GitHub - Scrum Bug

GitHub

A collection of 15 posts

Recommendations for using Azure CLI in your workflow

Azure Pipelines

Recommendations for using Azure CLI in your workflow

Azure CLI is widely used in GitHub Actions and Azure Pipelines, as well as many other CI/CD tools. Over the last few weeks, I've been looking into its performance and security and based on that here are a number of recommendations.

Accessing (private) GitHub resources from a Codespace

Accessing (private) GitHub resources from a Codespace

If you want to access packages or repositories from another organization though, you're out of luck. Even though you can request access to repositories outside of your organization or account, GitHub won't grant you that access when the Codespace starts.

Investigating az-cli performance on the hosted Azure Pipelines and GitHub Runners

GitHub Featured

Investigating az-cli performance on the hosted Azure Pipelines and GitHub Runners

I've been building a few more workflows and pipelines over the past few days and had been experimenting with the az-cli. And I've been running into all kinds of performance issues.

Protect the repository hosting your GitHub Action

GitHub Actions Featured

Protect the repository hosting your GitHub Action

It comes as no surprise that the tags and branches solution to version GitHub Actions is weak at best. There have been rumors of Actions moving to a different model (GitHub Container Registry), but that is yet to see the light.

Tips & tricks: Git under WSL and windows

Tips & tricks: Git under WSL and windows

Since the introduction of WSL I've started to rely on it more and more, but there are still a few quirks when dealing with multiple environments that access the same repo on disk.

Enable RenovateBot for Azure Pipelines

GitHub Featured

Enable RenovateBot for Azure Pipelines

In my report on the Security state of the Azure DevOps Marketplace I came to the unfortunate conclusion that about 40% of the extensions contain vulnerabilities. One of the recommendations for both Azure DevOps administrators and pipeline authors was to keep the Azure Pipelines Tasks up-to-date.

Cow walking through an Indian Marketplace

Azure DevOps Featured

Security state of the Azure DevOps Marketplace

This report focusses on the Azure Pipelines extensions in the Marketplace. At the time of compiling the report there are 1460 extensions in the "Azure Pipelines" category. More than 500 have one or more vulnerabilities or vulnerable dependencies.

What's GitHub's new require approval of the most recent push policy all about?

What's GitHub's new require approval of the most recent push policy all about?

The "require approval of the most recent push" protection rule was recently introduced (oct 2022).

Issuing workflow commands from the Windows shell in GitHub Actions

Issuing workflow commands from the Windows shell in GitHub Actions

I don't think you should, I'm not sure you want to... But in case you need to... Here's how to correctly issue a GitHub Actions workflow command from the windows shell.

Update Ghost blogs and pages with PowerShell

Update Ghost blogs and pages with PowerShell

In order to remove a bit of repetitive manual work from my schedule I wrote a little sync between my Scrum.org class schedule to this blog.

Upgrade Hosted Agent / GitHub Runner PowerShell

Upgrade Hosted Agent / GitHub Runner PowerShell

I had recently fixed a bug in one of my build scripts by upgrading to the latest PowerShell Preview version. Of course, that version isn't yet available on the hosted agent for Azure Pipelines and GitHub Actions.

Be Secure and Compliant with GitHub

Be Secure and Compliant with GitHub

How do we ensure security after we have deployed our application? This question comes up in many customer engagements. How do we make something secure and how can we ensure we are compliant? Unfortunately, many of these questions arise after the fact. After the application has been built, or even

Customizing Codespaces

Customizing Codespaces

You’ve probably had this situation at least once on your career: you join a new team and it takes you at least 10 days to finally get the build to succeed on your local machine, the tests to pass, the application to launch without issues, and for the debugger

Can't push to GitHub "Refusing to allow an OAuth App to create or update workflow without workflow scope"

Can't push to GitHub "Refusing to allow an OAuth App to create or update workflow without workflow scope"

When any of your commits contain a new or updated GitHub Action, you need to have the `workflow` scope to push these changes. Git Credential Manager for Windows doesn't request this.

Rename your master branch to something better

Rename your master branch to something better

I just went through my GitHub repositories to rid them of the master branches. It was a relatively simple process that took me about an hour or 2 for all my repositories. Scott Hanselman explains the base process. It's a simple set of steps to create a new branch with