Coaching sessions: here’s what I talk about with junior developers

The company where I have the pleasure to work at, has been getting an influx of eager junior developers, where most of them are straight out of school. As they are navigating into the big enterprise world (or getting a taste of it), their anxiousness rises due to all sort of questions about their career and where they see themselves in the near future. I’m often asked my opinion on what they should do and if I have tips and tricks for them to grow into their career. One developer actually told me she tried to google about this topic while interviewing for jobs. I figured it would not be a shabby idea to share them with the world. Some…

January 31, 2021 | by Dominique St-Amand | 2 Comments

Azure, C#, DevOps, Docker

Integration tests using Azure Storage emulator and .NET Core in Azure DevOps

I had a friend contact me about a situation that he was trying to do and I was about to have the same situation myself so I decided to tackle it. That situation is that we both need to test our code, but our code is dependent on Azure Storage. As you know, you can emulate Azure Storage on Windows using the (now deprecated) Azure Storage Emulator, or using Azurite. Since my code is built and tested on linux, I decided on using Azurite. Azurite v3 runs in a container. Azurite v2 runs using node.js but the container is not officially available. You need to build the image yourself. Azurite v2 is necessary if you need to have access to…

January 8, 2021 | by Dominique St-Amand | 1 Comment

PowerShell, Server administration

Creating a PowerShell DSC extension for your custom tasks

Following my post on automating your mundane Azure Virtual Machine Windows provisioning tasks with PowerShell DSC, it may happen that you have custom tasks that you want to do that that are not already available on PowerShell gallery. You may also have custom complex logic that you want to reuse across many different DSC scripts that you would like to centralize. This is where extensions come into play. It allows you to create custom resource operations that you can use within your nodes provisioning. There are a few ways to create extensions: Using MOF-based resources in PowerShell Using Class-based resources in PowerShell Using Composite resources in PowerShell Using MOF-based resources in C# Using the Resource Designer Tool Today, I will…

December 2, 2020 | by Dominique St-Amand | 2 Comments

Azure, Server administration

Automating your mundane Azure Virtual Machine Windows provisioning tasks with PowerShell DSC

I’ve been working in various projects and helping different people with their tasks when it comes to provisioning their Azure Windows Servers or Windows 10 virtual machines. One thing that I realized, is how much time is spent post provisioning for repetitive tasks that could be done through automation. I can say that I am proud of the fact that, after discussing with me, they all start embracing Infrastructure As Code (IaC) through ARM. Well most of them that is hahaha! Side note, if you are doing ARM, checkout Bicep; this will save you so much time in writing your ARM templates and there’s great linting and code completion when used in Visual Studio Code with the extension! But what…

November 27, 2020 | by Dominique St-Amand | 1 Comment

How-to: Push an image from docker registry to Azure Container Registry

With the Docker registry download limits, one way to circumvent those limits is to use your own registry, such as Azure Container Registry or for short ACR. This post will show you how to save an image from a Docker registry to an Azure Container Registry. How-To 1. Login to Azure Container Registry Pre-requirements: have az cli installed To login to ACR, in a command shell, type az acr login 2. Pull the image from Docker registry In my case I wanted to push the image mcr.microsoft.com/azure-storage/azurite to my ACR.

docker pull mcr.microsoft.com/azure-storage/azurite:latest

1	docker pull mcr.microsoft.com/azure-storage/azurite:latest

3. Tag the image To upload to ACR, you need to tag the image with the proper tag: name.azurecr.io/repostority/imagename:tag

docker tag mcr.microsoft.com/azure-storage/azurite <name>.azurecr.io/azure-storage/azurite

1	docker tag mcr.microsoft.com/azure-storage/azurite <name>.azurecr.io/azure-storage/azurite

Latest can be daunting. So I also tagged the image…

November 20, 2020 | by Dominique St-Amand | 1 Comment

Azure, C#, Microsoft365

Connecting to SharePoint Online using an Azure AD Service Principle (Application) and CSOM

Microsoft is giving us a push to use Microsoft Graph as an alternative to using SharePoint CSOM. Unfortunately, not everything is available in Microsoft Graph. When you are automating, you want to use a service account that has no user identity (delegation) in it and can be autonomous. However, the only way right now to get an application token that can be used to consume the SharePoint Online CSOM, is to authenticate your application using an authentication certificate. This post continues on the SPOAuthentication code, as discussed in my other post. We will make use of the KeyVault to store the authentication certificate and then add it to the application as a key credential used for authentication. KeyVault and Application…

November 17, 2020 | by Dominique St-Amand | 1 Comment

Azure, C#, Microsoft365

Connecting to SharePoint Online CSOM using a non-interactive, headless application, through user delegation

It may happen to you that you need to run a process which has no user interaction for automation purposes. This may be a console application or an Azure Function that has a timer trigger. How is it possible to call the CSOM (client side object model) API of SharePoint online in such fashion? Usually people authenticate in other ways. Today, I want to show you how this can be done, using a .NET Core console application. Preface Before getting cracking with the code, I want to brush on the the On-Behalf-Flow, as it is important to understand it to understand why the code does certain things. The OAuth 2.0 On-Behalf-Of flow (OBO) serves the use case where an application…

November 15, 2020 | by Dominique St-Amand | 1 Comment

Migrating to the new C# Azure KeyVault SDK Libraries

You may be familiar with the Microsoft.Azure.KeyVault SDK. This SDK is being retired in favor of 3 new SDKs: Azure.Security.KeyVault.Keys Azure.Security.KeyVault.Secrets Azure.Security.KeyVault.Certificates As you can see, the Microsoft Azure SDK team split the KeyVault functionality in 3 distinct SDKs. All those SDKs are unified with the Azure.Identity SDK to manage authentication. Let’s deep dive a little bit into those SDKs. I wanted to brush up on those, as usually what people do, when they have the KeyVault setup in their application, they tend to forget about it. If you want to migrate to the new SDKs (or you’re looking to consume the KeyVault through code), this post can be of interest to you. Azure.Identity SDK The Azure Identity library is…

November 12, 2020 | by Dominique St-Amand | 2 Comments

C# ways of handling when being throttled by an API

I’ve been building a service application that is responsible to grab data from a REST API. The API has mechanisms in place to reduce abuse and make sure that everyone can consume its service in a fair way. That being said, this means that sometimes you may need to do a lot of requests to extract the data you need. If you get throttled, that is being told that you are sending too many requests and get served with a “temporary” ban, you will need to way and retry. You know it is a “temporary” ban so why would you send back an error (exception) to your client when it’s something you can possibly handle yourself. How can you deal…

November 9, 2020 | by Dominique St-Amand | 1 Comment

Controlling the hostname with a WebApp when fronted by Application Gateway

I wanted to demystify the hostname that is used within an ASP.NET core application when the application is hosted in a WebApp and fronted by an Application Gateway. I have been getting a few questions about it and I believe it can help. It happens to many that when they configure such setup, and have redirects triggered within the application, they get presented with the application.azurewebsites.net hostname instead of the hostname by which they actually accessed the application. They then ask themselves: what happened? I accessed my application through application.mydomain.com. How come I am presented with the azurewebsites.net hostname? Let’s dissect 2 ways by which this can be mitigated and have, when the application triggers redirects within itself, the proper hostname that…

November 5, 2020 | by Dominique St-Amand | 3 Comments

Managing multiple SSH keys for authentication to GitHub on Windows 10

Where I currently work, we have the opportunity to use our own personal computers to work. This means I’m able to use my own super computer. The company hosts their code on GitHub. In order to not mix my personal GitHub account and my work account, I created a new GitHub account for my work. GitHub has a limitation that it cannot use the same public key for 2 different accounts. As such, I created a new pair of keys to authenticate

ssh-keygen -t rsa -m pem -f ~\.ssh\id_work_rsa

1	ssh-keygen -t rsa -m pem -f ~\.ssh\id_work_rsa

The idea now is that I want to be able to use both keys and both accounts simultaneously. I want to also not have to enter my ssh key pass every time I do an operation. You…

November 2, 2020 | by Dominique St-Amand | 1 Comment

Automating Azure Site Recovery VMs with ARM and some magic

Actually, I got you there’s no magic, well, slightly. We will be using some intuitive way to wrap the whole thing. Now that I got your attention, let’s talk about Azure Site Recovery, or for short ASR. As you are building your solution, you will want to automate the recovery process of your Virtual Machines so you have some piece of mind when it comes to your Disaster Recovery process. In this post, I will talk about specifically about Azure Site Recovery for Azure to Azure recovery. Quick intro Azure Site Recovery is a product in the Azure family to help ensure one can attain his business continuity and disaster recovery (BCDR) strategy. Site Recovery works by replicating your disks…

October 28, 2020 | by Dominique St-Amand | Leave a comment

ASP.NET Core, C#, WebApi

Securing ASP.NET Core WebApi with an API Key

I read the article from Aram Tchekrekjian, which he goes in great length about techniques to secure a Web API, that is, using a Middleware and using an attribute that uses the IAsyncActionFilter. I would like to add another technique to this list using also an attribute, but one that uses the IAsyncAuthorizationFilter instead. This filter is called earlier in the chain of filters and can stop early a bad request using an invalid API Key. To learn more about filters, check out the documentation. I will use the starter ASP.NET Core 3 API template that comes with dotnet. You can create it through Visual Studio or using the command line dotnet new webapi <ProjectName>. In my scenario, I will use a combination…

September 13, 2020 | by Dominique St-Amand | 1 Comment

Configuring X509 and Azure AD authentication in the Kubernetes cluster

I am continuing my quest to configure my homelab’s Kubernetes cluster. As for now I’ve done: Setup the cluster using vSphere/vCenter Configuring HAProxy as the load balancer for the masters Today, I want to configure authentication so that I can login to the cluster from my computer and not from one of the masters directly. There are plenty of authentication mechanisms in Kubernetes, but I want 2 focus on 2 techniques that are discussed in the documentation: x509 client certificates and OpenId Connect. For the OpenId Connect provider, I will use Azure Active Directory. Authentication using X509 client certificates The documentation describes pretty well how to create a certificate for a normal user. First, I need to generate a private/public…

September 10, 2020 | by Dominique St-Amand | Leave a comment

Server administration

Adding HAProxy as load balancer to the Kubernetes cluster

As I mentioned in my Kubernetes homelab setup post, I initially setup Kemp Free load balancer as an easy quick solution.While Kemp did me good, I’ve had experience playing with HAProxy and figured it could be a good alternative to the extensive options Kemp offers. It could also be a good start if I wanted to have HAProxy as an ingress in my cluster at some point. There’s a few things here we need in order to make this work: 1 – Make HAProxy load balance on 6443 2- Make HAProxy health check our nodes on the /healthz path Configuring HAProxy Since I’m using debian 10 (buster), I will install HAProxy using apt install haproxy -y Next step is to configure HAProxy. Its…

September 8, 2020 | by Dominique St-Amand | Leave a comment

About me

I'm a Canadian Software Developer and Architect that is programming his life away while still maintaining a healthy lifestyle with a passion for fitness. The world of 0's and 1's got injected into my DNA at an early age, which made me turn a passion into a job.
Follow
Categories
- Angular (4)
- ASP.NET Core (2)
- Azure (32)
- AzureFunctions (3)
- C# (25)
- Continuous Integration (3)
- Database (1)
- Debugging (2)
- Development (6)
- DevOps (6)
- Docker (7)
- Documentation (1)
- Identity Provider (1)
- Kubernetes (2)
- Microsoft365 (2)
- Personal (3)
- PowerShell (3)
- React (1)
- Server administration (6)
- Software Architecture (2)
- SQL Server (1)
- Team Services (1)
- Tools (8)
- Visual Studio (5)
- VMware (1)
- Web (13)
- WebApi (7)
Tags

.net .net core angular angular2 application gateway arm asp.net authentication azure azure-functions azure active directory azuread azure devops c# containers csom debugging docker dotnet-standard2 git github identity3 identityserver iis keyvault kubernetes linux node npm octopusdeploy packer powershell dsc react scaleset software tests tomcat totp two-factor vmss vmss-extensions vsts webapi webapps windows

About me

I'm a Canadian Software Developer and Architect that is programming his life away while still maintaining a healthy lifestyle with a passion for fitness. The world of 0's and 1's got injected into my DNA at an early age, which made me turn a passion into a job.
Tags

.net .net core angular angular2 application gateway arm asp.net authentication azure azure-functions azure active directory azuread azure devops c# containers csom debugging docker dotnet-standard2 git github identity3 identityserver iis keyvault kubernetes linux node npm octopusdeploy packer powershell dsc react scaleset software tests tomcat totp two-factor vmss vmss-extensions vsts webapi webapps windows