..using GitHub branch rulesets

In this article I show how to create a container for GitHub CodeSpaces for some Azure + Terraform work. Usually, azterraform from Microsoft is my go-to, but in this instance I needed a PowerShell base, and the addition of the GitHub CLI client. Obviously, it has to be built in CI, and let’s add some security love with Trivy too! You can re-use this same process to make your own CodeSpaces container (or any container, for that matter), with the tools that work for your use cases.

In this article I’m going to show you a mechanism to test for destructive changes when writing Terraform modules. You could re-use this capability in your own module development process, for transparency I’m going to do this in the context of a public Azure Verified Module. Some of you may be familiar with my previous post on converting the AVM virtual network module resource to be 100% AzAPI, where I mentioned an experimental PR.

..a simple step to avoid exposing your DevOps Org

Have you noticed how some committers on GitHub have a ‘verified’ badge? This isn’t because the person is special (sorry to burst my own bubble), but rather they have signed their commits with a tool such as the Gnu Privacy Guard (GPG). Commit validation ensures the authenticity and integrity of code by verifying the identity of the author through GPG signatures, providing trust and security in collaborative projects.