This edition of ReadingNotes covers new AI tools, WSL updates, .NET 9 features, and debugging tips with GitHub Copilot. Plus, insightful podcasts on .NET Aspire, productivity tools, and frontend engineering.
Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
Easier to fix async exceptions (Mark Downie) - Debugging Asynchronous code as been always more complicated, looking forward to seeing (and using) that new capability in .NET 9.
How to make your web page faster before it even loads (Salma Alam-Naylor) - To make sure our users have he best experience possible it important to fine-tune some little details. This post goes deep and explains them very well.
Welcome to this week’s edition of Reading Notes! In this roundup, we explore a variety of topics across cloud, programming, databases, and AI. From understanding Docker’s USER instruction to styling Blazor components with CSS, I’ve got you covered. Let’s dive in!
Suggestion of the week
Understanding the Docker USER Instruction (Jay Schmidt) - A great post to that explains really clearly the basic usage of user when building our container. After reading this post you should feel confident to follow this best practices.
Happy Canada Day! It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
You also read something you liked? Share it!
Cloud
Is .NET Aspire NuGet for Cloud Service Dependencies? (Phil Haack) - I like the comparison with NuGet. Using .NET Aspire in a project does indeed simplify a lot things. I'll be waiting for that follow up post.
Announcing TypeScript 5.5 - TypeScript (Daniel Rosenwasser) - Really good news for the JavaScript developers. This post shares all the new features like ECMAScript, Set Methods support, and the performance improvement included in this release candidate of Typescript.
Blazor Basics: Dealing with Complex State Scenarios (Claudio Bernasconi) - Interesting package Fluxor that help managing states. The post also explains different pros and cons of methods to maintain states.
It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
Bringing the Aspire dashboard to ACA (Mark Downie) - One of the great tool that was released with Aspire is its dashboard as it shows traces across services. This post shares how to enable this amazing tool in Azure.
I used to hardcode my password in my demos and code samples. I know it's not a good practice, but it's just for demo purposes, it cannot be that dramatic, right? I know there are proper ways to manage sensitive information, but this is only temporary! And it must be complicated to remove all the passwords from a deployment... It turns out, IT IS NOT difficult at all, and that will prevent serious threats.
In this post, I will share how to remove all passwords from a docker-compose file using environment variables. It's quick to setup and easy to remember. For production deployment, it's better to use secrets, because environment variables will be visible in logs. That said, for demos and debugging and testing, it's nice to see those values. The code will be available on GitHub. This deployment was used for my talks during Azure Developers .NET Days: Auto-Generate and Host Data API Builder on Azure Static Web Apps and The most minimal API code of all... none
The Before Picture
For this deployment, I used a docker-compose file to deploy an SQL Server in a first container and Data API Builder (DAB) in a second one. When the database container starts, I run a script to create the database tables and populate them.
As we can see, the password is in clear text twice, in the configuration of the database container and in the parameter for sqlcmd when populating the database. Same thing for the DAB configuration file. Here the data-source node where the password is in clear text in the connection string.
The easiest password instance to remove was in the sqlcmd command. When defining the container, an environment variable was used... Why not use it! To refer to an environment variable in a docker-compose file, you use the syntax $$VAR_NAME. I used the name of the environment variable MSSQL_SA_PASSWORD to replace the hardcoded password.
/opt/mssql-tools/bin/sqlcmd -U sa -P $$MSSQL_SA_PASSWORD -d master -i /startrek.sql
Second Pass: .env File
That's great but the value is still hardcoded when we assign the environment variable. Here comes the environment file. They are text files that holds the values in key-value paired style. The file is not committed to the repository, and it's used to store sensitive information. The file is read by the docker-compose and the values are injected. Here is the final docker-compose file:
Note the env_file directive in the services definition. The file .env is the name of the file used. The ${SA_PWD} tells docker compose to look for SA_PWD in the .env file. Here is what the file looks like:
SA_PWD=This!s@very$trongP@ssw0rd
Conclusion
Simple and quick. There are no reasons to still have the password in clear text in the docker compose files anymore. Even for a quick demo! Of course for a production deployment there are stronger ways to manage sensitive information, but for a demo it's perfect and it's secure.
During Microsoft Build Keynote on day 2, Julia Liuson and John Lambert talked about how trade actors are not only looking for the big fishes, but also looking at simple demos and old pieces of code, looking for passwords, keys and sensitive information.
It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
Think Faster, Talk Smarter with Matt Abrahams (Modern Mentor) - Interesting episode about how to become a better communicators in both formal and informal situations. Matt is the author a book on that topic.
DevOps Adoption for IT Managers (Chris Pietschmann) - Interesting post that shares the benefits of DevOps for your enterprise and how to approach it as a manager.
Cascadia Code 2404.23 (Christopher Nguyen) - I used to do ASCII art back on my C=64... Now that all those new fonts and symbols are added should I start again? Nice to have all the options available to be able to display everything we need|the console.
It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
What is an RDP Browser? (And How To Get One) (Peter) - A great alternative when you want to test on different browser or version of a browser, for gaming, And also for cyber security when investigating.
It's reading notes time! It is a habit I started a long time ago, close to 600 weeks ago in fact, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
If you think you may have interesting content, share it!
Is Your Container Image Really Distroless? (Laurent Goderre) - Nice post that explains a new way to improve security and more while building our container by going distroless.
Azure PowerShell Tips and Tricks (Paul Harrison) - PowerShell is a very interesting and useful script language.All those tips are pure wisdom!
DevOps
Beautiful .NET Test Reports Using GitHub Actions (Sean Killeen) - It's true that the unit test result in Azure DevOps looks amazing. Pretty nice adaptation in GitHub Action, could/ should it be native?
It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week.
If you think you may have interesting content, share it!
Suggestion of the week
Getting Started with Blazor’s New Render Modes in .NET 8 (Jon Hilton) - Amazing post that covers the four rendering mode for Blazor in .NET 8.There just enough code to understand the concept and see the trade-offs and advantages of each options.
ai generated: melting snowman who love to read
Cloud
A Decade of Have I Been Pwned (Troy Hunt) - Congrats for this anniversary and what a journey it was.I remember reading with passion your tech blog describing the tech decision taken for the site.
Making Azure the Best Place to Observe Your Apps with OpenTelemetry (Matthew McCleary) - Looking back, tracking, monitoring, tracing are such important action when we think about application life cycle.I'm very happy to see Azure offers a great sets of tools to do it.
It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week.
If you think you may have interesting content, share it!
It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week.
If you think you may have interesting content, share it!
The suggestion of the week
How to use GitHub Copilot: Prompts, tips, and use cases (Rizel Scarlett, Michelle Mannering) - A very helpful post that helps thinking how to communicate efficiently with Copilot, by breaking down our instructions and being more specific.
It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week.
If you think you may have interesting content, share it!
It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, podcast episodes, and books that catch my interest during the week.
If you think you may have interesting content, share it!
Programming
Web3 DevOps: The Series (Donovan Brown) - I'm just getting started with web3 there are so many tools.
How to Compare Two Json Objects Using C# (Code Maze) - Data is the core of most if not all applications and a common way to define the data is JSON. This post helps to understand how to compare a piece of information. Very useful.
Taking Comfortable Risks with Scott Galloway (A Bit of Optimism) - One thing he said that will stick with me I think, and that I need to now transform into my words: "There is nothing that will happen to you if you don't take some uncomfortable risks and talk to some people".
How to manage through a season of layoffs (Modern Mentor) - A season like those required more effort from everyone. It's hard and we all need to say nice and as much human as possible.
Get Started with GitHub Actions (Mandy Hubbard) - This is a great post to get started with CICD. GitHub is free and accessible, give it a try and then automate some tests or a deployment.
Why tuples in C# are not always a code smell (Dennis Frühauff) - I didn't use Turple yet but it's not hard to see the potential and how it could become ugly. This post shows and explains a few simple rules to stay clear.
Lazy and once-only C# async initialization (Ian Griffiths) - An amazing post that explains so much and that has all the code snippets to be clear about it. I will have to copy-paste those into some test applications to really try them, but it is clear what I should expect.
It's time to share my reading notes. Those are a curated list of all the articles and blog posts, that caught my interest during the week and that I found interesting. It's a mix of the actuality and what I consumed.
If you think you may have interesting content, share it!
Web Security 101 - Part 1: Secrets (Abbey Perini) - This is a nice post that lists places or methods to save our secrets and explains the pro and cons of each.
Fluent Insights EP4: Slots (Paul Gildea) - The new episode of Fluent UI Insights is out. This one talks about slots, JSX children, and triggers.
Already time to share new reading notes. Here is a list of all the articles, and blog posts that catch my interest during the week.
If you think you may have interesting content, share it!
Cloud
Introduction to DevSecOps on Azure (Daniel Krzyczkowski) - DevSecOps is a real thing and it's accessible for all. This post explains what it is and provides examples of how it could be implemented at a high level.
Adding color to bracket pairs (Mads Kristensen) - A call for feedback on an up common feature of Visual Studio. Rainbow Brackets yes it will colorize the brackets but what should be the options?
DevOps monitoring: The Why, What, and How of DevOps monitoring (Hiren Dhaduk) - This is an excellent post to get us to think about our first step. It explains the reason why we should care and briefly lists a few tools available today on the market to help.
Those are a curated list of all the articles, blog posts, podcast episodes, and books that catch my interest during the week and that I found interesting. It's a mix of the actuality and what I consumed.
If you think you may have interesting content, share it!
Using Azure Service Bus in the wild (Paul Michaels) - This excellent post introduces the Service Bus as a crucial piece when working in a bigger system.
The VS Code Server (Grace Taylor) - I personally heard about it for the first time Friday on Clarkio live stream. This project is a fantastic idea! To get access, fill out the short form at the end of the post.
Writing .NET Application Services for Kubernetes (Mike Hadlow) - I never used Kubernetes, but always found it interesting. This post is a gold mine of advice and best practices about how to plan your multi-container app.
Good Monday, Already time to share new reading notes. Here is a list of all the articles, blog posts, and podcast episodes that catch my interest during the week.
If you think you may have interesting content, share it!
Build configuration for Azure Static Web Apps (craigshoemaker, anthonychu, Reshmi-Sriram, changeworld) - Continuous deployment is so powerful it is very useful to understand the options and how you can set your things together.
Good Monday, Already time to share new reading notes. Here is a list of all the articles, blog posts, and podcast episodes that catch my interest during the week.
If you think you may have interesting content, share it!
ASP.NET Core CRUD with NoSQL: Part 2 (Matthew Groves) - In this second post of the series, we learn how to set an index and how to prepare our select to read our data.
An Introduction to JSON (Jack Wallen) - I thought it was a bit older than that. Nice post th o learn more about something we all use.