How many Entra App Registrations do I need?

25 Oct 2023 🔖 security devops integration git azure 💬 EN

Creating an App Registration (and its corresponding Service Principal) in Microsoft Entra ID (formerly known as “Azure Active Directory,” “Azure AD,” or “AAD”) lets a code-deployment-automation “CI/CD pipeline” (such as an Azure DevOps Pipeline or a GitHub Action) access the Azure cloud resources onto which you’d like to deploy your code.

But just how many of them do you need per project / application / workload?

Variables and secrets for CI/CD pipelines

03 Aug 2023 🔖 devops integration git azure 💬 EN

Azure DevOps Pipelines and GitHub Actions both let you store variables and secrets in their services, for use with your CI/CD automations, but they’ve arranged them in pretty different parts of their settings options.

Git best practices with Azure Data Factory

31 May 2023 🔖 devops integration git azure 💬 EN

Are you intimidated by all of the options when trying to add Git tracking to Azure Data Factory (“ADF”)? Check out my top tips!

Benefits include:

• Easier collaboration when many people need to work on the same factory at the same time.
• Easier auto-synchronization of content between closely related factories.

Reuse your Flows with Subflow

12 May 2023 🔖 professional development salesforce 💬 EN

Thanks for coming to watch “Reuse your Flows with Subflow.”

Video, slides, and a session recap can be found below.

Quick -- I need a blank scratch org

11 May 2023 🔖 salesforce 💬 EN

Whew! As I prepare to talk about subflows (sign up now!), I’m working my way through old usernames and passwords to Salesforce dev orgs and realizing they’ve mostly expired, now that I no longer work the old job to which all the reminder emails were being sent.

Azure DevOps vs. GitHub repositories and pipelines

09 May 2023 🔖 devops git azure 💬 EN

If you work at a Microsoft-oriented corporation that leverages Azure’s public cloud heavily, you might be using Azure DevOps for version-controlling source code repositories with Git and for automating build / test / deploy processes against those codebases.

Do you wonder if you’re missing out by using Azure DevOps instead of GitHub?

Below are some strengths of each tool. I’d love to hear your additions in the comments.

Deploying a built webapp onto Azure App Service with ADO Release Pipelines

18 Mar 2023 🔖 web development minimum viable build beginner devops git azure 💬 EN

In this series, we’ve:

1. Coded a tiny webserver.
2. Added unit tests.
3. Git-tracked our codebase in Azure DevOps (“ADO”) Repos and set up proper editing hygiene rules.
4. Taught ADO Pipelines to “build” our codebase into a ready-to-run webserver runtime codebase every time Git detects we’ve edited the codebase.
5. Told ADO Pipelines not to bother doing so if our unit tests fail.

All that’s left is to let the world see our amazing website! Let’s do that today.

See the sample codebase on GitHub.

Provisioning Azure DevOps Service Connections that let ADO Release Pipelines leverage Azure AD Service Principals for sensitive CI/CD tasks

17 Mar 2023 🔖 beginner azure 💬 EN

We’re almost ready to build an Azure DevOps (“ADO”) Pipeline that can release our tiny web server we asked it to build for us onto our rented 2 webserver hosts (one “nonproduction” and one “production”).

Although we created an Azure Active Directory “(AAD)” service principal that’s authorized to work against our webserver hosts, Azure DevOps doesn’t yet know how to use our Service Principal.

In this article, we’ll set up a cross-reference (known as a “Service Connection”) from ADO project to our AAD Service Principal. Once we’ve done so, we’ll be able to wrap up this series by constructing just a little more ADO Pipeline goodness (auto-updating our live websites every time we update our Git-tracked source code). We’re almost there!

Provisioning Azure AD Service Principals that can deploy built webapps onto your Azure App Service resources

16 Mar 2023 🔖 beginner azure web development 💬 EN

In this series, we’ve written the world’s tiniest webserver, added unit tests to its codebase, told Azure DevOps (“ADO”) Pipelines to auto-build a runnable web server for us each time we update our Git-tracked source code, and rented 2 webserver hosts from Microsoft Azure’s public cloud (one “nonproduction” and one “production”).

Every time ADO builds our source code into a runnable web server, we’ll want it to deploy the “built” codebase onto the hosts we rented. Our ADO automation will need to prove it’s not an evil hacker trying to take over our web hosts. Therefore, we need to:

1. Create an Azure Active Directory (“AAD”) identity ADO can use to prove that it is who it says it is.
   • To do so, we’ll create a pair of AAD resource instances – one “Application Registration” and one “Service Principal.”
2. Create an Azure RBAC role assignment authorizing the new AAD service principal to deploy code onto our web hosts.
   • (We’ll worry about telling ADO how to use the new AAD service principal in a subsequent article.)

Provisioning Azure App Services to host your Hello World webapp

15 Mar 2023 🔖 beginner azure web development 💬 EN

Thus far in this series, we’ve written the world’s tiniest webserver, added unit tests to its codebase, told Azure DevOps (“ADO”) Pipelines to auto-build a runnable web server for us each time we update our Git-tracked source code, and told ADO to fail the build process if the unit tests don’t pass.

Before we can ask friends to visit our new website, we’ll need to rent a webserver host from Microsoft Azure’s public cloud.

Azure App Service’s (“AAS’s”) Web Apps service (“AASWA”) is a great choice for a simple web server. Let’s rent ourselves two such resource instances: