// V012 - Weekly Technology Vlog #12 (Busy week, and quite a few blog posts to cover!)

In this episode, Chris marks three months of weekly vlogging, celebrates crossing 350 subscribers, and recaps a week where content shipped every single day.

Three Months In

Analytics show a clear correlation between increased publishing frequency and subscriber growth. The channel is approaching the 500-subscriber target for end of 2021.

Last Week’s Content (Something Every Day)

Monday — Weekly Vlog #11: DevSecOps-heavy, covering Cache Aside Pattern, GPG Keys Part 3, and a strong Azure security news cycle.

Tuesday — Cloud Drops: Introduction to GitHub Codespaces: A focused ~5.5-minute explainer on what GitHub Codespaces is, the developer environment problem it solves, and why Chris considers it a game-changer for onboarding and consistent dev environments.

Wednesday — GPG Keys Part 4 (Final): The series concludes by moving GPG private keys from the host machine onto a YubiKey hardware security key. With keys stored on hardware, a compromised laptop can no longer expose the signing key — the YubiKey must be physically present to sign commits.

Thursday — Welsh Azure User Group Lightning Talk: A condensed 15-minute version of the full GitHub Actions + static site deployment talk. Great community event with sessions spanning Veeam, licensing, VS Code, devsecops, and real-world Azure migrations.

Friday — Terraform Cloud + Azure: A walkthrough of deploying to Azure using Terraform Cloud, with emphasis on remote state management — why storing Terraform state in Terraform Cloud (rather than locally) is particularly valuable for team workflows and pet projects alike.

Coming Up This Week

• Git LFS blog post (Wednesday): How and why Chris uses Git LFS for podcast MP3 files in cloudwithchris.com, with GitHub Actions integration.
• Isaac Levin guest episode (Friday, live at 18:00 UTC): Accelerating .NET to Azure through GitHub Actions — Isaac is known for his .NET community work and the Presence Light project.
• MSHowTo Live with Mert (Thursday): DevOps discussion.
• Northern Azure User Group (6 April): Scott Hanselman is the headliner; Chris is also presenting the GitHub Actions talk.
• Global Azure 2021 (16–17 April): Two sessions — Hugo + Storage/CDN static websites (Friday), and the full GitHub Actions for static site deployment talk (Saturday).

Azure Blog Posts

Forecasted Cost Alerts for Azure Budgets: Rather than alerting only when a spending threshold is crossed, Azure now supports forecasted cost alerts — triggered when projected spend is on course to exceed a budget, giving teams time to act before the threshold is hit. High engagement on social media.

Start Small & Expand Landing Zone (Sarah Lean & Thomas Maurer): A practical guide to beginning with the Cloud Adoption Framework’s minimal landing zone and expanding incrementally. Includes infrastructure-as-code templates to bootstrap the environment — relevant for teams that want landing zone principles without a full enterprise deployment upfront.

Azure Availability Zones Commitment: The Azure engineering team outlines:

• By end of 2021: every country with an Azure data centre region will support Availability Zones.
• Every future region will include AZs from launch.
• In 2021: all foundational and mainstream Azure services will be AZ-enabled.
• Brazil South AZs are now GA (launched this week).

This has meaningful implications for resilience architecture — the Azure Well-Architected Framework reliability guidance is the companion reading.

Azure HBv3 VMs: New HPC-optimised virtual machines now GA in East US, South Central US, and West Europe.

Confidential Computing on AMD VMs: Making workloads on AMD-backed VMs confidential without recompiling code — now in limited preview.

Azure Updates

• Brazil South Availability Zones (GA).
• Azure Media Services — Standby Mode for Live Events: A new warm-standby state allows faster transition to a live event without keeping the full encoding pipeline running, improving both cost and readiness.
• Storage Explorer 1.18 (GA): Includes performance improvements.
• App Service Managed Certificates for Apex Domains (GA): Confirmed support for naked domains with auto-renewal.
• Azure API Management: Request/Response Validation Policies (GA): Schema-based validation for API requests and responses.
• Azure SQL Managed Instance: Long-term backup retention (public preview), SQL Insights (public preview), Machine Learning Services (GA), Service Broker message exchange (public preview).
• Dynamic Data Masking and Granular Permissions for Azure SQL and Azure Synapse (GA).
• Azure Data Explorer Performance Engine v3 (GA).

Azure DevOps Blog

Azure Pipelines — Private Projects Affected: Following the earlier restriction on public project pipelines due to crypto-mining abuse, the same constraint now applies to new private project organisations. Existing organisations are unaffected. Apply through the approval process to restore access.

Everything as Code: Abel Wang and Steve Moraski continue their on-prem to cloud series with a deep dive into the “Everything as Code” philosophy — infrastructure, configuration, pipelines, and policy as version-controlled artefacts. A foundational concept for anyone maturing their DevOps practice.

Azure Container Instances + GitHub Actions (Azure Friday): Scott Hanselman hosts Jessica Dean in a best-practices session on combining ACI with GitHub Actions for container workloads — highly recommended viewing.

GitHub Blog

Dependabot Private Registry Support: Dependabot can now manage dependencies from private registries and private GitHub repositories — previously limited to publicly available packages. A significant improvement for teams with internal package ecosystems on Azure Artifacts or GitHub Packages.

Git 2.31: Improvements to the git maintenance command and background garbage collection, keeping repositories clean and performant with less manual intervention.

Git LFS Security Update (Windows): Addresses a vulnerability in the delayed-checkout mechanism during git clone for Git LFS users on Windows (versions 2.15+). Upgrade to Git 2.30.2 is recommended.

Mono Repo Performance at GitHub: GitHub engineering shares optimisations made to their own internal mono repo — work triggered by failures they experienced themselves, with measurable performance gains as a result.

CodeQL Scanning for Solarigate: GitHub’s code scanning and CodeQL can now detect traces of the Solarigate backdoor (and similar supply chain attack patterns) in codebases — a practical application of GitHub Advanced Security tooling for supply chain integrity.

Open-Source Licensing Nuances: A blog post exploring dual-licensing and source-available (but not truly open-source) licenses used by companies like Confluent, MongoDB, and Redis Labs — the implications for developers and cloud providers.

GitHub.com Security Incident — Root Cause Analysis: The full post-mortem on the force-logout event from two weeks ago: how the vulnerability was identified, the investigation process, the code fix, and what further improvements are planned. Exemplary incident transparency from the GitHub engineering team.