Showing posts with label azure. Show all posts
Showing posts with label azure. Show all posts

Reading Notes #630

This week, ReadingNotes shares some insightful blog posts that caught my attention. From embracing a positive mindset and integrating local AI models with .NET Aspire, to leveraging Docker for cloud-native development and exploring AI-powered Blazor Kanban, there's plenty to dive into. Happy reading!

Programming

AI

LowCode

Miscellaneous

Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

If you have interesting content, share 

~Frank


Reading Notes #628

A phone connected to a screen, keyboard, and mouse

For this week reading notes, I have some exciting blog posts and podcast episodes. Covering topics including .NET scaffolding, Visual Studio updates, the Builder Pattern in C#, and OpenAPI in .NET 9. Plus, tips on validating identity with GitHub, improving Azure Identity, and podcast highlights on GitHub Universe and presentation skills. 

Cloud


Programming


Podcasts


Miscellaneous


Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

If you have interesting content, share it!


~Frank


Reading Notes #627


This week, I stumbled upon some fascinating reads. From the announcement of .NET 9 and its incredible versatility to an intriguing new type of failover for Azure Storage, there's plenty to explore. Discover how to get .NET 9 running on your Raspberry Pi, check out the latest Blazorise update, and delve into the power of GitHub Models in .NET with Semantic Kernel. Plus, don't miss out on the introduction of GitHub Copilot for Azure and a new season of AI-related sessions in Visual Studio. And for my fellow open-source enthusiasts, the .NET Aspire Community Toolkit is a game-changer. 

Dive in and let's geek out together! 🌟

Suggestion of the week

  • Announcing .NET 9 - .NET Blog (.NET Team) - You can build anything with C# (aka .NET) and I love it! With runs everywhere, it's open source, it's fast and free!

Cloud

Programming

  • Install and use Microsoft Dot NET 9 with the Raspberry Pi (Pete Codes) - C# everywhere! I love it! I do have some code that run on a Pi as a mini server, bubi need to have a look for a IoT library that could be used.

  • Blazorise v1.7 (Mladen Macanović) - New version of a nice looking CSS Framework for our Blazor website with more features and better performance.

AI

Data

Open Source

Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
If you have interesting content, share it!


~ Frank


Reading Notes #624

Dive into this week's fascinating mix of tech insights, troubleshooting tales, and productivity tips. From the latest in Azure Dev tools to real-world debugging adventures and cutting-edge .NET innovations, there's something for everyone.

Happy reading!

Cloud

Programming

Podcast

  • Microsoft Playwright Testing with Debbie O'Brien (.NET Rocks!) - Great tool to help making tests on our websites. It's open source and now support .NET.

  • Inspektor Gadget (DevOps and Docker Talk: Cloud Native Interviews and Tooling) - THe first time I heard about Inspektor Gadget was in an episode of Open at Microsoft. I don't use much Kubernetes, but that will be part of my toolbox when I do. Great security, troubleshooting, and observability utility.

Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

If you have interesting content, share it!


~ Frank


Reading Notes #622

Welcome to this week’s reading notes! In this post, you’ll find a curated selection of insightful articles and tutorials covering various topics in technology and programming. Whether you’re looking to enhance your testing skills with .NET Aspire, improve your code comprehension with GitHub Copilot, or explore the world of Docker for DevOps, there’s something here for everyone. Dive in and enjoy these valuable resources!

If you have interesting content, share it!

Suggestion of the week

Cloud

Programming

LowCode

Miscellaneous

  • Hosting a (DevOpsDays) Tech Conference (Dewan Ahmed) - I went to this even and you could feel it was prepared with patio and care. It very interesting to learn about the behind the scene and all the work put both before and after.DevOpsDay Halifax you won my heart.

~ Frank



Reading Notes #620

It's Reading Notes time and this week we learn how to improve our experience and security while using AI and containers
 a zip line spider?

Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Cloud

AI

Programming

~Frank

Reading Notes #617

Less posts and articles this week, I was devouring books! I guess a special "book edition" of the Reading Notes should be coming soon... 

If you are new on this blog, welcome! The reading notes post is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

 
You also read something you liked? Share it!

Cloud

Programming

Podcasts

  • Debug Containers with Mintoolkit (DevOps and Docker Talk: Cloud Native Interviews and Tooling) - Great episode about the intricacy of debugging containers and a tool mintoolkit,before knows as DockerSlim, that could really simplify things for us.

  • Fine tuning Products with Stanza System's Stacie Frederick (Hanselminutes with Scott Hanselman) - Do we really need to have that automatic build and deployment x time by week, or day? Are far should we go? Are we trying to solve a real problem or just find a solution we think we need. Great episode that will help you answering those questions.

  • Better ways to have tricky conversations at work (Modern Mentor) - It's been many stories I heard from people who quit their job before even talking to their manager... This short episode will provides you a few tips to get more prepare and try different alternative.

~Frank

Reading Notes #616

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
 
You also read something you liked? Share it!
 

Cloud

Programming

Miscellaneous

~ Frank

Reading Notes #615

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Back from a two weeks time off it was nice to get back into tech read.
You also read something you liked? Share it!

Cloud

Programming

~frank

Reading Notes #613

Good Monday! This week Reading Notes are more listening notes 😅 and we go from .NET Aspire and  containers, passing by communication with AI to camping!

Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Cloud

Programming

Podcasts

~Frank

Reading Notes #609

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

You also read something you liked? Share it!

   

Cloud

Programming

AI

~frank

Reading Notes #608

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week. 


You also read something you liked? Share it!

Cloud

Programming

AI

Podcast

Miscellaneous


~ Frank


Reading Notes #607

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week. 

You also read something you liked? Share it!

Cloud

Programming

Databases

Podcasts


~frank


Reading Notes #606

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

You also read something you liked? Share it!

Cloud

Azure Developer CLI (azd) – Build 2024 Recap (Grace Kulin) - All developers should look at how it can really speedup and simplify your Azure deployment and ease the creation of your infrastructure as code file (bicep and terraform).

Programming

Catch Up on Microsoft Build 2024: Essential Sessions for .NET Developers (James Montemagno) - Perfect for . NET developers who would like to know what's new and what's coming

Avoiding interactivity with Blazor? (Jon Hilton) - Nice post that examines how some fancy checkbox or button interactivity works in Blazor.

Must-have resources for new .NET Aspire developers (Anthony Simmon) - This post contains a list of other posts and videos about aspired really interesting if you want to get started.

Microsoft Dev Box introduces new ready-to-code and enterprise management capabilities - Wonderful powerful device where and when you need it. This post shares the most recent new features.

Developing cloud-native apps with .NET Aspire and Visual Studio (Mark Downie) - Nice post that celebrates the general availability of .NET Aspire and shares many advantages of using it with Visual Studio.

It turns out, it's not difficult to remove all passwords from our Docker Compose files (Frank Boucher) - We all did it. Hardcoding password in code, because it's "just" a quick thing, or it's just for us, and we think it's okay... but is it? This post shares my learning while removing passwords from docker-compose file.

AI

Announcing the AI Toolkit for Visual Studio Code (John Lam) - Nice! The favorite editor of so many now have an AI extension! I missed the Microsoft Build sessions with the demos. Lucky me they are available on demand!


~frank



It turns out, it's not difficult to remove all passwords from our Docker Compose files

I used to hardcode my password in my demos and code samples. I know it's not a good practice, but it's just for demo purposes, it cannot be that dramatic, right? I know there are proper ways to manage sensitive information, but this is only temporary! And it must be complicated to remove all the passwords from a deployment... It turns out, IT IS NOT difficult at all, and that will prevent serious threats.

In this post, I will share how to remove all passwords from a docker-compose file using environment variables. It's quick to setup and easy to remember. For production deployment, it's better to use secrets, because environment variables will be visible in logs. That said, for demos and debugging and testing, it's nice to see those values. The code will be available on GitHub. This deployment was used for my talks during Azure Developers .NET Days: Auto-Generate and Host Data API Builder on Azure Static Web Apps and The most minimal API code of all... none

The Before Picture

For this deployment, I used a docker-compose file to deploy an SQL Server in a first container and Data API Builder (DAB) in a second one. When the database container starts, I run a script to create the database tables and populate them.

services:

  dab:
    image: "mcr.microsoft.com/azure-databases/data-api-builder:latest"
    container_name: trekapi
    restart: on-failure
    volumes:
      - "./startrek.json:/App/dab-config.json"
    ports:
      - "5000:5000"
    depends_on:
      - sqlDatabase

  sqlDatabase:
    image: mcr.microsoft.com/mssql/server
    container_name: trekdb
    hostname: sqltrek
    environment:
      ACCEPT_EULA: "Y"
      MSSQL_SA_PASSWORD: "1rootP@ssword"
    ports:
      - "1433:1433"
    volumes:
      - ./startrek.sql:/startrek.sql
    entrypoint:
      - /bin/bash
      - -c
      - |
        /opt/mssql/bin/sqlservr & sleep 30
        /opt/mssql-tools/bin/sqlcmd -U sa -P "1rootP@ssword" -d master -i /startrek.sql
        sleep infinity

As we can see, the password is in clear text twice, in the configuration of the database container and in the parameter for sqlcmd when populating the database. Same thing for the DAB configuration file. Here the data-source node where the password is in clear text in the connection string.

"data-source": {
 	"database-type": "mssql",
	"connection-string": "Server=localhost;Database=trek;User ID=sa;Password=myPassword!;",
	"options": {
		"set-session-context": false
	}
}

First Pass: Environment Variables

The easiest password instance to remove was in the sqlcmd command. When defining the container, an environment variable was used... Why not use it! To refer to an environment variable in a docker-compose file, you use the syntax $$VAR_NAME. I used the name of the environment variable MSSQL_SA_PASSWORD to replace the hardcoded password.

/opt/mssql-tools/bin/sqlcmd -U sa -P $$MSSQL_SA_PASSWORD -d master -i /startrek.sql

Second Pass: .env File

That's great but the value is still hardcoded when we assign the environment variable. Here comes the environment file. They are text files that holds the values in key-value paired style. The file is not committed to the repository, and it's used to store sensitive information. The file is read by the docker-compose and the values are injected. Here is the final docker-compose file:

services:

  dab:
    image: "mcr.microsoft.com/azure-databases/data-api-builder:latest"
    container_name: trekapi
    restart: on-failure
    env_file:
      - .env
    environment:
      MY_CONN_STRING: "Server=host.docker.internal;Initial Catalog=trek;User ID=sa;Password=${SA_PWD};TrustServerCertificate=True"
    volumes:
      - "./startrek.json:/App/dab-config.json"
    ports:
      - "5000:5000"
    depends_on:
      - sqlDatabase

  sqlDatabase:
    image: mcr.microsoft.com/mssql/server
    container_name: trekdb
    hostname: sqltrek
    environment:
      ACCEPT_EULA: "Y"
      MSSQL_SA_PASSWORD: ${SA_PWD}
    env_file:
      - .env
    ports:
      - "1433:1433"
    volumes:
      - ./startrek.sql:/startrek.sql
    entrypoint:
      - /bin/bash
      - -c
      - |
        /opt/mssql/bin/sqlservr & sleep 30
        /opt/mssql-tools/bin/sqlcmd -U sa -P $$MSSQL_SA_PASSWORD -d master -i /startrek.sql
        sleep infinity

Note the env_file directive in the services definition. The file .env is the name of the file used. The ${SA_PWD} tells docker compose to look for SA_PWD in the .env file. Here is what the file looks like:

SA_PWD=This!s@very$trongP@ssw0rd

Conclusion

Simple and quick. There are no reasons to still have the password in clear text in the docker compose files anymore. Even for a quick demo! Of course for a production deployment there are stronger ways to manage sensitive information, but for a demo it's perfect and it's secure.

During Microsoft Build Keynote on day 2, Julia Liuson and John Lambert talked about how trade actors are not only looking for the big fishes, but also looking at simple demos and old pieces of code, looking for passwords, keys and sensitive information.

Reading Notes #605

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week. 

You also read something you liked? Share it!

Cloud

Programming

AI

~Frank

Reading Notes #604

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week. 


You also read something you liked? Share it!

 

Cloud

Programming

DevOps

Miscellaneous

  • Introducing Plans on Microsoft Learn (Kaberi Bell) - Would it be to be a data engineer, AI specialist, app builder there's a plan for you and that's a very cool new feature on learn have a look this blog post explain all of it

  • How Do You Measure Developer Experience? (Jennifer Riggins) - An interesting article about what and how measure performance. I didn't know so many system and details concepts were that detailed.

  • Windows Terminal Preview 1.21 Release (Christopher Nguyen) - Tons of new features again and I love| seeing all those community contributions.

~Frank

Reading Notes #603

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Having interesting content? Share it!

Cloud

Programming

Podcasts

Miscellaneous

  • DevOps Adoption for IT Managers (Chris Pietschmann) - Interesting post that shares the benefits of DevOps for your enterprise and how to approach it as a manager.

  • Cascadia Code 2404.23 (Christopher Nguyen) - I used to do ASCII art back on my C=64... Now that all those new fonts and symbols are added should I start again? Nice to have all the options available to be able to display everything we need|the console.

~Frank

Reading Notes #602

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.


Having interesting content? Share it!

Cloud

Programming

AI

~Frank

Reading Notes #601

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Having interesting content? Share it! 


Suggestion of the week

  • Announcing: Azure Developers (Mehul Harry) - Looking forward to this event. I have the pleasure to present a session with Jerry Nixon about Data API Builder. Join us!

Cloud

  • Demystifying Azure CLI pagnination (Jeremy Li) - That's great! It's so sad when all the information is "throw" on us without any control and it's on us to find our "needle" we are looking for in those screens full of line. This will definitely helps.

Programming

Open Source

~ Frank