Weekly DevOps Roundup: Trusted CI/CD, SRE agents, and AI ops

DevOps news showcases updated automation tools, AI integration, and security-focused platform practices. Teams work toward secure CI/CD, efficient AI-powered infrastructure management, improved governance, and practical connections between code, infrastructure, and incident response—all geared for reliable delivery and balanced development speed.

Secure NuGet Publishing and Trusted CI/CD Workflows

Andrew Lock’s step-by-step guide explains Secure NuGet Package Publishing using ephemeral credentials with GitHub Actions, replacing static API keys for direct nuget.org authentication. Developers specify workflow permissions and deploy the NuGet/login@v1 YAML action for flexible access, supporting secure collaboration and compliance. This builds on last week’s Trusted Publishing and security enhancements for CI/CD automation.

• Secure NuGet Package Publishing from GitHub Actions with Trusted Publishing

AI-driven DevOps Automation and Infrastructure Management

ControlMonkey introduces KoMo AI agents for automated Terraform provisioning, policy enforcement, and code analysis. These trace dependencies, review modules, and detect misconfigurations. env zero’s Cloud Governance Platform features a Static Code Analyzer Agent for policy-compliant fixes via pull requests, using Anthropic’s MCP to orchestrate multi-cloud resources. These platforms streamline manual work and standardize policy automation, continuing last week’s expansion of MCP-driven DevOps.

• ControlMonkey Introduces AI Agents for Infrastructure Automation
• env zero Revamps Infrastructure Automation Platform for AI Era

Azure SRE Agent Expands: Automation, Diagnostics, and Incident Response

Azure SRE Agent v2.0 moves into wider public preview, adding role-based access control, approval workflows, and secure automation for Azure resources. Diagnostics cover both core and specialized workloads, with incident response linking Monitor, PagerDuty, ServiceNow, GitHub, and Azure DevOps. SREs benefit from unified orchestration and Copilot-powered PR automation, transparent billing via Agent Units, and improved documentation—reinforcing recent agent-driven modernization efforts.

• Azure SRE Agent Public Preview Expands: New Features for DevOps and Automation

AI Adoption in DevOps: Trust, Velocity, and Pipeline Bottlenecks

Industry analysis shares that while AI use is nearly universal, mistrust and pipeline instability persist. Internal platforms report stronger results and faster delivery (63%) with AI, but incidents and deployment errors remain frequent. Less than 10% of teams have fully automated pipelines; cost and security drive modernization. This data continues last week’s discussion on balancing performance and stability, illustrating current strengths and challenges.

• DORA 2025: AI’s Impact on DevOps — Speed, Trust, and the Platform Effect
• Survey Reveals DevOps Bottlenecks Created by AI-Generated Code

AI-driven Project Management for DevOps Teams

Shortcut’s Korey AI agent automates project management by turning natural language into actionable plans, tracking dependencies, and orchestrating work based on code comments, GitHub changes, and team workflows. Direct communication helps organize sprints and monitor blockers, reducing manual work and freeing engineers for coding. Korey expands AI’s project management role, building on last week’s coverage of Copilot Coding Agent and orchestration tools.

• Shortcut Introduces Korey AI Agent for Software Project Management

AI in the DevOps Lifecycle and Quality Assurance Mindset

DevOps guides recommend integrating AI-powered monitoring, testing, and pipeline automation to improve event correlation and vulnerability management—while highlighting the importance of data quality and integration planning. Teams are urged to prioritize automation for the highest-impact tasks. Another feature underlines that combining automation with exploratory QA creates stronger pipelines—engage QA early and build resilient scripts for meaningful business value. These articles reinforce recent best practices for maintaining robust, collaborative delivery pipelines with AI integration.

• How AI is Transforming DevOps: Smarter, Faster, and More Reliable Software Delivery
• Why Automation Fails Without the Right QA Mindset

Platform, Tooling, and Workflow Updates

VS Live! Orlando 2025 previews hands-on training in Visual Studio, .NET, DevOps, AI, ML, cloud engineering, and security. Attendees will learn about tools ranging from AI debugging and Copilot-driven DevOps to .NET Aspire microservices, continuing previous attention to productivity and agentic workflows.

• VS Live! Orlando 2025: Deep Dive into Visual Studio, AI, DevOps, and Beyond

Other DevOps News

GitHub Actions cache eviction enforcement is postponed, giving teams more time for workflow optimization and aligning with earlier roundups about lifecycle management.

• New Enforcement Date for GitHub Actions Cache Eviction Policy GitHub’s web interface adds interactive, one-click merge conflict resolution, streamlining collaboration and context management—building on recent onboarding and workflow enhancements.
• One-Click Merge Conflict Resolution in GitHub Web Interface MapYourGrid continues to invite users to contribute to an open energy infrastructure map using GitHub, offering opportunities for climate action through technical collaboration.
• MapYourGrid: Contributing to an Open Map of the World's Energy Grid