CLEANING UP SECRETS IN AZURE DEVOPS AND GITHUB REPOSITORIES WITH BFG REPO-CLEANER

Why should you care about secrets management? I’ve committed a secret - now what? Cleaning up secrets in Azure DevOps and GitHub repos (or any other Git repo) with BFG Repo-Cleaner Step-by-step walkthrough Final note on permissions in Azure DevOps repos Additional resources Why should you care about secrets management?

Read more

POWER OF --QUERY IN AZURE CLI

Have you ever heard of or used query parameter when running Azure CLI commands? If not, I do recommend you checking it out because this is a pretty powerful parameter that can help you with much faster and efficient data retrieval and filtering! Let’s use DNS records retrieval as an example: I need to update DNS records pointing to a specific IP, f.

Read more

HOW TO UPGRADE NGINX INGRESS CONTROLLER WITH ZERO DOWNTIME IN PRODUCTION

Introduction to the needs for upgrading Ingress Controller Walkthrough of the process for upgrading NGINX Ingress Controller with zero downtime Preparations Create temporary Ingress Controller Re-route traffic to temporary Ingress Controller Upgrade original Ingress Controller and re-route traffic from temporary IC Final test and cleanup Additional resources Introduction to the needs for upgrading Ingress Controller In some scenarios you may need to perform maintenance work on the Ingress Controller which can potentially result in downtime - in my case the time has come to move away from NGINX Ingress Controller for Kubernetes Helm chart located in stable repo and fully embrace the new Helm chart located in ingress-nginx repository.

Read more

HOW TO INCLUDE NEW KUBERNETES RESOURCE INTO EXISTING HELM RELEASE

What is Helm? How to let existing Helm release β€œadopt” a new Kubernetes resource and why it’s important? Additional resources Helm is extremely useful and efficient when it comes to distributing, installing and upgrading applications hosted in Kubernetes. But sometimes you may have a need to patch an existing release and there is a quick way to do that which I would like to share with you today.

Read more

USING KUBERNETES SERVICE FOR PROXYING TO EXTERNAL SERVICES

Why would proxying to external services from Kubernetes cluster be relevant? What is a Kubernetes Service and what kinds of Kubernetes Service can be created? Endpoint vs. EndpointSlice Implementation description and preparation Proxy to external services with Service without Selectors Proxy to external services with ExternalName Service Additional resources So, recently I’ve faced a scenario where I got a chance to dig more into different Kubernetes Service types and experiment with those.

Read more

HOW TO PERFORM STATIC CODE ANALYSIS OF .NET CODE WITH SECURITY CODE SCAN

What is static code analysis and why do I need it? How to install and use Security Code Scan tool? Installation in CI/CD pipeline Local installation How to view and read result report? Additional resources What is static code analysis and why do I need it?

Read more

COULD NOT LOAD FILE OR ASSEMBLY...OH MY! HOW I WENT THROUGH FIVE STAGES OF GRIEF AND MASTERED ASSEMBLY VERSION CONFLICT DEBUGGING WITH .NET CLI, ILSPY AND FUSION LOG

Why is dll hell created in the first place? Tools that helped me survive The Hell of DLL Fusion Log ILSpy dotnet list package –include-transitive How to resolve assembly version conflicts To sign or not to sign - the future of strong-named assemblies If you’re a .

Read more

HOW TO DISTRIBUTE CONSOLE APPLICATIONS EASILY WITH .NET TOOLS

What is a .NET Tool and how do I create one? How to install, use and uninstall a .NET Tool? Additional resources There are probably no developers out there (or at least very few) who have never created a console application - use cases where such apps are a first choice are hundreds, if not thousands.

Read more

SECURITY SCANNING OF THIRD-PARTY DEPENDENCIES WITH OWASP DEPENDENCY CHECK

Why should you care about security of third-party dependencies What is OWASP Dependency Check (ODC) Adding OWASP Dependency Check to build pipeline How to analyze and fix build errors triggered by OWASP Dependency Check Why should you care about security of third-party dependencies No matter how small the application you’re developing is, at some point you’ll end up using code that has been developed by someone else, i.

Read more

HOW TO CREATE NEW MICROSERVICES EASILY WITH DOTNET CUSTOM TEMPLATES

What is a dotnet template though? How to create a custom dotnet template? How do I transform a microservice template to a dotnet template? How do I test the dotnet template and verify that it performs as expected? Testing single template Testing template collection How do I pack and make template collection NuGet package available for others?

Read more