploy container apps via CI/CD, and discuss workflow trigger strategies for container image deployments.