CircleCI jobs can use OpenID Connect (OIDC) identity tokens to securely access cloud providers without having to store a static credential in CircleCI. This article describes how to access Azure resources using OpenID Connect (OIDC).

This week, we announced that Cloudsmith has taken an impressive $11M in additional funding, hot on the heels of our $15M Series A two years ago. That's not just serious cash for a startup; it's a game-changer! The natural questions are: why did we take it, and what's our big-picture plan?

DevOps isn’t just a methodology; it’s a culture that fosters collaboration, automation, and continuous improvement within an organization. Conducting a successful DevOps assessment is crucial for understanding where your team stands in its DevOps journey and identifying areas for enhancement. To ensure a comprehensive evaluation, focus on these four pillars.

CI/CD services such as AWS CodePipeline enable developers to automate and accelerate the process of building, testing, and deploying code. But with the speed, scale, and complexity of the modern software development life cycle, even small performance regressions or increases in failure rates in your CI system can quickly snowball, slowing or even halting releases and causing cost overruns.

Uncover how to reach Level 1 in S2C2F a framework for secure OSS consumption.

This tutorial guides you on how to use the Amazon SageMaker Orb to orchestrate model deployment to endpoints across different environments. It also shows how to use the CircleCI platform to monitor and manage promotions and rollbacks. It will use an example project repository to walk you through every step, from training a new model package version to deploying your model across multiple environments.

Containers and Kubernetes has become the cornerstone of modern DevOps practices. As organizations strive for agility, scalability, and seamless collaboration between development and operations teams, the adoption of Containers and Kubernetes has emerged as a transformative force. This blog explores the pivotal role these technologies play in the DevOps journey, unlocking new possibilities and efficiencies for software delivery.

Microsoft Azure provides an all-encompassing service that allows you to host Docker containers on the Azure Container Registry (ACR), deploy to a production-ready Kubernetes cluster via the Azure Kubernetes Service (AKS), and more. Using CircleCI, you can automatically deploy updates to your application, providing a safer and more efficient CI/CD process for managing your software. This article shows you how to automate deployments for a.Net application to Azure Kubernetes.

Observability isn’t just about watching for errors or monitoring for basic health signals. Instead, it goes deeper so you can understand the “why” behind the behaviors within your system. CI/CD observability plays a key part in that. It’s about gaining an in-depth view of the entire pipeline of your continuous integration and deployment systems — looking at every code check-in, every test, every build, and every deployment.

Discover the risks and drawbacks of developing and distributing software without the support of a C++ package manager.

The cognitive bias known as the streetlight effect describes our desire as humans to look for clues where it’s easiest to search, regardless of whether that’s where the answers are. For decades in the software industry, we’ve focused on testing our applications under the reassuring streetlight of GitOps. It made sense in theory: wait for changes to the codebase made by engineers, then trigger a re-test of your code. If your tests pass, you’re good to go.

With automation and CI/CD practices, the entire AI workflow can be run and monitored efficiently, often by a single expert. Still, running AI/ML on GPU instances has its challenges. This tutorial shows you how to meet those challenges using the control and flexibility of CircleCI runners combined with Scaleway, a powerful cloud ecosystem for building, training, and deploying applications at scale.

In a traditional DevOps implementation, you automate the build, test, release, and deploy process by setting up a CI/CD workflow that runs whenever a change is committed to a code repository. This approach is also useful in MLOps: If you make changes to your machine learning logic in your code, it can trigger your workflow. But what about changes that happen outside of your code repository?

Amazon Web Services (AWS) provides a vast ecosystem of products that make DevOps an absolute dream. Products like AWS Elastic Beanstalk have ready-made services for autoscaling, deployment, and logging (to name a few). However, teams may prefer to take a barebones approach and build incrementally - in which case AWS Elastic Compute Cloud (EC2) would be the preferred option.

In the dynamic landscape of software development, the adoption of DevOps has become a cornerstone for organizations aiming to deliver high-quality products at a rapid pace. DevOps, a fusion of development and operations, emphasizes collaboration, communication, and automation throughout the entire software development lifecycle.

In part 1 of this tutorial, we showed you how to build a large language model (LLM) application that uses retrieval-augmented generation (RAG) to query your own documentation and then test it using a CircleCI continuous integration (CI) pipeline.

Kubernetes, often abbreviated as K8s, has revolutionised the way we manage containerized applications. It provides a robust platform for orchestrating and managing containers at scale. One of the key features that sets Kubernetes apart is its powerful metadata system, which includes labels and annotations. In this blog post, we’ll take a comprehensive look at how labels and annotations work in Kubernetes and how you can leverage them to enhance the management of your applications.

Generative AI has already shown its huge potential, but there are many applications that out-of-the-box large language model (LLM) solutions aren’t suitable for. These include enterprise-level applications like summarizing your own internal notes and answering questions about internal data and documents, as well as applications like running queries on your own data to equip the AI with known facts (reducing “hallucinations” and improving outcomes).

Welcome to our 2nd blog in our series on how to securely consume Open Source Software (OSS). Attacks targeting OSS are on the rise, making the security of your software supply chain a top priority. The 1st blog gave an overview of some of the most common types of attacks. Today we’ll explore the Secure Supply Chain Consumption Framework (S2C2F) that can help you mitigate against these attacks.

Incompatible hardware is a common cause of application failures for distributed teams. Most teams depend on containerization tools like Docker to prevent these failures. But is there any way to automate the deployment of Docker images more efficiently and intuitively? In this article, I will show you how simple it is to do this by combining CircleCI and Microsoft Azure to build a CI/CD pipeline for a Dockerized Spring Boot project.

Defining multiple environments in Argo CD and promoting an application between them is one of most popular questions for companies that adopt GitOps for their applications. While we have offered several guidelines in the past for organizing your GitOps environments, today we are taking it further by announcing a complete product that helps you visualize the full lifecycle of an application as it moves through different stages. Meet the new Codefresh GitOps Environment Dashboard!

Software development, DevOps practices have become a cornerstone for organizations looking to streamline their processes and deliver high-quality software. While the agility and efficiency DevOps brings to the table are undeniable, it’s essential to remember that security should never be compromised in the pursuit of speed. In fact, it should be an integral part of the entire DevOps lifecycle.

Generative artificial intelligence (AI) is a form of AI that can create new, original content such as text, code, images, video, and even music. Generative AI-powered tools like GitHub’s Copilot and OpenAI’s ChatGPT have the potential to revolutionize the way you develop software, enabling you to be more efficient and creative. Used in the right way, generative AI can streamline workflows, accelerate development cycles, and unlock the potential for innovation.