Posts
AI Innovation Week
We recently completed the second innovation week of this year at my current company, where the focus was on using AI to see how it can transform us and the healthcare industry where we operate. A number of researches we conducted during the innovation week: Azure AI Search We have looked at advanced and effective searching of datasets on a large scale. This can be expanded with AI intelligence, such as natural language processing models, to better understand the intent behind searches.
Private Bicep Module Registry with GitHub Actions
When using Bicep modules for multiple projects or for diverse clients, an often straightforward approach is to define the modules centrally and replicating those modules in each repository. While this approach allows customization for specific solutions, such as incorporating new features or implementing security configurations for compliance, challenges arise when attempting to propagate these improvements to other solutions while ensuring adherence to the latest standards. This is where the private Bicep module registry steps in.
Proactive Security with Trivy
In this blog post I want to share my knowledge on how we implemented Trivy for our repositories and as part of our CI/CD pipelines. Whether it was our for our Bicep templates in a shared registry or finding vulnerabilities in containers before deploying to production, we where missing proactive security scanning for these resources. As I’ve worked with Trivy before, it was my immediate preference, and I was confident it would help us enhance our holistic security posture.
Use PSRule for Azure with GitHub Actions
In a DevOps environment, incorporating testing into a continuous integration (CI) process is crucial. The integration within CI facilitates the early identification of issues before code deployment to any environment. While this practice widely adopted for application code, it is also important to apply this for infrastructure as code templates. In this post I want to explain what PSRule for Azure is, how I have implemented it for our company with GitHub Actions, and providing insights in the configurations that I have used.