// Videos

Software architecture is not just the domain of dedicated architects — the tools, practices, and communication patterns it relies on apply to every engineer on every team. In this episode, Chris is joined by John Kilminster, a software architect and Azure MVP, who walks through the essential toolbox he has built up over years in the role. Covering C4 diagrams, Architecture Decision Records, Tech Radars, Docs as Code, and Spotify's Backstage developer portal, this episode delivers practical guidance for any team looking to improve how they document, communicate, and align on technical decisions.

Chris and Matt deploy the World Events Engine to Azure Container Apps — encountering and fixing a real-world GitHub Actions deployment bug caused by parallel runs generating duplicate container names. The episode covers Dapr storage queue bindings, service invocation between microservices, random bar-type modifier logic, and a viewer-prompted conversation about using GitHub Codespaces to standardise the development environment.

Communication between microservices is one of the trickiest challenges in distributed systems — especially when things go wrong. In this episode, Chris is joined by Francesco, a software engineer building a real-world payment gateway, to explore microservices communication patterns. They dive deep into the Saga pattern for managing multi-step distributed transactions, covering orchestration-based Sagas with AWS Step Functions, compensating transactions for graceful rollbacks, and event-driven messaging via EventBridge. The conversation also covers observability in distributed systems and applying Occam's Razor to architecture decisions.

Azure RBAC is a critical security control — but managing custom role definitions manually is error-prone, hard to audit, and doesn't scale. In this episode, Chris is joined by Marcel Lupo, DevOps MVP and Solutions Architect, who demonstrates how GitHub Actions can automate the full lifecycle of custom Azure RBAC role definitions. This session goes beyond typical developer workflows to show how GitHub can serve as the governance backbone for your Azure security posture — with role definitions version-controlled, reviewed via pull requests, and deployed through automated pipelines.

The series officially rebrands from ToolUp Tuesday to ToolUp Days, giving Chris and Matt the flexibility to keep a consistent cadence. This episode focuses on rethinking the game's data model — simplifying the player state object, introducing a BarType enum, and scaffolding both a player creation API and a bar management controller, with GitHub Copilot generating much of the boilerplate in real time.

A new phenomenon stand out in recent years: security must pervade the entire software development lifecycle. Except it isn't. Current generation of processes and tools is lacking crucial features to properly manage modern security risks. Think of the Log4J event. Were you able to identify all affected components? Were they internally developed, or you need a vendor support? How fast you were able to deliver a fix? In this talk we'll explore the challenges, what you can do with current tools, and which gaps should be addressed by communities through better practices and new tools.

What separates code that teams maintain with confidence from code that becomes an unmaintainable burden? Chris is joined by Daniel Schreifler — developer, consultant, and author of "10 Days to Become a Better Developer" — to explore why readability is the most foundational software quality. From cognitive load and the early-exit pattern to domain-driven naming, inner sourcing, and TDD, this conversation reframes how we should think about writing code: not for the compiler, but for the next human who needs to change it.

Chris and Matt set up federated identity credentials (OIDC) for passwordless GitHub Actions authentication to Azure, deploy container apps via CI/CD, and discuss workflow trigger strategies for container image deployments.

Chris and Matt debug deployment issues in Azure Container Apps, restructure their Bicep infrastructure as code into separate lifecycles, and configure Dapr state store components backed by Azure Storage.

Observability across multiple components in distributed systems can be a challenge, particularly when things go wrong and need investigation. Application Insights can simplify the challenge, and give deep insights into a distributed system at multiple levels.