
  <rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
    <channel>
      <title>Mehdi Hadeli Tech</title>
      <link>https://mehdihadeli.com/blog</link>
      <description></description>
      <language>en-us</language>
      <managingEditor>undefined (Mehdi Hadeli)</managingEditor>
      <webMaster>undefined (Mehdi Hadeli)</webMaster>
      <lastBuildDate>Thu, 25 Jun 2026 00:00:00 GMT</lastBuildDate>
      <atom:link href="https://mehdihadeli.com/tags/ci-cd/feed.xml" rel="self" type="application/rss+xml"/>
      
  <item>
    <guid>https://mehdihadeli.com/blog/devsecops-dotnet-github-actions-pipeline</guid>
    <title>Designing a DevSecOps GitHub Actions Pipeline for .NET: Quality, SAST, SCA, Signing, and DAST</title>
    <link>https://mehdihadeli.com/blog/devsecops-dotnet-github-actions-pipeline</link>
    <description>A practical .NET DevSecOps GitHub Actions design that splits CI and CD, layers quality gates, local Husky hooks, Checkov, Semgrep, CodeQL, optional Sonar, Microsoft Testing Platform coverage with Cobertura and Coveralls, SBOM generation, Cosign signing, provenance attestation, automatic main-to-dev deployment, tag-to-staging promotion, and manual-gated production release with smoke, k6, and ZAP validation.</description>
    <pubDate>Thu, 25 Jun 2026 00:00:00 GMT</pubDate>
    <author>undefined (Mehdi Hadeli)</author>
    <category>devsecops</category><category>ci-cd</category><category>github-actions</category><category>dotnet</category>
  </item>

    </channel>
  </rss>
