Build Provenance and Deployment Gate Operations
Supply-chain security is not complete when an attestation exists. It matters when provenance becomes part of deployment policy.
Delivery and GitOps
This group clusters posts that are best read together inside the DevOps category, so the learning path feels more intentional.
This group currently contains 3 posts.
Start Here
Best first read in this group
Build Provenance and Deployment Gate Operations
Supply-chain security is not complete when an attestation exists. It matters when provenance becomes part of deployment policy.
Group Archive
All posts in this group
Software Supply Chain Attestations in CI/CD
A practical introduction to SBOMs, provenance, attestations, and release verification for teams hardening modern delivery pipelines.
GitHub Actions CI/CD Design Guide
This article explains how to design reliable CI/CD pipelines with GitHub Actions, covering test separation, caching strategy, environment promotion, secret management, and deployment stability from a practical engineering perspective.