To continue our Bastille Day release extravaganza we're also announcing Rocinante 1.0 series is now available!

This release brings most of the Rocinante commands up to par with Bastille functionality and now includes a `bastilletesting` directory which has been designed to validate code changes in both projects.

Bastille and Rocinante can now be combined to build simple CI/CD pipelines to validate deployments!

Some may call it excessive, I call it thorough

Okay, CircleCI is actually pretty dang nice to work with, it's more intuitive than many other CI/CD platforms in its syntax and docs are concise and easy enough to navigate.

Especially like the way they've done the workflows, as it makes orchestration ...easy? Combine that with plugins for major platform deployments suddenly you can do more with one file than some folders of shell scripts and config files

You can run #Zephyr applications on QEMU, which is great for early development, debugging, and #CICD workflows. Check out my tutorial for using Espressif’s QEMU fork for emulating #ESP32 applications made with Zephyr: https://shawnhymel.com/2807/how-to-run-an-esp32-zephyr-application-on-espressifs-qemu/ #embedded #programming

"Continuous AI is a label we've identified for all uses of automated AI to support software collaboration on any platform. Any use of automated AI to support any software collaboration on any platform anywhere is Continuous AI.

We've chosen the term "Continuous AI” to align with the established concept of Continuous Integration/Continuous Deployment (CI/CD). Just as CI/CD transformed software development by automating integration and deployment, Continuous AI covers the ways in which AI can be used to automate and enhance collaboration workflows.

“Continuous AI” is not a term GitHub owns, nor a technology GitHub builds: it's a term we use to focus our minds, and which we're introducing to the industry. This means Continuous AI is an open-ended set of activities, workloads, examples, recipes, technologies and capabilities; a category, rather than any single tool."

https://githubnext.com/projects/continuous-ai

"DevOps is more than just a methodology. It is a cultural shift that blends software development (Dev) with IT operations (Ops) to create a more efficient, collaborative workflow.

The goal is to break down traditional silos between teams, enabling shared responsibility for software performance, security, and delivery.

Having adopted DevOps principles myself, I can say they really transform how teams build and deploy software. That’s why, in this guide, I’ll will walk you through a step-by-step roadmap to help you master DevOps."

https://www.datacamp.com/blog/devops-roadmap

There's a lot of "Reminder; don't deploy to production on a Friday" messages going around.

A counter PSA: deploy on a Friday. Deploy whenever. Deploy little. Deploy often.

If you're frightened of your deployments, then take a hard look at them. Don't just _stop_.

PandaDoc is hiring Lead Software Automation (Solution) Engineer

#java #python #django #springboot #playwright #aws #cicd #docker #kafka #kubernetes #techlead
Remote; Poland
Full-time
PandaDoc

Job details https://jobsfordevelopers.com/jobs/lead-software-automation-solution-engineer-at-pandadoc-com-aug-29-2024-670eb7?utm_source=mastodon.world&utm_medium=social&utm_campaign=posting
#jobalert #jobsearch #hiring

SoundHound is hiring Senior Software Engineer

#java #javascript #typescript #react #springframework #api #hibernate #aws #azure #cicd #docker #gcp #jwt #kafka #kubernetes #mysql #redis #seniorengineer
Bengaluru, India
Full-time
SoundHound

Job details https://jobsfordevelopers.com/jobs/senior-software-engineer-at-soundhound-com-jun-9-2025-bb0adc?utm_source=mastodon.world&utm_medium=social&utm_campaign=posting
#jobalert #jobsearch #hiring

#AWS just unveiled a major upgrade to CodeBuild: Docker Server capability!

This new feature lets developers provision a dedicated, persistent Docker server within their CodeBuild projects - boosting speed & efficiency for Docker image builds.

Learn more on #InfoQ https://bit.ly/3TrYt6X

Thrilled to have a new, production-ready CI/CD pipeline live! It automatically builds and deploys my Jekyll static WIP site (https://hofstede.it) on every push to the main branch.

The architecture is a showcase of modern Linux tools:

Server running on Red Hat Enterprise Linux 10 (RHEL)
Forgejo for Git hosting & Actions.
A rootless Forgejo Runner, running in Podman, managed by a systemd Quadlet file.
Traefik reverse proxy running as a Podman container.
An Nginx web server for the site, also in a container for easy discovery by Traefik.

The Forgejo Runner and the Nginx Webserver run in different unprivileged user contexts.

The magic is the secure bridge between the rootless CI job and the web server. The pipeline creates a build artifact, and a systemd.path watcher on the host instantly triggers a deployment script.
It's fully decoupled, secure, and works like a charm.

CI/CD pipelines for dummies.

First, make separate pipelines by area, f.ex: Frontend, Mobile (android/iOS), Backend.

Then, add default jobs:

1. Static Analysis (linting, code quality)
2. Tests (run and measure coverage)
3. Security (scan code, dependencies, container and report)
4. Build & Release (tagged)
5. Deploy

Avoiding overhead by:

• Run job 1 for all branches
• Run jobs 1-4 for develop (unstable)
• Run jobs all for staging (testing) and production

And finally, when releasing:

• Use semantic versioning, i.e. Major.Minor.Patch
• Keep a CHANGELOG.md
• Use secrets for sensitive info

Once this is in place, then you can start thinking about agent-scaling, dynamic test environments for pull-requests and the plethora of integrations/plugins/etc that exist for each CI platform.

CircleCI seems a lil'pricey but like a decent option for my team

Like, it seems like the costs can be kept reasonable by using a self-managed runner for dev-builds, and use the managed runner for releases.

And having native integrations for our hosting provider, deployment methods and all of our targets certainly helps to make things easier when we have no dedicated DevOps in the team (yet).

Now to figure out if there's some past bad behaviours or other kind of black mark on it I should be aware of...

Status update: I'm now automatically building and releasing a signed fork of stable moshidon with my patches. #CI is cool!

https://github.com/cactichameleon9/moshidon-fork

"Slopsquatting is a new supply chain threat where AI-assisted code generators recommend hallucinated packages that attackers register and weaponize."

#AI #sbom #cicd

https://socket.dev/blog/slopsquatting-how-ai-hallucinations-are-fueling-a-new-class-of-supply-chain-attacks

Středeční #hiring update:

Do interního #DevOps týmu hledám borce na pozici, které říkáme
INFRASTRUCTURE AND DEVOPS SPECIALIST

HPP, nebo IČO, jak chceš.
Hybridní forma práce, kancl #Praha Nusle.
Nezávazná pokec s DevOps Leadem není problém, online/onsite.
Nespěcháme, hledáme oboustranný "match."

"#GitHub Action Compromise Puts #CICD Secrets at #Risk in Over 23,000 Repositories"

#DevOps #automation is always high risk: root access, connected, fast, scaled. So like this is unacceptable.

Major $fail by $MSFT leadership. I bet all the #layoffs didn't help.

https://thehackernews.com/2025/03/github-action-compromise-puts-cicd.html

It's that time folks: the random time of the year that the github action breaks and you spend a an hour or so remembering how to write a github action.