Category

Azure

Azure, Development, Web, WebApi

Load testing your applications using Azure Load Testing, JMeter and GitHub Actions

I’ve been working with more customers that are starting to take testing (unit, integration, end to end and load testing) more seriously. You may ask, “Dom, really? I thought testing was trivial”. Unfortunately not. As we’re entering an era where businesses are producing software like never before, relatively speaking, these businesses are not software companies. They are seeking to prioritize the speedy creation of business value while disregarding the importance of testing. Development teams, most often than not, are under pressure when the applications they develop do not perform the way they intended it to work, after being released. Testing is not engrained within their DNA. If it would have been, the extra stress and anxiety associated with debugging the…

Read more
June 7, 2023 | by Dominique St-Amand | Leave a comment
Azure, AzureFunctions, C#

Deploying EOL .NET Core to Azure App Services

As you all know, .NET Core 3.1 is now out of support since December 13 2022. If you follow me on my social media, I reminded my followers about this a little over a month ago. Unfortunately, some of the customers my colleagues and I deal with, have yet to migrate, and were caught by surprise at the last minute. I am and have been advising my customers to plan some time to migrate to .NET 6 (which is LTS), however, the time and priorities issue always come back. Fortunately, there are 2 solutions that you can put in place today to be able to continue deploying EOL .NET core versions. Solution 1: Deploying the application using the self-contained method…

Read more
December 16, 2022 | by Dominique St-Amand | 2 Comments
Azure

Removing user consent from an Azure AD application

I’ve been working with my team on refactoring the authentication process that has been put in place in the application I am working on. One of the requirements was that we wanted to test out what happens when the user sees the user consentement (that is that the user consents the application to access data on its behalf), but also, when we do not see the user consentement. To my demise, finding out what has been granted and what has not, is not user friendly in the Azure portal. For my own sake, and perhaps yours, I will try to demystify the where and the how. Finding out the grants To find out what API permissions have been accepted or…

Read more
July 14, 2021 | by Dominique St-Amand | Leave a comment
Azure, C#, DevOps, Docker

Integration tests using Azure Storage emulator and .NET Core in Azure DevOps

I had a friend contact me about a situation that he was trying to do and I was about to have the same situation myself so I decided to tackle it. That situation is that we both need to test our code, but our code is dependent on Azure Storage. As you know, you can emulate Azure Storage on Windows using the (now deprecated) Azure Storage Emulator, or using Azurite. Since my code is built and tested on linux, I decided on using Azurite. Azurite v3 runs in a container. Azurite v2 runs using node.js but the container is not officially available. You need to build the image yourself. Azurite v2 is necessary if you need to have access to…

Read more
January 8, 2021 | by Dominique St-Amand | 1 Comment
Azure, Server administration

Automating your mundane Azure Virtual Machine Windows provisioning tasks with PowerShell DSC

I’ve been working in various projects and helping different people with their tasks when it comes to provisioning their Azure Windows Servers or Windows 10 virtual machines. One thing that I realized, is how much time is spent post provisioning for repetitive tasks that could be done through automation. I can say that I am proud of the fact that, after discussing with me, they all start embracing Infrastructure As Code (IaC) through ARM. Well most of them that is hahaha! Side note, if you are doing ARM, checkout Bicep; this will save you so much time in writing your ARM templates and there’s great linting and code completion when used in Visual Studio Code with the extension! But what…

Read more
November 27, 2020 | by Dominique St-Amand | 1 Comment
Azure, C#, Microsoft365

Connecting to SharePoint Online using an Azure AD Service Principle (Application) and CSOM

Microsoft is giving us a push to use Microsoft Graph as an alternative to using SharePoint CSOM. Unfortunately, not everything is available in Microsoft Graph. When you are automating, you want to use a service account that has no user identity (delegation) in it and can be autonomous. However, the only way right now to get an application token that can be used to consume the SharePoint Online CSOM, is to authenticate your application using an authentication certificate. This post continues on the SPOAuthentication code, as discussed in my other post. We will make use of the KeyVault to store the authentication certificate and then add it to the application as a key credential used for authentication. KeyVault and Application…

Read more
November 17, 2020 | by Dominique St-Amand | 1 Comment
Azure, C#, Microsoft365

Connecting to SharePoint Online CSOM using a non-interactive, headless application, through user delegation

It may happen to you that you need to run a process which has no user interaction for automation purposes. This may be a console application or an Azure Function that has a timer trigger. How is it possible to call the CSOM (client side object model) API of SharePoint online in such fashion? Usually people authenticate in other ways. Today, I want to show you how this can be done, using a .NET Core console application. Preface Before getting cracking with the code, I want to brush on the the On-Behalf-Flow, as it is important to understand it to understand why the code does certain things. The OAuth 2.0 On-Behalf-Of flow (OBO) serves the use case where an application…

Read more
November 15, 2020 | by Dominique St-Amand | 1 Comment
Azure, C#

Migrating to the new C# Azure KeyVault SDK Libraries

You may be familiar with the Microsoft.Azure.KeyVault SDK. This SDK is being retired in favor of 3 new SDKs: Azure.Security.KeyVault.Keys Azure.Security.KeyVault.Secrets Azure.Security.KeyVault.Certificates As you can see, the Microsoft Azure SDK team split the KeyVault functionality in 3 distinct SDKs. All those SDKs are unified with the Azure.Identity SDK to manage authentication. Let’s deep dive a little bit into those SDKs. I wanted to brush up on those, as usually what people do, when they have the KeyVault setup in their application, they tend to forget about it. If you want to migrate to the new SDKs (or you’re looking to consume the KeyVault through code), this post can be of interest to you. Azure.Identity SDK The Azure Identity library is…

Read more
November 12, 2020 | by Dominique St-Amand | 2 Comments
Azure

Controlling the hostname with a WebApp when fronted by Application Gateway

I wanted to demystify the hostname that is used within an ASP.NET core application when the application is hosted in a WebApp and fronted by an Application Gateway. I have been getting a few questions about it and I believe it can help. It happens to many that when they configure such setup, and have redirects triggered within the application, they get presented with the application.azurewebsites.net hostname instead of the hostname by which they actually accessed the application. They then ask themselves: what happened? I accessed my application through application.mydomain.com. How come I am presented with the azurewebsites.net hostname? Let’s dissect 2 ways by which this can be mitigated and have, when the application triggers redirects within itself, the proper hostname that…

Read more
November 5, 2020 | by Dominique St-Amand | 3 Comments
Azure

Automating Azure Site Recovery VMs with ARM and some magic

Actually, I got you there’s no magic, well, slightly. We will be using some intuitive way to wrap the whole thing. Now that I got your attention, let’s talk about Azure Site Recovery, or for short ASR. As you are building your solution, you will want to automate the recovery process of your Virtual Machines so you have some piece of mind when it comes to your Disaster Recovery process. In this post, I will talk about specifically about Azure Site Recovery for Azure to Azure recovery. Quick intro Azure Site Recovery is a product in the Azure family to help ensure one can attain his business continuity and disaster recovery (BCDR) strategy. Site Recovery works by replicating your disks…

Read more
October 28, 2020 | by Dominique St-Amand | Leave a comment
Azure

Path based routing in Azure Application Gateway with Azure WebApps

So it may occur to you that you may want to do path based routing so that you can reach multiple applications under 1 hostname. To represent this, I’ve drawn an example of what we are trying to accomplish In this post, I’ll show you how I can use the hostname dev.domstamand.com to respond to different backends when hit on 3 paths: /identity : redirects to the identity web app /authorization : redirects to the authorization web app / : redirects all other requests to the default web app As a side note, I’m using the v2 of the Application Gateway. Setup To understand better how all the components are layed out, I made a diagram. For the sake of…

Read more
August 14, 2020 | by Dominique St-Amand | 1 Comment
Azure

Azure AD Linux Login Extension – sudo fails with PAM account management error: System error

As you all know, I’ve been playing around with the Azure Active Directory login extensions for both Linux and Windows. I came across a problem where the first sudo worked (after re-authenticating) and the second, with the same command, failed with sudo: PAM account management error: System error Trying to debug this was tricky. Along with a support engineer we were able to enable enough log to get to the bottom of the problem. First, edit /etc/pam.d/system-auth-aad and add the debug keyword whenever you see pam_aad.so. Adding “debug” will switch to verbose logging. For example:

Once that is done, execute in one terminal the following command tail -f /var/log/secure. Execute the sudo that you know will fail (that is the…

Read more
August 4, 2020 | by Dominique St-Amand | Leave a comment
Azure

Live notifications from an Azure Keyvault to your Slack

In a world where monitoring is key for sensitive information, or even for alerts that can put your system down (such as an expired certificate), it is necessary sometimes to be alerted “right away”. Azure Alerts are great, but they have a delay, as the data needs to get ingested into your analytics and then need to run with the alert frequency you have set for you to be aware that something is going on. In this post I will show a way where you can be alerted somewhat instantly. We will consume 2 types of event data from a keyvault, that is the diagnostics AuditEvent and the events that Azure provides us out of the box. Once consumed, we…

Read more
June 3, 2020 | by Dominique St-Amand | Leave a comment
Azure, DevOps

Automating your OpenAPI updates to API Management through your CI/CD pipeline

Microservices are the trend in today’s day and age, even if you may have read that some are going back the monolith way. Most microservices architectures are built to communicate through REST: each service is an API that shares a contract for other services to consume. Since your product ecosystem will (hopefully) evolve over time, your contracts are to evolve overtime as well. If you decided to consolidate your contracts consumption into one point of entry (using the API Gateway pattern), how do you actually make sure that those contracts are properly updated in your gateway for each of your environments up to your production environment? In this post, I will show you how you can update your APIs contracts…

Read more
May 10, 2020 | by Dominique St-Amand | 4 Comments