Reading Notes #606

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

You also read something you liked? Share it!

Cloud

Azure Developer CLI (azd) – Build 2024 Recap (Grace Kulin) - All developers should look at how it can really speedup and simplify your Azure deployment and ease the creation of your infrastructure as code file (bicep and terraform).

Programming

Catch Up on Microsoft Build 2024: Essential Sessions for .NET Developers (James Montemagno) - Perfect for . NET developers who would like to know what's new and what's coming

Avoiding interactivity with Blazor? (Jon Hilton) - Nice post that examines how some fancy checkbox or button interactivity works in Blazor.

Must-have resources for new .NET Aspire developers (Anthony Simmon) - This post contains a list of other posts and videos about aspired really interesting if you want to get started.

Microsoft Dev Box introduces new ready-to-code and enterprise management capabilities - Wonderful powerful device where and when you need it. This post shares the most recent new features.

Developing cloud-native apps with .NET Aspire and Visual Studio (Mark Downie) - Nice post that celebrates the general availability of .NET Aspire and shares many advantages of using it with Visual Studio.

It turns out, it's not difficult to remove all passwords from our Docker Compose files (Frank Boucher) - We all did it. Hardcoding password in code, because it's "just" a quick thing, or it's just for us, and we think it's okay... but is it? This post shares my learning while removing passwords from docker-compose file.

AI

Announcing the AI Toolkit for Visual Studio Code (John Lam) - Nice! The favorite editor of so many now have an AI extension! I missed the Microsoft Build sessions with the demos. Lucky me they are available on demand!


~frank



It turns out, it's not difficult to remove all passwords from our Docker Compose files

I used to hardcode my password in my demos and code samples. I know it's not a good practice, but it's just for demo purposes, it cannot be that dramatic, right? I know there are proper ways to manage sensitive information, but this is only temporary! And it must be complicated to remove all the passwords from a deployment... It turns out, IT IS NOT difficult at all, and that will prevent serious threats.

In this post, I will share how to remove all passwords from a docker-compose file using environment variables. It's quick to setup and easy to remember. For production deployment, it's better to use secrets, because environment variables will be visible in logs. That said, for demos and debugging and testing, it's nice to see those values. The code will be available on GitHub. This deployment was used for my talks during Azure Developers .NET Days: Auto-Generate and Host Data API Builder on Azure Static Web Apps and The most minimal API code of all... none

The Before Picture

For this deployment, I used a docker-compose file to deploy an SQL Server in a first container and Data API Builder (DAB) in a second one. When the database container starts, I run a script to create the database tables and populate them.

services:

  dab:
    image: "mcr.microsoft.com/azure-databases/data-api-builder:latest"
    container_name: trekapi
    restart: on-failure
    volumes:
      - "./startrek.json:/App/dab-config.json"
    ports:
      - "5000:5000"
    depends_on:
      - sqlDatabase

  sqlDatabase:
    image: mcr.microsoft.com/mssql/server
    container_name: trekdb
    hostname: sqltrek
    environment:
      ACCEPT_EULA: "Y"
      MSSQL_SA_PASSWORD: "1rootP@ssword"
    ports:
      - "1433:1433"
    volumes:
      - ./startrek.sql:/startrek.sql
    entrypoint:
      - /bin/bash
      - -c
      - |
        /opt/mssql/bin/sqlservr & sleep 30
        /opt/mssql-tools/bin/sqlcmd -U sa -P "1rootP@ssword" -d master -i /startrek.sql
        sleep infinity

As we can see, the password is in clear text twice, in the configuration of the database container and in the parameter for sqlcmd when populating the database. Same thing for the DAB configuration file. Here the data-source node where the password is in clear text in the connection string.

"data-source": {
 	"database-type": "mssql",
	"connection-string": "Server=localhost;Database=trek;User ID=sa;Password=myPassword!;",
	"options": {
		"set-session-context": false
	}
}

First Pass: Environment Variables

The easiest password instance to remove was in the sqlcmd command. When defining the container, an environment variable was used... Why not use it! To refer to an environment variable in a docker-compose file, you use the syntax $$VAR_NAME. I used the name of the environment variable MSSQL_SA_PASSWORD to replace the hardcoded password.

/opt/mssql-tools/bin/sqlcmd -U sa -P $$MSSQL_SA_PASSWORD -d master -i /startrek.sql

Second Pass: .env File

That's great but the value is still hardcoded when we assign the environment variable. Here comes the environment file. They are text files that holds the values in key-value paired style. The file is not committed to the repository, and it's used to store sensitive information. The file is read by the docker-compose and the values are injected. Here is the final docker-compose file:

services:

  dab:
    image: "mcr.microsoft.com/azure-databases/data-api-builder:latest"
    container_name: trekapi
    restart: on-failure
    env_file:
      - .env
    environment:
      MY_CONN_STRING: "Server=host.docker.internal;Initial Catalog=trek;User ID=sa;Password=${SA_PWD};TrustServerCertificate=True"
    volumes:
      - "./startrek.json:/App/dab-config.json"
    ports:
      - "5000:5000"
    depends_on:
      - sqlDatabase

  sqlDatabase:
    image: mcr.microsoft.com/mssql/server
    container_name: trekdb
    hostname: sqltrek
    environment:
      ACCEPT_EULA: "Y"
      MSSQL_SA_PASSWORD: ${SA_PWD}
    env_file:
      - .env
    ports:
      - "1433:1433"
    volumes:
      - ./startrek.sql:/startrek.sql
    entrypoint:
      - /bin/bash
      - -c
      - |
        /opt/mssql/bin/sqlservr & sleep 30
        /opt/mssql-tools/bin/sqlcmd -U sa -P $$MSSQL_SA_PASSWORD -d master -i /startrek.sql
        sleep infinity

Note the env_file directive in the services definition. The file .env is the name of the file used. The ${SA_PWD} tells docker compose to look for SA_PWD in the .env file. Here is what the file looks like:

SA_PWD=This!s@very$trongP@ssw0rd

Conclusion

Simple and quick. There are no reasons to still have the password in clear text in the docker compose files anymore. Even for a quick demo! Of course for a production deployment there are stronger ways to manage sensitive information, but for a demo it's perfect and it's secure.

During Microsoft Build Keynote on day 2, Julia Liuson and John Lambert talked about how trade actors are not only looking for the big fishes, but also looking at simple demos and old pieces of code, looking for passwords, keys and sensitive information.

Reading Notes #605

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week. 

You also read something you liked? Share it!

Cloud

Programming

AI

~Frank

Reading Notes #604

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week. 


You also read something you liked? Share it!

 

Cloud

Programming

DevOps

Miscellaneous

  • Introducing Plans on Microsoft Learn (Kaberi Bell) - Would it be to be a data engineer, AI specialist, app builder there's a plan for you and that's a very cool new feature on learn have a look this blog post explain all of it

  • How Do You Measure Developer Experience? (Jennifer Riggins) - An interesting article about what and how measure performance. I didn't know so many system and details concepts were that detailed.

  • Windows Terminal Preview 1.21 Release (Christopher Nguyen) - Tons of new features again and I love| seeing all those community contributions.

~Frank

Reading Notes #603

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Having interesting content? Share it!

Cloud

Programming

Podcasts

Miscellaneous

  • DevOps Adoption for IT Managers (Chris Pietschmann) - Interesting post that shares the benefits of DevOps for your enterprise and how to approach it as a manager.

  • Cascadia Code 2404.23 (Christopher Nguyen) - I used to do ASCII art back on my C=64... Now that all those new fonts and symbols are added should I start again? Nice to have all the options available to be able to display everything we need|the console.

~Frank

Reading Notes #602

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.


Having interesting content? Share it!

Cloud

Programming

AI

~Frank

Reading Notes #601

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Having interesting content? Share it! 


Suggestion of the week

  • Announcing: Azure Developers (Mehul Harry) - Looking forward to this event. I have the pleasure to present a session with Jerry Nixon about Data API Builder. Join us!

Cloud

  • Demystifying Azure CLI pagnination (Jeremy Li) - That's great! It's so sad when all the information is "throw" on us without any control and it's on us to find our "needle" we are looking for in those screens full of line. This will definitely helps.

Programming

Open Source

~ Frank

Reading Notes #600

It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.

Having interesting content? Share it! 

a sign with 600 written in the middle of books
by: Microsoft Designer

Suggestion of the week


Cloud


Programming

Miscellaneous

~Frank

Reading Notes #599

It's reading notes time! It is a habit I started a long time ago, close to 600 weeks ago in fact, where I share a list of all the articles, blog posts, and books that catch my interest during the week. 

Having interesting content? Share it!

    

Cloud

Programming

Low Code

  • Testing Your Native AOT Applications - .NET Blog (Marco Rossignoli, Jakub JareÅ¡, Jakub Chocholowicz) - With code ahead-of-time (AOT) we still need tests but how to do it with that stripped version. of .NET? This short tutorial shows how.

Podcasts

Miscellaneous

  • How to automate tasks in Windows (David Nield) - Seeing things getting done by some automation you built is a nice feelingThis short post introduces 4 tools that will get you started with automation.
~Frank

How to Deploy a .NET isolated Azure Function using Zip Deploy in One-Click

In this post, I will share a few things that we need our attention when deploying a .NET isolated Azure Function from GitHub to Azure using the Zip Deploy method. This method is great for fast deployment and when your artefacts are zipped in a package.

Note The complete code for this post is available on GitHub


Understanding Zip Push/Zip Deploy

Zip Push allows us to deploy a compressed package, such as a zip file, directly to Azure. It could be part of a continuous integration and continuous deployment (CI-CD) or like in this example it could replace it. This approach is particularly useful when you want to ensure your artifacts remain unchanged across different environments or when aiming for the fastest deployment experience for users.

While CI-CD is excellent for keeping your code up-to-date, zip deployment offers the advantage of speed and consistency. It eliminates the need for compilation, leading to quicker uploads and deployments.


Preparing Your Package

It’s crucial to package with all necessary dependencies the code required. There is no operation to fetch any external packages during the deployment, the zip file will be decompressed and that's it. The best way to ensure you have everything you need is to publish your code, to a folder and then go in that folder and zip all the files.

dotnet publish -c Release -o ./out

Don't zip the folder, it won't work as expected.

Don't zip the publish folder it won't works

You need to go inside the folder and select all the files and zip them to create your deployment artefact.

From in the publish folder zip all files

The next step is to make your artefact available online. There are many ways, but for this post we are using GitHub Realease. From the GitHub repository, create a new release, upload the zipped file created earlier and publish it. Note the URL of zipped files from the release.


Preparing The ARM Template

For this one-click deployment, we need an Azure Resource Manager (ARM) template. This is a document that describes the resources that we want to deploy to Azure. To deploy the zipped file into the Azure Function there are two particularities that required our attention.

Here the sections of the template.

[...]
"resources": [
    {
        "apiVersion": "2022-03-01",
        "name": "[variables('funcAppName')]",
        "type": "Microsoft.Web/sites",
        "kind": "functionapp",
        "location": "[resourceGroup().location]",
        "properties": {
            "name": "[variables('funcAppName')]",
            "siteConfig": {
                "appSettings": [
                    {
                        "name": "FUNCTIONS_WORKER_RUNTIME",
                        "value": "dotnet-isolated"
                    },
                    {
                        "name": "WEBSITE_RUN_FROM_PACKAGE",
                        "value": "1"
                    },
                    [...]

Here we define an Windows Azure Function and the WEBSITE_RUN_FROM_PACKAGE needs to be set to 1. The WEBSITE_RUN_FROM_PACKAGE is the key that tells Azure to use the zip file as the deployment artefact.

Then to specify where the zip file is located we need to add an extension to the Azure Function.

    {
      "type": "Microsoft.Web/sites/extensions",
      "apiVersion": "2021-02-01",
      "name": "[format('{0}/ZipDeploy', variables('funcAppName'))]",
      "properties": {
        "packageUri": "https://github.com/FBoucher/ZipDeploy-AzFunc/releases/download/v1/ZipDeploy-package-v1.zip",
        "appOffline": true
      },
      "dependsOn": [
        "[concat('Microsoft.Web/sites/', variables('funcAppName'))]"
      ]
    }

The packageUri property is the URL of the zipped file from the GitHub release. Note the dependsOn property that ensures the Azure Function is created before the extension is added. The complete ARM template is available in the GitHub repository.


One-click Deployment

When you have your artefact and the ARM template uploaded to your GitHub repository, you can create a one-click deployment button. This button will take the user to the Azure portal and pre-fill the deployment form with the information from the ARM template. Here is an example of the button for markdown.

[![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FFBoucher%2FZipDeploy-AzFunc%2Fmain%2Fdeployment%2Fazuredeploy.json)

The has three parts, the first is the image that will be displayed on the button, the second is the link to the Azure portal and the third is the URL of the ARM template. The URL of the ARM template is the raw URL of the file in the GitHub repository, and it needs to be URL encoded. The URL encoding can be done using a tool like URL Encode/Decode.

Final Thoughts

Zip deployment is a powerful tool in your Azure arsenal by itself of part of a more complex CI-CD pipeline. It's a great way to make it easier for people to deploy your solution in their Azure subscription without having to clone/ fork the repository.


Video version

If you prefer, there is also have a video version of this post.

References

Reading Notes #598

It's reading notes time! It is a habit I started a long time ago, close to 600 weeks ago in fact, where I share a list of all the articles, blog posts, and books that catch my interest during the week. 

If you think you may have interesting content, share it!

Cloud

Programming

DevOps

Open Source

AI


~Frank

Reading Notes #597

It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week.

If you think you may have interesting content, share it!

Suggestion of the week

Cloud

Programming

Open Source

Miscellaneous

~frank

Reading Notes #596

It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week. 

If you think you may have interesting content, share it!

A woodpecker on a tree

Suggestion of the week

Cloud

Programming

AI

Miscellaneous

  • Homo sapiens 1.0 (Mark Downie) - Interesting reflection about how to determine what ready important when adding features in a product or services.

~Frank


Problem in my local paradise: Func CLI doesn't upgrade

Last Friday, I encountered an issue while trying to run my Azure Function locally using VS Code. Despite having installed the Azure Function extension and the Azure Functions Core Tools, I was unable to execute the func start command without encountering an error saying that no functions could be found. 

In this post, I will share the various troubleshooting steps I took, what didn’t work, and how I ultimately resolved the issue. Spoiler alert: everything is now working correctly.


The Problem

My Azure Function is a .NET 8 Isolated HTTP trigger. When I attempted to execute the func start command, it failed to find any functions. A quick look at the documentation, I discovered that version 4 of the Core Tools was required for type Isolated process. However, I had already installed version 4 via the update popup in VS Code.

VS Code tool update

Something was wrong. I tried func --version and it returned 3.x.xx, weird... And this is how I knew there was a problem.


Failed attempts

Following the Azure Functions Core Tools documentation I found that there were multiple methods to install the Core Tools. Because that laptop was on Windows 11, I started by downloading the func-cli-x64.msi installer and run it. It didn't work, the version 3 was still there.

I tried to install the Core Tools v4 using NPM: npm install -g azure-functions-core-tools@4. It didn't work.

I tried to uninstall the version 3 with npm uninstall -g azure-functions-core-tools. I tried using the command palette in VSCode

VS Code uninstall Core Tool

Still nothing was changing anything, the version 3 was still there.


The Solution

What works, was using Chocolatey command choco uninstall azure-functions-core-tools to uninstall the version 3. Some how, it must have been install at the different location or some "config" got lost at some point (it's a developer laptop after all), and the other methods (npm, msi, vscode) couldn't see that version 3 was installed.

After that, I installed the version 4 using NPM npm install -g azure-functions-core-tools@4. And it worked! The func --version returned 4.0.5571 and the func start command found my function.

I wrote this quick post hoping that it can help someone else, as I cannot be the only one with this problem.


~Frank

Reading Notes #595

It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week.

 
If you think you may have interesting content, share it!

Programming

AI

Databases

Miscellaneous

~Frank

Reading Notes #594

It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week.

If you think you may have interesting content, share it!

Cloud

Programming

AI

Databases

~Frank

Reading Notes #593

It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week.

If you think you may have interesting content, share it!

Cloud

Programming

Miscellaneous

~Frank

Reading Notes #592

It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, that catch my interest during the week. This week it's definitely more code focus.

If you think you may have interesting content, share it!

Cloud

Programming

~Frank

Reading Notes #591

It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week.

If you think you may have interesting content, share it!

Suggestion of the week

Cloud

Programming

~ Frank

Reading Notes #590

It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week.

If you think you may have interesting content, share it!

Cloud

Programming

Miscellaneous

  • Introducing Sudo for Windows! (Jordi Adoumie) - Wow! This is a really good new feature. How many time a forgot to start my terminal as admin and needed to starry over again...Looking forward to try it.
~Frank


Reading Notes #589

It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week.

If you think you may have interesting content, share it!

Cloud

Programming

  • Understanding C# 8 default interface methods (Andrew Lock) - Very clear post about the new feature available in interfaces, with great examples that make us understand why and when it is useful and how to implement it.

Open Source

Podcasts

~Frank

Reading Notes #588

It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week.

If you think you may have interesting content, share it!

Programming

~Frank

Reading Notes #587

It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week. 

 

If you think you may have interesting content, share it!

Cloud

Low Code

Programming

Miscellaneous

~Frank

Reading Notes #586

It is time to share new reading notes. It is a habit I started a long time ago where I share a list of all the articles, blog posts, and books that catch my interest during the week.


If you think you may have interesting content, share it!

Cloud

Programming

Podcasts

Miscellaneous


~Frank