July 2026 Summaries
8 posts from Octopus Deploy
Filter
Month:
Year:
Post Summaries
Back to Blog
Paul Stovell discusses the challenges of integrating AI into software development, emphasizing that while AI can increase the speed of code generation, it often exacerbates compliance and risk management issues in large, regulated enterprises. He argues that the real bottleneck is not the speed of writing code but managing the risk associated with deploying changes. Stovell uses the metaphor of physics to describe how increased productivity often leads to an equal and opposite reaction from compliance functions, resulting in new processes that nullify productivity gains. He points out that compliance measures tend to accumulate over time, creating a "compliance ratchet" that is difficult to reverse. Stovell suggests a balanced approach where half of a team's efforts focus on accelerating change and the other half on ensuring those changes are safe and compliant. He believes AI can assist not only in generating code faster but also in assessing risks and improving compliance, ultimately maintaining customer trust, which is critical for business success.
Jul 15, 2026
1,155 words in the original blog post.
Octopus has introduced Feature Flags, a new feature designed to enhance software deployment by allowing teams to control when and where new features are enabled without the need for redeployment. This functionality is built on OpenFeature, an open standard that offers a vendor-agnostic API for feature flagging, which allows for easy integration with various management tools and minimizes vendor lock-in. Octopus Feature Flags are deeply integrated with existing Octopus functionalities and support environment targeting, tenant and client rollouts, and context-driven segments to enable a controlled and customizable release process. Available as a public preview for Octopus Cloud customers, these feature flags have already shown success in improving the ability to release progressively and rollback instantly, ultimately contributing to a more stable product deployment. The system supports multiple programming languages and offers flexible options for developers, promising to expand availability to self-hosted Octopus Server customers in the future.
Jul 13, 2026
1,029 words in the original blog post.
Octopus Deploy is a deployment orchestration tool designed for enterprise environments, supporting multiple clouds and toolchains, and offering both a self-hosted version and a managed Octopus Cloud option. The importance of staying current with updates is emphasized, as they include essential security patches, bug fixes, performance improvements, and new features that help maintain compliance and reduce risk. Octopus Cloud users benefit from an automatic update process that keeps their instances up to date with the latest improvements, while self-hosted users are encouraged to regularly install updates to ensure optimal performance and security. Compatibility with popular software tools and the ability to integrate new functionalities are also highlighted, alongside the company's commitment to customer feedback and continuous product enhancement. Users are invited to explore new features and enhancements through the public roadmap and blog updates, ensuring they maximize the benefits of Octopus Deploy's evolving capabilities.
Jul 07, 2026
1,110 words in the original blog post.
Octopus Deploy has transitioned target tags to a new management system using tag sets, allowing users to create, edit, and delete tags, thus improving tag maintenance and flexibility. This change retains the original functionality of target tags for filtering deployments and scoping steps to specific targets but enhances them with the ability to rename tags and use SingleSelect or MultiSelect tag set types to enforce data integrity. The new system also facilitates better organization by allowing tags to be divided into different sets and provides specific use cases, such as deploying to particular tags or excluding certain tags to ensure optimal deployment strategies. Existing users will find their target tags already migrated to a 'Default Target Tags' set, and the platform encourages thoughtful planning of tag dimensions such as role, cloud provider, and compliance scope for new setups. Guidance on designing tag sets and deploying strategies is available in their documentation.
Jul 07, 2026
426 words in the original blog post.
John Bristowe highlights the evolving role of code reviews in the era of AI-generated code, comparing it to a scene from "I Love Lucy" where Lucy and Ethel struggle to keep up with an accelerating chocolate assembly line. He argues that while AI has increased the speed of code production, it has also made thorough code reviews more challenging and less effective as quality assurance tools. Bristowe suggests that rather than relying solely on human reviewers, the industry should focus on improving deployment pipelines with automated checks and policy-as-code approaches to ensure software quality before it reaches production. He emphasizes that while code reviews are valuable for knowledge sharing and mentorship, they are not sufficient as the primary method for catching all bugs in AI-generated code. With AI becoming increasingly integral to development processes, Bristowe underscores the need for a robust pipeline that can verify code quality regardless of its origin, urging a shift from traditional code review practices to more automated and scalable solutions.
Jul 03, 2026
1,478 words in the original blog post.
Matthew Casperson outlines a process for creating Ephemeral Environments using a sample Kubernetes project, focusing on deploying feature branches and facilitating development workflows before integration into the mainline branch. The project utilizes an Octopus Cloud account, an Octopus AI Assistant Chrome extension, and a mock Kubernetes server to simulate deployments. A key feature is the "Features" channel, which enables the deployment to ephemeral environments by creating a separate namespace for resources, distinct from traditional environments like Development, Test, and Production. The deployment process involves using a Kubernetes target linked to the Features environment, along with two runbooks for provisioning and deprovisioning ephemeral environments. These runbooks, executed from the "Hosted Ubuntu" worker pool, automate environment management, ensuring efficient resource handling.
Jul 03, 2026
812 words in the original blog post.
Organizations often introduce heavy change approval processes in response to major incidents, aiming to stabilize operations during critical periods, such as seasonal sales or financial year-end. However, these cumbersome processes can ironically lead to greater instability by delaying work and causing a backlog of unreleased changes, complicating testing, and increasing the likelihood of merge conflicts. Instead of relying on centralized change approval boards, streamlining these processes through automation and peer-review for individual changes can enhance stability and efficiency. Automating verification tasks, like code linting and automated testing, reduces the need for manual intervention, while categorizing changes by risk ensures human oversight is applied where most needed. The Continuous Delivery Office Hours series emphasizes adopting small batch processing to mitigate problems associated with large batches, advocating for continuous improvement in software delivery practices.
Jul 02, 2026
675 words in the original blog post.
Interest in AI agents continues to grow among large enterprises, with many companies appointing C-level executives to oversee AI implementation, signaling the significance and investment in this technology. The text explores the concept of sandboxing AI agents, which is crucial for improving security, especially for local AI agents that operate in users' workspaces and have broad access to systems and networks. Local agents, acting as general-purpose assistants, benefit from sandboxing to limit their extensive capabilities, whereas shared AI agents, designed for specific tasks, rely on pre-existing security measures. The discussion emphasizes distinguishing between local and shared agents and suggests that while sandboxing is vital for local agents due to their wide-ranging operations, shared agents, often running as web services, already employ robust security practices. Enterprises should focus on securing the tools used by shared agents rather than getting distracted by the notion of sandboxes, as existing security protocols for web services effectively serve the same purpose.
Jul 01, 2026
2,368 words in the original blog post.