The Art of Conversation

In the 1990’s when I did my bachelor in computer science, teachers told us that we would be replaced by 4GL languages. Languages in which end-users would describe how applications should work. At that time we laughed at them, saying we saw the exact opposite. Oh dear, we were right. Code became complexer, new concepts arrived on the horizon and software development matured. Fast forward to the 2020’s…

Over the last year, I’ve been giving a lot of GitHub Copilot training sessions world wide. Sessions in which I learned the attendees what GitHub Copilot could mean for them and how they could get the most out of it. In that time I noticed that I was particular a fan of GitHub Copilot chat. A Chat interface in which I could talk to my bestie, asking him all kinds of questions. My bestie would answer my questions as good as possible.

Quick tip: Get in control by using your GitHub context

GitHib actions and workflows are very powerful by nature. They help me to build and deploy my Azure environments, without having me to do all the tedious and errorprone work. I create a pull request, have it peer reviewed and once approved my environments are provisoned the way I envisioned it. This is also the case at my current assignment for a large organization. Last year the organization decided that a new change management system (which name I refuse to pronounce) should handle all changes. This means that every step in the process needs to be documented and approved conform ITIL processes.

Quick tip: Find permissions in RBAC roles easily

When building infrastructures in Azure, you sometimes come to a point in which you need to add an additional action to a RBAC role in order to access certain Azure resources. In our case we needed to add read permissions on the Front Door activity logs to an internal security administrator role. The way I used to do it, was browing MS-learn to can find a comprehensive list of built-in roles. For me this was a cumberstone process, until today. One of my co-workers - Martin Bouchery - showed me an easy trick to find all RBAC roles in Azure that have a specific action tied to its profile. A walk through…

Where is that documentation? A tale on setting up diagnostic settings...

I’m a big fan of Azure and building infrastructure on it using IaC (Infrastructure as Code) and deploy it through pipelines (Azure DevOps) or workflows (Github). The last two years, I primarily used Bicep to build the infrastructure. This is often a very satisfying experience but in some cases it can be quite frustrating. Frustrating because I can’t find the information that I need in the MS Learn documentation at the location where I would expect it to be.

A nightmare on FrontDoor in Bicep...

For some reason I seem to attract the most exotic scenarios when it comes to building Infrastructure as Code (IaC). This time it was no different. For a client I’m working on building an environment in which disaster recovery is a top priority. Besides being zone redundant, the client requires region redundancy as well, in case a complete Azure region gets wiped out by a disaster or a combination of disasters… My imagination gets triggered and I envision all kinds of apocalyptic movie scenarios.

Note to self: fix invalid GitHub credentials in VSCode

From time to time I start working on projects for new customers. As soon as I start I receive an invitation from Github to join the customer’s Github organization. Most of the organization have a SAML based single sign on (SSO). After joining the organization using my personal Github account, I’m able to work on the repositories on which I have access. So far so good…

Then the moment comes that I need to clone the repository, which can be a hassle from time-to-time. Normally I clone the repository using VSCode. After cloning the repository, I start working by adding my own features.

GHAS - How to use CodeQL custom queries?

Over the last two years, I have seen a growing awareness when it comes to zero trust computing. When organizations look at zero trust computing, the first thing that comes into mind is getting the infrastructure secure. Assuming breach, ensuring that there are multiple layers of security applied. As an engineer I love seeing this growing awareness. What a lot of organizations seem to forget is that perhaps the most important part of securing its data starts with analyzing the source code of its proprietary software.