InfoQ Homepage Continuous Integration Content on InfoQ
-
Grafana and GitLab Introduce Serverless CI/CD Observability Integration
In a move to streamline development workflows, Daniel Fritzgerald of GrafanaLabs has published a new open-source solution that links GitLab CI/CD events into Grafana's observability stack via a serverless architecture.
-
HashiCorp Warns Traditional Secret Scanning Tools are Falling behind
HashiCorp has issued a warning that traditional secret scanning tools are failing to keep up with the realities of modern software development. In a new blog post, the company argues that post-commit detection and brittle pattern matching leave dangerous gaps in coverage.
-
Combining Continuous Delivery with Pair Programming: Lessons Learned
Pair programming and continuous integration can go hand-in-hand. Pushing to main multiple times a day is hard in isolation, leading to delays, large PRs, and merge issues, Ola Hast and Asgaut Mjølne Söderbom mentioned in their talk about continuous delivery with pair programming at QCon London. Pairing enables instant code review, easier refactoring, fewer bugs, and higher team resilience.
-
Agoda Leverages ChatGPT in the CI/CD Process for SQL Stored Procedure Optimization
Agoda started utilizing ChatGPT to optimize SQL stored procedures (SP) as part of their CI/CD process. After introducing the automated LLM-assisted step, the company observed shortened stored procedure optimization times, which lightened the load on DB developers. Agora works on making ChatGPT more accessible for SP optimization outside of the CI/CD pipeline.
-
Google Veles is a New Open-Source Secret Scanner Powering GCP
Google Veles is a newly released open-source secret scanner, launched as part of Google's broader OSV-SCALIBR (Software Composition Analysis LIBRary) ecosystem. Veles integrates seamlessly with other OSV-SCALIBR tools and also powers secret scanning in Google Cloud, while remaining available as a standalone module.
-
AWS Lambda Adds Support for GitHub Actions
AWS has recently announced that AWS Lambda now supports GitHub Actions, providing a simplified way to deploy changes to Lambda functions using declarative configuration in GitHub Actions workflows. The new option supports both .zip file and container image deployments.
-
Wix Adds Chaos to CI/CD Pipelines with AI and Improves Reliability
Cloud-based web development service Wix has written about a new approach to integrating artificial intelligence into continuous integration and continuous deployment (CI/CD) systems. In a blog post, Wix demonstrates how probabilistic AI can coexist with deterministic development processes, adding chaos without compromising reliability.
-
Microsoft Launches Azure DevOps MCP Server in Public Preview
Microsoft has unveiled the Azure DevOps Model Context Provider (MCP) Server in public preview, enabling seamless interaction between GitHub Copilot and Azure DevOps. This innovative tool allows developers to query and manage project data using natural language directly within VS Code, streamlining workflows and enhancing productivity while ensuring project data remains secure and local.
-
Docker Launches Hardened Base Images
Docker has launched its Docker Hardened Images (DHI), a security-focused range of base images that reduce vulnerabilities by up to 95%. Built using a distroless approach, these minimal images eliminate unnecessary components, offering automatic patching and compatibility with existing Dockerfiles. Ideal for regulated environments, DHI enhances software supply chain security and transparency.
-
GitLab Adds AI Code Assistance with Self-Hosted GitLab 18 Release
GitLab has released version 18.0 of its DevSecOps platform, introducing more AI features across the Premium and Ultimate tiers. The release includes AI-native development workflows, aligning GitLab with competitors like Microsoft's GitHub Copilot and other AI-assisted coding platforms.
-
How Allegro Does Automated Code Migrations for over 2000 Microservices
Allegro shared the details of the process it uses to manage code migrations at scale. The company combined GitHub’s Dependabot and OpenRewrite projects into a custom solution that helps developers perform mundane code migration tasks automatically across numerous source code repositories. The company tackled many edge cases to ensure the process operates smoothly, relieving initial trust issues.
-
Activision Reduces Build Time of Call of Duty by 50% with MSVC Build Insights
Activision has cut build times for Call of Duty: Modern Warfare II (COD) in half by profiling and optimizing their C++ build system with MSVC Build Insights to uncover bottlenecks in their compilation pipeline. The effort unblocked developers, accelerated delivery, and reduced idle time.
-
Compromised GitHub Action Highlights Risks in CI/CD Supply Chains
The popular tj-actions/changed-files GitHub Action used by thousands of repositories recently compromised those repositories, exposing a critical weakness in how open-source Actions are published and consumed.
-
AWS CodeBuild Adds Parallel Test Execution for Faster CI
AWS CodeBuild now supports parallel test execution, significantly reducing build times by allowing concurrent test suite runs across multiple environments. This feature addresses long CI pipeline cycles that impede productivity and increase costs. With intelligent test distribution and automatic result merging, developers can enhance efficiency and streamline feedback loops.
-
Atlassian Launches ARM Builds for Bitbucket Pipelines
Atlassian has announced ARM-based Linux runners for its Bitbucket Pipelines cloud service, allowing developers to build software artefacts and container images for ARM-based systems. The new feature is available exclusively to Standard and Premium plan customers.