DevOps: Harmont, PikoCI, GitHub Actions outage
Harmont CLI is an open‑source task runner that lets you define CI/CD pipelines in real Python (or TypeScript) code instead of YAML, with built‑in Docker isolation, layer caching and DAG‑based parallel execution. The project ships a local runner and a GitHub Action for cloud‑based builds, targeting modern language toolchains.
PikoCI is a lightweight, self‑hosted CI/CD platform shipped as a single binary and inspired by Concourse. It runs anywhere without Docker or Kubernetes, offering a Terraform‑style HCL pipeline language, pluggable back‑ends for storage, queues, and secrets, and supports distributed workers for scaling. The source and demo pipeline are publicly viewable.
On May 26, 2026 GitHub Actions suffered an authentication‑related outage that displayed a misleading “Your account is suspended” error, causing workflow runs to fail and halting CI/CD pipelines for developers globally. GitHub confirmed degraded availability and is investigating the root cause.
Pullfrog AI is an open‑source, model‑agnostic GitHub bot that runs entirely within GitHub Actions, letting developers plug in any LLM provider via a bring‑your‑own‑key approach. It automates code review, issue triage, CI fixes and more, offering a flexible alternative to hosted services like CodeRabbit.
A detailed table compares monthly costs of managed Kubernetes clusters from European providers such as Hetzner, OVH, and Scaleway. The analysis shows many EU options cost significantly less than US hyperscalers while offering local data residency, helping teams cut infrastructure spend.
Nvidia’s Dynamo Snapshot combines CRIU and CUDA checkpointing to checkpoint and restore GPU‑accelerated inference containers on Kubernetes, shrinking cold‑start times from minutes to seconds. The prototype restores a full vLLM worker on a new node with near‑instant readiness, helping avoid SLA breaches during traffic spikes. The approach is detailed in an official Nvidia developer blog.
Burn is an open‑source CLI that reconciles Kubernetes billing using FOCUS/CUR data formats, delivering real‑time cost breakdowns, AI‑driven queries, and spot‑readiness recommendations. It runs without agents, supports major cloud providers and on‑prem clusters, and integrates via Homebrew, Docker, Helm, or Go.
Adaptive hedged requests automatically issue parallel backup calls when a request becomes a straggler, cutting overall p99 latency by 74% in microservice fan‑out architectures. The technique uses DDSketch for real‑time latency quantiles and a token‑bucket budget to avoid load spikes during outages, providing a zero‑configuration solution for tail‑latency reduction.
Multiplayer is a tool that runs locally alongside AI coding agents like Claude or Copilot, automatically collecting full‑stack data from production to generate precise bug‑fix pull requests. By caching sessions and deduplicating issues, it delivers high‑quality fixes without the data overload of traditional observability platforms.
A new analysis shows that engineering teams' mean time to resolution has risen annually despite record spending on observability tools, with tool counts climbing to eight‑nine per team. The article argues that beyond a threshold, abundant telemetry creates cognitive overload, masking simple root causes and extending incident recovery time.
LinkedIn engineers faced recurring 10‑15 second database outages with no logs. By deploying an automated eBPF off‑CPU profiler that captured kernel stack traces at freeze onset, they identified a massive 3.5 GB allocation that blocked the kernel’s mmap_lock, throttling all threads. Pre‑allocating the offending Rust HashMap eliminated the issue.
At Open Source Summit NA 2026, Microsoft announced the public preview of Azure Linux 4.0, a Fedora-derived, hardened general‑purpose Linux distribution optimized for Azure VMs, alongside GA of Azure Container Linux. The distro offers a reduced attack surface, supply‑chain transparency, and Azure‑native kernel features for cloud‑native and AI workloads.
HashiCorp Vault 2.0 introduces beta SCIM integration, letting organizations provision users and groups from identity providers like Okta and SailPoint directly into Vault. This standards‑based approach reduces manual provisioning, aligns secrets access with identity lifecycles, and improves compliance and operational scalability.
HashiCorp’s Consul 2.0 release introduces multi‑port service mesh support for Kubernetes, integration with CyberArk Workload Identity Manager as an external CA, a global RPC rate limiter, and auto‑scaling for its API gateway. These features boost flexibility, security, and scalability for service networking in dynamic cloud environments.
The newly disclosed Linux kernel zero‑day (CVE‑2026‑43284 & CVE‑2026‑43500), dubbed “Dirty Frag”, lets a local user in a container gain root on the host and potentially escape isolation. Ubuntu’s advisory details mitigations that disable the vulnerable ESP and RxRPC modules until patched kernels are released. The flaw scores 8.8 CVSS, raising urgent DevSecOps concerns.
Red Hat Enterprise Linux 10.2 introduces hybrid post‑quantum key exchange algorithms for SSH, including FIPS‑approved mlkem768nistp256‑sha256 and mlkem1024nistp384‑sha384, plus mlkem768x25519‑sha256 as the default. The updates also bring post‑quantum support to libssh, letting custom SSH services upgrade for "harvest‑now, decrypt‑later" protection.
Subscribe free