
r/cicd

PikoCI — The CI/CD that grows with you
How hard can it be to build a CI/CD system? Concourse CI has the right model but the operational overhead is brutal. That question stuck with me long enough that I started building it. What kept me going was realising I needed it for my own side projects too: games and open source tools that require custom environments GitHub Actions can't provide.
The design goal was something that grows with you. A binary and a pipeline file is all you need to start: runs entirely in memory. Add SQLite for persistence. Add Postgres and distributed workers when you scale. Never have to migrate or reconfigure.
Key things:
- Single binary, zero setup, in-memory by default
- Run pipelines locally: pikoci run --pipeline-config pipeline.hcl --job test runs any job on your laptop. No server, no push, no waiting.
- Services: start any process before your tasks, stop it after, guaranteed. No Docker-in-Docker.
- Four sourceable abstractions: resource types, runners, services, secret backends. All defined in HCL, all pullable from a URL. Write it once, host it anywhere, reference it by URL.
- HCL pipelines: Terraform-style syntax
- Public pipelines: share status without an account
PikoCI deploys itself. Live at ci.pikoci.com/teams/main/pipelines/pikoci, no login needed.
What are teams actually doing for production QA with Claude Code that works?
The answer is Claude Code integrates with your existing CI/CD but this does not mention anything regarding the E2E verification layer, which in most cases is the actual tough part.
Claude Code frequently updates the UI and Playwright tests depend on selectors, which means that tests from Claude Code may be fragile when Claude Code makes the next update to the code.
Built a local Azure Pipelines condition/dependsOn simulator because I was sick of burning PR approvals just to test one eq()
Anyone else done the push -> wait 8 minutes -> red X -> change one character -> push again dance, just to figure out why condition: and(succeeded(), eq(variables['Build.Reason'], 'PullRequest')) isn't doing what you think it's doing? And then half the time you need an actual PR + approval just to touch the yml, so testing "let me just try this real quick" means pinging a teammate for the third time that week going "sorry, one more approval, promise this is the last one" (it is never the last one).
So I built pipcondition - a local simulator for Azure Pipelines condition, expressions and dependsOn graphs. You paste your real azure-pipelines.yml in, mock whatever variables/parameters/step outcomes you want, and it shows you exactly which stages/jobs/steps would run, skip, or fail. No push, no pipeline run, no waiting.
What it actually does:
- The real condition expression language - eq, ne, in, and/or/not, succeeded()/failed()/succeededOrFailed(), counter(), all of it - not some 80%-there approximation
- dependsOn fan-out/fan-in across stages and jobs, with the actual skip-propagation rules Azure uses (fail one stage, watch everything downstream correctly cascade to Skipped)
- A "simulate a branch push" panel - type in Feature/my-cool-thing or release/2.0, pick Manual/PR/Schedule as the trigger, and it derives Build.SourceBranch, Build.SourceBranchName, System.PullRequest.* etc. so your branch-gated stages actually flip between skip/run correctly (yes it even replicates the "PR builds get a fake refs/pull/N/merge ref" nonsense, because that's genuinely how Azure behaves and I'd rather be accurate than friendly)
- Templates, extends:, typed parameters, the ${{ if/each }} compile-time stuff
- Mock step outcomes so you can pretend a step failed and see if your continueOnError/condition logic actually saves you like you think it does
- A visual stage/job DAG instead of reading yaml top to bottom like a maniac
- If your pipeline references a variable group or a cross-repo template it obviously can't reach (it's a local tool, it's not calling your actual org), it just tells you "can't see this, treating as empty" instead of exploding
It's here, https://pipcondition.vercel.app/ (paste and go, nothing to install), code's on GitHub: https://www.github.com/WasathTheekshana/pipcondition
Heads up - this is very much a beta, built in my spare time by one guy who also does this stuff for a day job. It WILL have bugs, especially on weirder real-world patterns (nested templates, exotic variable setups, whatever creative yaml your pipelines team wrote three years ago that everyone's now too scared to touch). If you paste your pipeline in and it either explodes or gives you a flat-out wrong answer, please open an issue - the more real pipelines this gets thrown at, the better it gets. PRs welcome too if you enjoy yaml pain as much as I apparently do.
Self-hosted GitHub Actions runners on Lambda MicroVMs
I was curious if I can use new Lambda MicroVMs as self-hosted GitHub Runners. On paper, they are super nice:
It's cheaper: GHA-hosted is $0.005 / min (2 vCPU), MicroVMs ~$0.0042 / min, and no minimum 60-second commitment as with GHA-hosted.
It can run longer: GHA-hosted max 6 hours, MicroVMs max 8 hours
It starts in a few seconds, compared to whichever other serverless solution built on top of ECS
It scales to 0, or rather, it only runs when jobs are running
They are VMs, so you can still run containers/docker/whatever else inside;
I got a bit too invested, and ended up building this Terraform module. You only need to create GitHub App manually, the rest is just a single "terraform apply" and your MicroVM Runners are ready to go. I've switched come of projects at my company to use, works great, same or better performance as GHA-provided runners. Natural limitation is that MicroVMs are only arm64, and in general they don't have much flexibility around the "hardware" setup - but hey, for most cases, it should work great, and it's just 1 webhook + GHA JIT Runners + 1 MicroVM Run per Job.
I got tired of my scraping pipeline dying mid-run every night. So I built my own.
Every developer building AI agents knows this moment.
Credits gone. Rate limit hit. JSON malformed. Pipeline dead at page 47 — out of 200.
State lost. Restart from zero. At 2am.
The tools we use weren't built for this scale. We just accepted it.
So I stopped accepting it.
I built a tool that takes any list of URLs and returns clean, structured JSON — in parallel, without breaking mid-run, at a fraction of what you're paying now.
No credit limits killing your pipeline. No malformed output breaking your agent. No restarting from zero.
Looking for 10 developers actively building AI agents who want early access and are willing to tell me honestly if this solves the problem.
Drop your use case in the comments or DM me directly.
[Tool] Kulshan: Open-source AWS audit CLI that generates a local HTML report (no CUR, no SaaS)
[Tool] Kulshan: Open-source AWS audit CLI that generates a local HTML report (no CUR, no SaaS)
I spent years helping AWS customers investigate cost questions.
A surprisingly common conversation looked like this:
Customer: "Our AWS bill doubled."
Followed by:
- No CUR
- No Athena
- No cost tooling
- No budget alerts
- Nobody comfortable enough with Cost Explorer to answer questions quickly
Before optimization, FinOps, chargeback, forecasting, or governance, there was a much simpler problem:
What is actually going on in this AWS account?
I built a tool to answer that question.
pip install kulshan
aws login
kulshan report
Kulshan is a free, open-source CLI that runs locally against your AWS account and generates an HTML report.
It uses read-only AWS APIs and looks at:
- Cost trends and spend changes
- Largest services and cost drivers
- RI / Savings Plan coverage
- Tagging health
- Orphaned and unused resources
- Forecast and acceleration signals
A few design decisions I cared about:
- No SaaS
- No data uploads
- No telemetry
- No write permissions
- No CUR required
- No Athena required
The idea is not to replace FinOps tooling.
It is to provide a baseline when someone asks:
"Can you help me understand what is going on with this bill?"
GitHub:
https://github.com/azz-kikkr/kulshan
PyPI:
https://pypi.org/project/kulshan/
Question for the community:
When someone drops you into an unfamiliar AWS account and asks why spend increased, what is the very first thing you look at?
Speeding up Next.js Docker builds with OpenTelemetry Traces
At Oodle, we are building an observability platform - it was ironic that our own Next.js builds and CI were missing telemetry
So we used OpenTelemetry to instrument Oodle, on Oodle - end-to-end. We used our own platform, but any platform supporting Traces would work for this
Wrote it up here: https://blog.oodle.ai/speeding-up-next-js-docker-builds-with-opentelemetry-traces/