Reading Notes #628

For this week reading notes, I have some exciting blog posts and podcast episodes. Covering topics including .NET scaffolding, Visual Studio updates, the Builder Pattern in C#, and OpenAPI in .NET 9. Plus, tips on validating identity with GitHub, improving Azure Identity, and podcast highlights on GitHub Universe and presentation skills. 

Cloud

• Better Azure Identity authentication support and performance during local development with .NET Aspire (Anthony Simmon) - A cool demo/tutorial with all the code snippets and explanations.

Programming

• dotnet scaffold - Next Generation Content Creation for .NET - .NET Blog (Sayed Ibrahim Hashimi) - Yay! Scaffolding CLI and it looks well done too! It's time to try it and if you are interested it's an OSS project.

• Making you more productive with Visual Studio v17.12 - Visual Studio Blog (Mads Kristensen) - Mad's blog post are always synonym of fun and happiness as it means Visual Studio has new cool features that ease or day and make us more productive. I love that that simple copy error message one.

• The Builder Pattern in C# [2024] - This is a very nice post that explains clearly with code different scenarios where that pattern would make sense.

• OpenAPI document generation in .NET 9 (Mike Kistler) - This is a great new feature in NET9 when building APIs. The post shares how to update existing APIs to get it. I'm looking forward to migrating my stuff.

Podcasts

• 435: GitHub Universe Recap + M4 is here with a NEW Mac mini!!! (Merge Conflict) - Cool summary and nice news for iOS user about xCode.

• How to prepare for a nerve-wracking presentation (Modern Mentor) - Good strategies for new or experienced speakers.

Miscellaneous

• Validate your identity on Bluesky with your GitHub account (Mark Downie) - That's a neat trick, sir!

Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

If you have interesting content, share it!

~Frank

Reading Notes #627

This week, I stumbled upon some fascinating reads. From the announcement of .NET 9 and its incredible versatility to an intriguing new type of failover for Azure Storage, there's plenty to explore. Discover how to get .NET 9 running on your Raspberry Pi, check out the latest Blazorise update, and delve into the power of GitHub Models in .NET with Semantic Kernel. Plus, don't miss out on the introduction of GitHub Copilot for Azure and a new season of AI-related sessions in Visual Studio. And for my fellow open-source enthusiasts, the .NET Aspire Community Toolkit is a game-changer. 

Dive in and let's geek out together! 🌟

Suggestion of the week

• Announcing .NET 9 - .NET Blog (.NET Team) - You can build anything with C# (aka .NET) and I love it! With runs everywhere, it's open source, it's fast and free!

Cloud

• WTH is Planned Failover for Azure Storage? (Sam Cogan) - Interesting new type of fail over that could help to practice without losing any data.

Programming

• Install and use Microsoft Dot NET 9 with the Raspberry Pi (Pete Codes) - C# everywhere! I love it! I do have some code that run on a Pi as a mini server, bubi need to have a look for a IoT library that could be used.

• Blazorise v1.7 (Mladen Macanović) - New version of a nice looking CSS Framework for our Blazor website with more features and better performance.

AI

• Unlocking the Power of GitHub Models in .NET with Semantic Kernel - .NET Blog (Bruno Capuano) - Super cool, very quick to setup, secure, and perfect why we are "just" developing.

• Introducing GitHub Copilot for Azure (Chris Harris) - After trying it, I can tell that it is pretty amazing! It's like have someone else besides you with the Azure portal answering all you're questions.

• Learn how to create a Client-Server Application in under 45 Minutes in the new Season of AI - Visual Studio Blog (Pablo Lopez) - A lot of AI related session are coming up, it's time to register.

Data

• Integrating .NET Aspire With Azure Storage (Fiodar Sazanavets) - Nice wait to have an emulator for local work. I will have to check this as I'm using Azure table storage in many of my projects.

Open Source

• Introducing the .NET Aspire Community Toolkit - .NET Blog (Aaron Powell) - Very happy (and proud) about this OSS project. .NET Aspire makes things so much easier for developers. And now we can simply add more types of integration thanks to the CF.

Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

If you have interesting content, share it!

~ Frank

Reading Notes #624

Dive into this week's fascinating mix of tech insights, troubleshooting tales, and productivity tips. From the latest in Azure Dev tools to real-world debugging adventures and cutting-edge .NET innovations, there's something for everyone.

Happy reading!

Cloud

• Azure Developer CLI (azd) – October 2024 (Grace Kulin) - Quick post to share about the most recent features like customizing our API version when deploying our containers.

Programming

• Webcam randomly pausing in OBS, Discord, and websites - LSVCam and TikTok Studio (Scott Hanselman) - Weird technical issues are so unpleasant and it's worse when I imply an external devices.Is it a driver, the cable, some software.. In this post Scott shares about how he investigated and found a workaround.

• 3 more productivity tips for .NET developers (mtmattei) - Interesting tips to be and stay productive by different people.

• How we build GitHub Copilot into Visual Studio (Anson Horton) - It is so interesting to read how things happens and the different interactions. If you use vs code or Visual Studio, you should read this article.

• Introducing the New .NET MAUI Kanban Board (Saravanan Madheswaran) - I'm always impressed when I see components build be third parties. The quality, the customization, the look... It's a lot of work make one in your app with half the features; wow.

Podcast

• Microsoft Playwright Testing with Debbie O'Brien (.NET Rocks!) - Great tool to help making tests on our websites. It's open source and now support .NET.

• Inspektor Gadget (DevOps and Docker Talk: Cloud Native Interviews and Tooling) - THe first time I heard about Inspektor Gadget was in an episode of Open at Microsoft. I don't use much Kubernetes, but that will be part of my toolbox when I do. Great security, troubleshooting, and observability utility.

Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

If you have interesting content, share it!

~ Frank

Reading Notes #622

Welcome to this week’s reading notes! In this post, you’ll find a curated selection of insightful articles and tutorials covering various topics in technology and programming. Whether you’re looking to enhance your testing skills with .NET Aspire, improve your code comprehension with GitHub Copilot, or explore the world of Docker for DevOps, there’s something here for everyone. Dive in and enjoy these valuable resources!

If you have interesting content, share it!

Suggestion of the week

• Getting started with testing and .NET Aspire (Aaron Powell) - This is a great tutorial, with a video version if you prefer, to get us started with test when .NET Aspire is part obor solution.

Cloud

• Enhancing Code Comprehension: GitHub Copilot’s Features in Visual Studio 2022 17.11 (Rhea Patel) - This post is a must for all developers. Copilot becomes so much more efficient with those little tips don't miss it.

• How to use Azure Policy to enforce resource naming conventions in your DevOps pipelines (Luise Freese) - Naming is for sure not the most exciting topic,but it is the key to an healthy cloud subscription. Don't miss this post that shares a good way to keep consistent names.

Programming

• Exploring Docker for DevOps: What It Is and How It Works (Todd R. Weiss) - This is a nice post to learn more about Docker and how /why it could be used to improve the DevOps processes.

• .NET Aspire for Data Chatting (Tommaso Stocchi) - Super cool project to query our database without knowing SQL.

LowCode

• How to rotate secrets with Azure Logic Apps, Key Vault and Managed Identity (Luise Freese) - Cool idea o automation to do a important but boring task. And it doesn't required code!

Miscellaneous

• Hosting a (DevOpsDays) Tech Conference (Dewan Ahmed) - I went to this even and you could feel it was prepared with patio and care. It very interesting to learn about the behind the scene and all the work put both before and after.DevOpsDay Halifax you won my heart.

~ Frank

Reading Notes #620

It's Reading Notes time and this week we learn how to improve our experience and security while using AI and containers

 a zip line spider?

Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Cloud

• Securely Connecting Azure Container Apps to Azure OpenAI Using User Managed Identity (Yoshio Terada) - This is a nice and detailed guide that explains step by step how to leverage manage identity in Azure Container App and stay secure.

AI

• Avoid These 5 Common AI Project Mistakes for Success (Narcosa Admin) - AI is a great tool and with it's new easy accessibility more are integrating it into there services, This post shares tips to give you more chance of success.

• 7 Best Practices for Using GitHub Copilot (Visual Studio Code team) - AI is a great tool, but to enjoy it as much as possible there are a few things we can do, This post shares those tips that could make the differences.

Programming

• Docker for Web Developers: Getting Started with the Basics (Todd R, Weiss) - This is a very well written introduction to container and Docker, From the why should we care to running our first container,

• Building a GraphQL Client in ,NET with JetBrains Rider and StrawberryShake (Maarten Balliauw) - This is a nice post to get started with GraphQL, There is example an many references.

• Improving GitHub Copilot Completions in Visual Studio for C# Developers (Mika Dumont) - Great news! The Semantic Kernel files are now part of the context for Copilot, This improves the experience for the C# developers.

~Frank

Reading Notes #617

Less posts and articles this week, I was devouring books! I guess a special "book edition" of the Reading Notes should be coming soon... 

If you are new on this blog, welcome! The reading notes post is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

 
You also read something you liked? Share it!

Cloud

• Containerising Azure Functions without Dockerfile (Justin Yoo) - Cool post that shares while providing all the required code two way to create containerized .NET Azure Function.

Programming

• The Singleton Pattern in C# Today Is Not Your Dad's One! (Metalama Team) - Learn more about one of the oldest pattern, how it was, how it evolved.

• What Is OpenTelemetry? The Ultimate Guide (B. Cameron Gain) - Learn more about what is,why it's useful, what are the golden points in the nice post.

• Asynchronous HTTP APIs with Azure Container Apps jobs (Anthony Chu) - This is a great post. it explains the long process async pattern and provides the code to so it can be implemented with Azure container app.

Podcasts

• Debug Containers with Mintoolkit (DevOps and Docker Talk: Cloud Native Interviews and Tooling) - Great episode about the intricacy of debugging containers and a tool mintoolkit,before knows as DockerSlim, that could really simplify things for us.

• Fine tuning Products with Stanza System's Stacie Frederick (Hanselminutes with Scott Hanselman) - Do we really need to have that automatic build and deployment x time by week, or day? Are far should we go? Are we trying to solve a real problem or just find a solution we think we need. Great episode that will help you answering those questions.

• Better ways to have tricky conversations at work (Modern Mentor) - It's been many stories I heard from people who quit their job before even talking to their manager... This short episode will provides you a few tips to get more prepare and try different alternative.

~Frank

Reading Notes #616

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

 

You also read something you liked? Share it!

 

Cloud

• Static Sites on Azure Storage vs Azure Static Web Apps (John Kilmister) - Yes both options are available.Do you know the differences?

Programming

• Easier to fix async exceptions (Mark Downie) - Debugging Asynchronous code as been always more complicated, looking forward to seeing (and using) that new capability in .NET 9.

• Simplify development with Dev Container templates for Azure SQL Database (Carlos Robles) - I love that! Instead or having multiple containers (database, dev environment) we can now have only one. No special configuration, faster into the code.

• The 3 Most Common Security Mistakes Developers Make () - This is an interesting post that shares popular mistakes yes but also some better practices accessible to all.

• How to make your web page faster before it even loads (Salma Alam-Naylor) - To make sure our users have he best experience possible it important to fine-tune some little details. This post goes deep and explains them very well.

Miscellaneous

• How to save your online writing from disappearing forever ( Barbara Krasnoff) - A series of online tools that could keep copies of the blog post you put online.

~ Frank

Reading Notes #615

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Back from a two weeks time off it was nice to get back into tech read.

You also read something you liked? Share it!

Cloud

• Azure Developer CLI (azd) – August 2024 (Grace Kulin) - Wow so many new features (many security related) and tons of new templates.

Programming

• Adding .NET Aspire to your existing .NET apps (Jon Galloway) - This great post explains step by step how to add .NET Aspire to your existing app, saying what you gain and how it's helping you to be faster at buildinba better application.

• Bring your AI Copilots to the edge with Phi-3 and Semantic Kernel (Arafat Tehsin) - First post of a very interesting and promising series to build our own local only AI app.

• Combining multiple docker images into a multi-arch image (Andrew Lock) - Another great article from Andrew that explains very clearly a Docker feature: generate multiple image under the same ta to target different OS and infrastructure (ex: x64,arm32)

• Logging in Banana Cake Pop (Pascal Senn) - What a amazing new feature! This will greatly improve development and debugging productivity!

• An Absolute Beginner's Guide to LangGraph.js (Anchit) - A great tutorial that requires not API key and provides detailed steps to learn using Node how to use AI.

• The ultimate guide to developer happiness (Jeimy Ruiz) - Many great tools and solution within GitHub "circle". This post provides best practices to improve developers productivity and announces when the next GitHub Universe is coming up.

• Different Containerising Options for .NET Developers (Justin Yoo) - So many options! The classic one with all the Docker command or the some more embedded... Your choice!

~frank

Reading Notes #613

Good Monday! This week Reading Notes are more listening notes 😅 and we go from .NET Aspire and  containers, passing by communication with AI to camping!

Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Cloud

• Creating an Azure Static Web app (moving from WordPress, part 2) (Michael Eaton) - Yes indeed it is simple to get started with Azure Static WebApp.This post shares a user journey while migrating.

• Windows ARM installing Azure CLI (Jani Nevalainen) - Cool tips to make CLI works on ARM processor device,until the real version comes out.

Programming

• Docker Best Practices: Choosing Between RUN, CMD, and ENTRYPOINT (Jay Schmidt) - Nice post that explains really clearly the differences between those three and provides cheat sheet and examples.

Podcasts

• Introducing .NET Aspire with Damian Edwards (Hanselminutes with Scott Hanselman) - Nice episode where .NET Aspire is really well explained, but yes it's kind of hard to say in a few words what it is.

• 687: Getting Better at Internal Communication, with Roy Schwartz (Coaching for Leaders) - Nice episode that talk how AI can help or harm a good communication. Used smartly it can definitely help...

• Camping Tips for Your Next Adventure with Lestarya Molloy (Wild Ideas Worth Living) - I grow up camping every summer, but for many they didn't have that chance and it's hard to start... But there an App for that!

• CosmosDB and AI with Mark Brown (.NET Rocks!) - AI and data! AI and data! AI and data! It's not a typo, I wrote it 3 times... It's everywhere, evolving fast and you must look at it.

• 86. Power Platform, Blazor and beyond: Maintaining internal apps - with Sophie van den Akker (Betatalks the podcast) - Nice episode about how and where use Blazor, the limits of Power Platform and more.

~Frank

Reading Notes #609

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

You also read something you liked? Share it!

   

Cloud

• It's Finally Possible To Hibernate Azure VMs (Sam Cogan) - This new feature must be such a relief for all the VM users. Make sure to read this post to know the requirements of the VM tone able to hibernate it.

• Enhancing Performance in Azure Container Apps (Cary Chai) - This post gives us an history of the different algorithm used in ACA but also explains briefly how does one works.

Programming

• Visual Studio 2022 - 17.10 Performance Enhancements - Visual Studio Blog (Ashok Kamath) - Impressive improvement going up to 50% in specific cases! Congratulations to the team,event the smaller speed improvement will be feel.

• Setting up NGINX load balancer for .NET WebApi (Oskar Dudycz) - Very well done tutorial to set a reverse proxy.

• What's new for the Microsoft Fluent UI Blazor library 4.8 (Vincent Baaij) - awesome update just before summer! (well, in the north hemisphere).

AI

• Using Phi-3 & C# with ONNX for text and vision samples - .NET Blog (Bruno Capuano) - Nice post that shows that when using great tools it can be really simple todo amazing things.

• I Will Fucking Piledrive You If You Mention AI Again — Ludicity - ChatGPT and other tools have an impact and it disturb the flow. Some embraces the change other don't like the change. Interesting post where the author shares his concerns.

~frank

Reading Notes #608

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week. 

You also read something you liked? Share it!

Cloud

• Running a Playwright scheduled job with Azure Container Apps (Anthony Chu) - A very nice post about recording test session using azure container app. Good idea!

Programming

• The .NET MAUI Extension for Visual Studio Code is now Generally Available - .NET Blog (Maddy Montaquila) - Wow,already GA! Looking forward to try it on my Linux PC. This post shares all the features packed in this release, and there videos too.

• Introducing collection expressions in C#12: Behind the scenes of collection expressions - Part 1 (Andrew Lock) - First post of a series that goes deeper into c# comparing expressions, initialization, and what the compiler does.

• Making C# Simple with Fluent Techniques (Niraj Ranasinghe) - Nice post. I didn't realise that Fluent path was used in so many places. It makes it so cleaner when we can use it.

AI

• Visual Studio Code AI Toolkit: Run LLMs locally (Shreyan Fernandes) - It goes so fast! It used to be complicated to get AI and now we can get one locally directly from vs code... Quick post to get us started.

• Announcing the official OpenAI library for .NET - .NET Blog (.NET Team) - Yay! New version of the SDK.

Podcast

• 84. Comparing Terraform, Pulumi and Bicep: Infrastructure as code - with Sam Cogan (Betatalks the podcast) - Create episode with Sam. Really interesting to listen about those three IaC.

• Dan Garfield: GitOps with Kubernetes - Episode 298 (Azure DevOps Podcast) - Interesting episode about containers and deploying platforms, tools and so much more.

• Episode 1900 with Scott Hanselman! (.NET Rocks!) - Three of my favorite people in the word in a single episode! It was such a pleasure to listen pleasure to listen talk about all those little stories. Long live to .NET Rocks (and HanselMinutes)

Miscellaneous

• What's new in the Windows Subsystem for Linux in May 2024 (Craig Loewen) - Tons of experimental features are being move to regular ones, and more are coming up to manage our distro, improve security and more.

• 8 Learning Paths for Beginners on GitHub (Cynthia Zanoni) - Wow! so many very cool learning Path to get started with anything you can think about it. I may do one or two just to refresh my knowledge.

~ Frank

Reading Notes #607

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week. 

You also read something you liked? Share it!

Cloud

• Azure PostgreSQL, Entra ID Authentication and .NET | LINQ to Fail (Aaron Powell) - Great post! Of course using some identity provider is more complicated then a strait password, but it's way simpler that we may though.

• Bringing the Aspire dashboard to ACA (Mark Downie) - One of the great tool that was released with Aspire is its dashboard as it shows traces across services. This post shares how to enable this amazing tool in Azure.

• Microsoft Entra ID Tenant Starters Guide: Understanding Identity Management and Licensing (Gregor Wohlfarter) - Nice post to have an overview of this important piece of security.

Programming

• Refactor your code using alias any type - .NET Blog (David Pine) - Excellent series to learn more about recently to feature of C#.

• Blazor Basics: Child Routes & Optional Route Parameters (Claudio Bernasconi) - You know your route 101 and would like to learn more, this post is for you.

Databases

• A beginner's guide to mapping arrays in EF Core 8 - .NET Blog (Arthur Vickers) - An interesting post to that depending if your database supported features explains how EF Core could works and use arrays.

Podcasts

• The Definition of Success with author Neil Strauss (A Bit of Optimism) - For a conversation to be constructive and to learn from it not all participant needs to agree. Nice episode about success.

• 81. From APIs to natural language: The democratization of AI - with Henk Boelman (Betatalks the podcast) - Nice to listen to a colleague. Henk definitely knows the very well the topic and how to explains it clearly.

• Motivated by play (Friends) (The Changelog: Software Development, Open Source) - What a journey! Interesting episode, inspiring.

• Brady Gaster: .NET Cloud Native - Episode 295 (Azure DevOps Podcast) - Aspire, aspire, aspire, you will learn all about Aspire in this episode.

~frank

Reading Notes #606

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

You also read something you liked? Share it!

Cloud

Azure Developer CLI (azd) – Build 2024 Recap (Grace Kulin) - All developers should look at how it can really speedup and simplify your Azure deployment and ease the creation of your infrastructure as code file (bicep and terraform).

Programming

Catch Up on Microsoft Build 2024: Essential Sessions for .NET Developers (James Montemagno) - Perfect for . NET developers who would like to know what's new and what's coming

Avoiding interactivity with Blazor? (Jon Hilton) - Nice post that examines how some fancy checkbox or button interactivity works in Blazor.

Must-have resources for new .NET Aspire developers (Anthony Simmon) - This post contains a list of other posts and videos about aspired really interesting if you want to get started.

Microsoft Dev Box introduces new ready-to-code and enterprise management capabilities - Wonderful powerful device where and when you need it. This post shares the most recent new features.

Developing cloud-native apps with .NET Aspire and Visual Studio (Mark Downie) - Nice post that celebrates the general availability of .NET Aspire and shares many advantages of using it with Visual Studio.

It turns out, it's not difficult to remove all passwords from our Docker Compose files (Frank Boucher) - We all did it. Hardcoding password in code, because it's "just" a quick thing, or it's just for us, and we think it's okay... but is it? This post shares my learning while removing passwords from docker-compose file.

AI

Announcing the AI Toolkit for Visual Studio Code (John Lam) - Nice! The favorite editor of so many now have an AI extension! I missed the Microsoft Build sessions with the demos. Lucky me they are available on demand!

~frank

It turns out, it's not difficult to remove all passwords from our Docker Compose files

I used to hardcode my password in my demos and code samples. I know it's not a good practice, but it's just for demo purposes, it cannot be that dramatic, right? I know there are proper ways to manage sensitive information, but this is only temporary! And it must be complicated to remove all the passwords from a deployment... It turns out, IT IS NOT difficult at all, and that will prevent serious threats.

In this post, I will share how to remove all passwords from a docker-compose file using environment variables. It's quick to setup and easy to remember. For production deployment, it's better to use secrets, because environment variables will be visible in logs. That said, for demos and debugging and testing, it's nice to see those values. The code will be available on GitHub. This deployment was used for my talks during Azure Developers .NET Days: Auto-Generate and Host Data API Builder on Azure Static Web Apps and The most minimal API code of all... none

The Before Picture

For this deployment, I used a docker-compose file to deploy an SQL Server in a first container and Data API Builder (DAB) in a second one. When the database container starts, I run a script to create the database tables and populate them.

services:

  dab:
    image: "mcr.microsoft.com/azure-databases/data-api-builder:latest"
    container_name: trekapi
    restart: on-failure
    volumes:
      - "./startrek.json:/App/dab-config.json"
    ports:
      - "5000:5000"
    depends_on:
      - sqlDatabase

  sqlDatabase:
    image: mcr.microsoft.com/mssql/server
    container_name: trekdb
    hostname: sqltrek
    environment:
      ACCEPT_EULA: "Y"
      MSSQL_SA_PASSWORD: "1rootP@ssword"
    ports:
      - "1433:1433"
    volumes:
      - ./startrek.sql:/startrek.sql
    entrypoint:
      - /bin/bash
      - -c
      - |
        /opt/mssql/bin/sqlservr & sleep 30
        /opt/mssql-tools/bin/sqlcmd -U sa -P "1rootP@ssword" -d master -i /startrek.sql
        sleep infinity

As we can see, the password is in clear text twice, in the configuration of the database container and in the parameter for sqlcmd when populating the database. Same thing for the DAB configuration file. Here the data-source node where the password is in clear text in the connection string.

"data-source": {
 	"database-type": "mssql",
	"connection-string": "Server=localhost;Database=trek;User ID=sa;Password=myPassword!;",
	"options": {
		"set-session-context": false
	}
}

First Pass: Environment Variables

The easiest password instance to remove was in the sqlcmd command. When defining the container, an environment variable was used... Why not use it! To refer to an environment variable in a docker-compose file, you use the syntax $$VAR_NAME. I used the name of the environment variable MSSQL_SA_PASSWORD to replace the hardcoded password.

/opt/mssql-tools/bin/sqlcmd -U sa -P $$MSSQL_SA_PASSWORD -d master -i /startrek.sql

Second Pass: .env File

That's great but the value is still hardcoded when we assign the environment variable. Here comes the environment file. They are text files that holds the values in key-value paired style. The file is not committed to the repository, and it's used to store sensitive information. The file is read by the docker-compose and the values are injected. Here is the final docker-compose file:

services:

  dab:
    image: "mcr.microsoft.com/azure-databases/data-api-builder:latest"
    container_name: trekapi
    restart: on-failure
    env_file:
      - .env
    environment:
      MY_CONN_STRING: "Server=host.docker.internal;Initial Catalog=trek;User ID=sa;Password=${SA_PWD};TrustServerCertificate=True"
    volumes:
      - "./startrek.json:/App/dab-config.json"
    ports:
      - "5000:5000"
    depends_on:
      - sqlDatabase

  sqlDatabase:
    image: mcr.microsoft.com/mssql/server
    container_name: trekdb
    hostname: sqltrek
    environment:
      ACCEPT_EULA: "Y"
      MSSQL_SA_PASSWORD: ${SA_PWD}
    env_file:
      - .env
    ports:
      - "1433:1433"
    volumes:
      - ./startrek.sql:/startrek.sql
    entrypoint:
      - /bin/bash
      - -c
      - |
        /opt/mssql/bin/sqlservr & sleep 30
        /opt/mssql-tools/bin/sqlcmd -U sa -P $$MSSQL_SA_PASSWORD -d master -i /startrek.sql
        sleep infinity

Note the env_file directive in the services definition. The file .env is the name of the file used. The ${SA_PWD} tells docker compose to look for SA_PWD in the .env file. Here is what the file looks like:

SA_PWD=This!s@very$trongP@ssw0rd

Conclusion

Simple and quick. There are no reasons to still have the password in clear text in the docker compose files anymore. Even for a quick demo! Of course for a production deployment there are stronger ways to manage sensitive information, but for a demo it's perfect and it's secure.

During Microsoft Build Keynote on day 2, Julia Liuson and John Lambert talked about how trade actors are not only looking for the big fishes, but also looking at simple demos and old pieces of code, looking for passwords, keys and sensitive information.

Reading Notes #605

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week. 

You also read something you liked? Share it!

Cloud

• Logic App Consumption: How to set an API connection to use Logic Apps Managed Identity inside Visual Studio 2019 (Sandro Pereira) - I love those true life story where the author shares how they solved a real-life problem.

• Use Azure DevOps Pipelines as a Serverless Compute Engine (Chris Pietschmann) - Do you know or use Azure DevOps Pipeline? They can read your code from most source repository and will execute tasks for you. Like CI-CD as explains in this post.

Programming

• Reimagining Pong Wars with C# and MVUX (Uno Team) - This is a very interesting post that details all the architecture and code of this game.

• How to Check Your Docker Installation: Docker Desktop vs. Docker Engine (Jay Schmidt) - A very instructive and useful post that list all details related to Docker Desktop and Docker Engine for Mac, Linux, and Windows platform.

• Empowering Developers at Microsoft Build: Docker Unveils Integrations and Sessions (Vanessa Fournier) - Nice post. You should definitely watched the Build session where they show how to target multiple platforms, and many new features

• Docker Compose Profiles, one the most useful and underrated features (Oskar Dudycz) - Woah! For now on, I shall have a profile in all my docker compose file. We'll probably not all, but I'm definitely using them. This post is the perfect place to get started and understand what are profile and how to use it.

• General Availability of .NET Aspire: Simplifying .NET Cloud-Native Development (Damian Edwards) - Fantastic news! It an amazing tools that simplify local development and give us the opportunity to see what is happening.

• 5 easy tips to improve your personal website performance ( Salma Alam-Naylor) - I accept the challenge, I will review my websites to see how I can improve the performance. Interesting post that shares many great ideas.

AI

• A Quick Guide to Containerizing Llamafile with Docker for AI Applications (Sophia Parafina, Marc Sherwood) - Great post tht goes over how to put our favorite AI model in a container to work locally.

~Frank

Reading Notes #604

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week. 

You also read something you liked? Share it!

 

Cloud

• Azure Communication Services May 2024 Feature Updates (Daysha Carter) - Wow many great new features in this update.

• Logic App Consumption: How to set an API connection to use Logic Apps Managed Identity inside Visual Studio 2019 – SANDRO PEREIRA BIZTALK BLOG (Sandro Pereira) - I love those true life story where the author shares how they solved a real-life problems.

Programming

• Blazor Basics: 9 Best Practices for Building Blazor Web Apps (Claudio Bernasconi) - This post shares best practices. They are simple to follow but very impactful.

• Performant, Secure, and Versatile Containers (Savannah Ostrowski,Sohan Maheshwar) - Cool! It's time to try it, only one switch to flip..

• An introduction to primary constructors in C#12 (Andrew Lock) - Wow! This post dig into what can and cannot do the new constructors in C#. Example by example trying more complex scenarios, fascinating!

DevOps

• Use Azure DevOps Pipelines as a Serverless Compute Engine (Chris Pietschmann) - Do you know or use Azure DevOps Pipeline? They can read your code from most source repository and will execute tasks for you. Like CI-CD as explains in this post.

Miscellaneous

• Introducing Plans on Microsoft Learn (Kaberi Bell) - Would it be to be a data engineer, AI specialist, app builder there's a plan for you and that's a very cool new feature on learn have a look this blog post explain all of it

• How Do You Measure Developer Experience? (Jennifer Riggins) - An interesting article about what and how measure performance. I didn't know so many system and details concepts were that detailed.

• Windows Terminal Preview 1.21 Release (Christopher Nguyen) - Tons of new features again and I love| seeing all those community contributions.

~Frank

Reading Notes #603

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Having interesting content? Share it!

Cloud

• Logic App Consumption: How to set an API connection to use Logic Apps Managed Identity inside Visual Studio 2019 (Sandro Pereira) - I love those true life story where the author shares how they solved a real life problem.

• Using keyless authentication with Azure OpenAI (Pamela Fox) - Great post to improve the security and best practices in our code.

Programming

• Refactor your code with C# collection expressions (David Pine) - Nice post about best practices but also to really understand how things works.

• Secure your container build and publish with .NET 8 (Richard Lander) - Nice post that shows that it's easier than you probably think to improve the security in your containers.

• 🚨 7 Most Common Mistakes in C# Programming 🙅‍♂️ (Konstantin Fedorov) - Good tips to keep our code efficient and stable.

Podcasts

• Glenn Condron: .NET Web Development - Episode 293 (Azure DevOps Podcast) - Nice episode about evolution of .NET, it's open source side today, Azure Developer CLI, the new Aspire and so much more.
• Think Faster, Talk Smarter with Matt Abrahams (Modern Mentor) - Interesting episode about how to become a better communicators in both formal and informal situations. Matt is the author a book on that topic.
• Portainer for Kubernetes, Docker, Swarm, Edge, and IoT (DevOps and Docker Talk: Cloud Native Interviews and Tooling) - Great episode about Portainer a tool that most (if not all) of us should use.

Miscellaneous

• DevOps Adoption for IT Managers (Chris Pietschmann) - Interesting post that shares the benefits of DevOps for your enterprise and how to approach it as a manager.

• Cascadia Code 2404.23 (Christopher Nguyen) - I used to do ASCII art back on my C=64... Now that all those new fonts and symbols are added should I start again? Nice to have all the options available to be able to display everything we need|the console.

~Frank

Reading Notes #602

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Having interesting content? Share it!

Cloud

• Azure SDK Release (April 2024) (Hector Norzagaray) - Lots of SDKs updates for many different languages and services.

Programming

• .NET Aspire preview 6 - .NET Aspire - The more a play with Aspire the more I like it. .NET developers you must give it a try.

• How to upload a file with Blazor SSR in .NET 8? - (Jon Hilton) A nice quick tutorial with all the code snippets we need.

• What's new for the Microsoft Fluent UI Blazor library 4.7 - (Vincent Baaij) A lots o new features and improvements in this release.

• Why don’t we talk about minifying CSS anymore? - (Salma Alam-Naylor) An interesting post. I didn't think about it but it's true, we used to talk way more about minification...

• Minimal APIs Nuget Packages - (Shawn Wildermuth) Same great tools but new names to make it easier to remember and more of the same family.

AI

• #SemanticKernel: Local LLMs Unleashed on #RaspberryPi 5 - (Bruno Capuano) This is the perfect tutorial to get started with local AI. No powerful computer required.

~Frank

Reading Notes #601

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Having interesting content? Share it! 

Suggestion of the week

• Announcing: Azure Developers (Mehul Harry) - Looking forward to this event. I have the pleasure to present a session with Jerry Nixon about Data API Builder. Join us!

Cloud

• Demystifying Azure CLI pagnination (Jeremy Li) - That's great! It's so sad when all the information is "throw" on us without any control and it's on us to find our "needle" we are looking for in those screens full of line. This will definitely helps.

Programming

• Blazor Basics: Localization Using Resource Files (Claudio Bernasconi) - A nice and complete tutorial.

• What's new for .NET in Ubuntu 24.04 - .NET Blog (Richard Lander) - This is a good news! Definitely going in the right direction.

• Minimal APIs Nuget Packages (Shawn Wildermuth) - Same great tools but new names to make it easier to remember and more of the same family.

• Useful features in Entity Framework Core 8 for your application (Dennis Frühauff) - A great post with detailed explanation and code samples that covers the major new feature and enhancements of EF8.

• Better Minimal APIs Endpoint Organization With Carter in ASP.NET Core (Ivan Gechev) - Carter looks like a very useful library definitely something to explore a bit more.

• Warp’s Team plan for developer productivity is available today (Melanie Crissey) - I started using this terminal a few weeks ago on a personal device. It's interesting to see all the different options an the possibilities for teams.

Open Source

• Open sourcing MS-DOS 4.0 - Microsoft Open Source Blog (Scott Hanselman, Jeff Wilcox) - That a cool news! I'm curious what people will do with it, what kind of experiments they will try.

~ Frank

Reading Notes #600

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Having interesting content? Share it! 

by: Microsoft Designer

Suggestion of the week

• Streamline your container build and publish with .NET 8 - .NET Blog (Richard Lander) - As containers takes more and more space in our development life, it's great to see the tools evolving too. This post is a must for all .Net developers.

Cloud

• Announcing a new login experience with Azure PowerShell and Azure CLI (Damien Caro) - This is a great news. Have a look before you update.

Programming

• Build & test resilient apps in .NET with Dev Proxy - .NET Blog (Waldek Mastykarz) - Every web developers needs that tool. Dev Proxy is just pure gold.

• C#: What is the difference between 'string' and System.String? (Chris Pietschmann) - Memory check passed .... Did you knew?

• Blazor Basics: Handling Images Dynamically (Claudio Bernasconi) - A nice simple tutorial playing with images within Blazor.

Miscellaneous

• What is an RDP Browser? (And How To Get One) (Peter) - A great alternative when you want to test on different browser or version of a browser, for gaming, And also for cyber security when investigating.

~Frank