Operations | Monitoring | ITSM | DevOps | Cloud

Sponsored Post

CI/CD vs. EaaS: Choosing the Right Development Workflow

CI/CD (Continuous Integration/Continuous Deployment) automates code integration, testing, and deployment. It speeds up development, improves code quality, and ensures reliable releases. EaaS (Environments as a Service) provides temporary, production-like environments for testing, staging, or demos. It streamlines resource usage, speeds up validation, and supports parallel development.

Check the status of your CircleCI pipeline without leaving your IDE

Waiting on CI is one thing. Keeping tabs on it without breaking focus is another. Most developers track build progress by opening the CircleCI UI, navigating to the project, and digging through pipelines to find the latest run for a specific branch. It’s not hard, but it pulls you out of flow. Especially when you’re doing it multiple times a day across projects.

Top 5 Modern CI/CD Tools in 2025

In the ever-growing ecosystem of infrastructure and software development, where tools like Kubernetes introduce complexity and hyperscalers welcome sprawl, it's more important to have your SDLC buttoned up and as efficient as possible. CI/CD, one of Cycle's noble sidekicks, is important in kicking off the SDLC, and having a tool that gets the job done without introducing extra complexity or constraint is paramount.

OWASP CI/CD Part 4: Poisoned Pipeline Execution (PPE)

Modern development teams often rely on Continuous Integration (CI) pipelines to automate testing, building, and deployment of their code These pipelines are typically defined through configuration files stored within the source code repository. Developers, DevOps engineers, or other contributors with the appropriate permissions frequently need to edit these files to adjust workflows, add new checks, or support evolving project requirements.

End-to-end testing and deployment of a multi-agent AI system with Docker, LangGraph, and CircleCI

Multi-agent AI systems are transforming how intelligent applications are built. By orchestrating multiple specialized agents that collaborate to solve complex tasks, these systems enable more dynamic and efficient workflows. However, deploying such a system reliably and at scale requires a structured approach to testing, packaging, and automation.

MCP server: Automated test coverage

Learn about a new feature using CircleCI's MCP server that brings automated test coverage to AI-enabled applications. Using a simple React app, the MCP server scans for AI prompts, recommends tests, and writes them directly into your codebase. Watch how you can: Now you can test and ship with confidence—right from your IDE or CI pipeline.

How JFrog Delivers Self-Service Cloud Environments for our Developers

The internal DevOps team at JFrog needed to provision cloud resources, create environments, and manage infrastructure for our developers. Unfortunately, it involved wasting a significant amount of time on repetitive tasks, that was slowing down the pace of innovation and taking away our developers’ focus from building new features and industry leading products.

15+ Continuous Deployment Tools To Streamline Your Workflow

In our post, 9 Continuous Delivery Tools For Reliable Releases, we explored why continuous delivery is critical to building robust development pipelines — and how it helps teams deliver customer value while boosting the bottom line. Today, we’re diving into the next evolution of that pipeline: continuous deployment. Today’s technology companies need to release quality features quickly and put them in users’ hands even quicker.

Securing Containers at Scale: Docker Hardened Images + Cloudsmith

Containers have been with us for a while and are ubiquitous in the Secure Software Development Life Cycle (SSDLC). According to some reports, nearly 60% of organizations use containers for most or all of their production applications. It’s no surprise really, as containers provide consistency and standardization across the lifecycle while speeding up delivery pipelines. They revolutionized how we develop and deploy apps in the cloud and there is no sign of this changing anytime soon.

Securely quarantine suspect packages using Rego code with Cloudsmith's Enterprise Policy Management.

Software supply chain attacks are becoming more sophisticated, and Cloudsmith tackles this head-on with EPM. Using a set of tools, including a policy-as-code approach, you can tailor security policies to be as simple or as advanced as you need. Define any policy using Rego code and Open Policy Agent (OPA) to be highly prescriptive and catch suspect or non-compliant software artifacts before the damage is done..

Trigger CircleCI pipelines from your IDE with natural language

Most CircleCI pipelines are configured to trigger automatically on code commits, but not every development scenario fits that model. Sometimes you need to trigger a build manually—to test pipeline changes, retry a flaky test, or run CI on a colleague’s branch—without the friction of pushing empty commits or navigating to the UI to manually trigger a build.

Prevent pipeline collisions with serial groups in CircleCI

In a single pipeline, it’s easy to control job order. But in a large engineering org with dozens of pipelines, hundreds of contributors, and countless shared environments and services, that control can start to slip. Pipelines interfere with each other. Deploys overlap. Test environments break. Someone merges code, triggers a build, and gets a failure they can’t reproduce. Unfortunately, this kind of instability is a routine byproduct of scale.

How CircleCI implemented llms.txt for better AI discoverability

At CircleCI, we’re committed to making our platform work seamlessly with the AI-powered tools that developers increasingly rely on. Our journey into AI integration is focused on creating a robust Model Context Protocol (MCP) server that allows AI assistants to access and understand CircleCI data in real-time. This enables developers to debug build failures, analyze test results, find and fix flaky tests, and improve pipelines using natural language within their favorite AI tools.

How to set up chaos engineering in your CI/CD pipeline with CircleCI and Chaos Toolkit

Distributed architecture is increasingly being adopted in current software systems because it brings great scalability and flexibility, keeping them resilient under real-world conditions, Unfortunately, this new distribution also introduces new points of failure in the systems. Traditional testing methods are no longer enough; they focus only on whether a system works, not on whether it keeps working under stress or failure. That is where chaos engineering comes in.

Explore CircleCI projects from your IDE with AI assistance

CircleCI gives you deep visibility into your builds, workflows, and tests, but jumping between browser tabs, copying project URLs, or re-authenticating across tools can slow things down. What if your IDE could just show you the projects you’re working on and let you act on them directly? This post shows how to use the list_followed_projects tool in the CircleCI MCP server to browse and interact with your CircleCI projects by chatting with an AI assistant inside your IDE.

XRPL Supply Chain Attack and How to Block it Using Cloudsmith's Enterprise Policy Management

Yet another supply chain attack has surfaced, this time using the xrpl library to sneak through malicious packages. xrpl.js is recognised as the recommended npm library for integrating the XRP Ledger (XRPL) with JavaScript/TypeScript applications, and has over 140k downloads a week.

CI/CD Observability Powered by OpenTelemetry

Modern engineering teams spend a lot of time and resources in setting up monitoring of their production systems - tracking uptime, catching errors, and responding to incidents before customers ever notice. But what about the journey before code reaches production? For most teams, observing the CI/CD pipeline is either an afterthought or completely overlooked. While we recognize its importance, do we truly understand how well our CI/CD process is functioning?

CI/CD Observability Powered by OpenTelemetry and SigNoz

Most teams have strong monitoring for production, but what about the journey before your code gets deployed? The CI/CD pipeline is where bottlenecks, flaky tests, and process gaps silently waste your team’s time. Until now, this part of the workflow has mostly been a black box. We’re excited to announce CI/CD Observability in SigNoz - a new way to track, analyze, and improve your software delivery process, powered by OpenTelemetry.

JFrog's SPOF Framework for SaaS Ecosystems

As Software as a Service (SaaS) solutions evolve, organizations face increasing pressure to ensure uninterrupted service delivery. One of the most significant threats to SaaS Service delivery and operational continuity is the presence of known and unknown Single Points of Failure (SPOFs). As a SaaS organization, the team at JFrog deeply understands the risks of SPOFs and works hard to avoid them.

Fix flaky CI tests by chatting with your IDE

Flaky tests are a serious productivity problem. When tests sometimes pass and sometimes fail without code changes, they undermine trust in your CI pipeline and drain time from engineering teams. Debugging them often turns into a slow process of chasing logs, rerunning builds, and trying to guess what went wrong. This post shows how to quickly detect and fix flaky tests directly in your IDE by chatting with an AI assistant.

OWASP CI/CD Part 3: Dependency Chain Abuse

As more teams rely on public repositories in their software supply chain, the dependency chain has become both a critical foundation and a potential blind spot. Dependency chain abuse is not new, but a growing list of attack vectors - like typosquatting, dependency confusion, and now slopsquatting - means security leaders need to respond quickly as attackers adopt new techniques.

Vibe Coding for Production | full video

Vibe coding, even on a large production application, can change how a developer works. In this video, I live vibe code a real shipped feature end to end with (mostly) no edits. I'm pretty new to the practice, but I wanted to share what I've found to work pretty well. If you want to see how vibe coding works on legacy code in the real world, this may be for you. Chapters.

Best 8 Developer Experience (DevEx) Insight Tools

Developer Experience (DevEx) tools form a crucial part of modern DevOps workflows, providing analytics on code performance, security vulnerabilities, user interactions, and more. Implementing effective DevEx tools requires an understanding of best practices, key features, and the unique strengths of each platform. Let's delve into each platform, understanding what makes them invaluable, and learn how to select and leverage these tools for optimal development outcomes.

Scaling Docker Usage with JFrog

Earlier this month the development industry was preparing for rate limit changes at Docker Hub. Ultimately, any rate limit changes were put on hold. Many JFrog customers have asked us, “How would Docker Hub rate limit changes impact us?” In this post we’ll discuss what you can do to ensure uninterrupted usage of Docker, now and into the future, regardless of rate limits.

Building a real-time AI autocomplete app with Next.js and Vercel AI SDK

Over the past ten years, Azure has become one of the most prominent cloud computing platforms available, rivaled only by AWS. Part of Microsoft’s suite of Azure services, Azure web apps provide a packaged environment for hosting web applications built in many languages. Because this environment is fully managed by Azure, developers have limited options for control.

Getting started with Jenkins dashboards

Jenkins is an open-source automation server widely used for continuous integration and continuous delivery (CI/CD), enabling developers to automate the building, testing, and deployment of software projects. Jenkins requires a good layer of visualization as it provides real-time visibility into pipeline performance, build statuses, test results, and deployment progress.

Use AI to resolve CI test failures with zero guesswork

Test failures are inevitable. A broken condition, a missed edge case, or a last-minute refactor can trip up even the most careful changes. That’s part of shipping software. What shouldn’t be part of the job is spending half your afternoon parsing logs and chasing down the root cause. Now, there’s a faster way. This guide shows how to use the CircleCI MCP server to identify, understand, and resolve failing tests in a CI/CD build without ever leaving your editor.

Streamline your LangChain deployments with Langserve on GCP

Deploying Large Language Model (LLM) applications can transform ideas into valuable services. But, deployment challenges can slow down even experienced developers. In this tutorial, you will build and deploy a LangChain application using LangServe and CircleCI on Google Cloud Run. You will create a text summarization tool powered by Google’s Gemini model. You will use Langserve to expose it as an API. You will automate testing and deployment to Google Cloud Run using CircleCI.