Salesforce, Python, SQL, & other ways to put your data where you need it

Need event music? 🎸

Live and recorded jazz, pop, and meditative music for your virtual conference / Zoom wedding / yoga class / private party with quality sound and a smooth technical experience

Wins of the week

26 Feb 2026 🔖 professional development
💬 EN

Table of Contents

I knew I’d been burning the candle at both ends in the first half of this week, but I couldn’t quite put my finger on why. I knew 30 minutes with my boss wasn’t enough to cover it all, though, so I made myself stop and write it down so I could send a recap in an email. Wow, my “full stack” runs the gamut! (My job’s so fun.)

Architecture

IAM

I wrote up a formal policy recommendation, and migration guide, for making it so that a customer can disable Basic Auth on all of their Azure App Service backend web API hosting resources and use “Website Contributor” Azure RBAC Role Assignments instead, without breaking developers’ existing feature/fix deployment flows.

PowerShell module artifact registry

I drafted a pretty complex design (and testing it hands-on, so I don’t draft the wrong design) that should help a customer upgrade their internal PowerShell module gallery so that they can deploy updates to it using git version control and CI/CD pipelines, even though they need backward compatibility and can’t just use the new Azure Container Registry approach.

Privately networked CICD pipelines

Lots of documentation, design (including testing it hands-on, so I don’t draft the wrong design), and diagramming about how a customer could leverage various CI/CD platform vendors’ privately-networked but vendor-managed CI/CD runtimes, so they can stop having to maintain and patch self-hosted runtimes.

End-to-end testing

I wrote up a formal “how to safely use” recommendation for browser-based webapp end-to-end testing libraries like Playwright/Puppeteer/Selenium/Cypress/Appium/WebDriverIO/etc., so that a customer can begin an adoption initiative.

Education

I facilitated fun conversations at various software development communities of practice about how:

  1. “Red-green” test-driven development is easier to remember to do in the age of AI-assisted coding, as long as you tell your AI you care about it.
  2. One participant’s team did some awfully clever troubleshooting this month. They traced an intermittent application bug’s root cause, figuring out it came from a part of the application “working too fast” and beating another part of the application to a key checkpoint, by trying the application from a cell phone with the data plan turned way down to 3G speeds, and noting that the application worked just fine at slower network speeds.
  3. PowerShell’s Pester module and Invoke-RestMethod command, put together, make for a high-code rather than low-code, but awfully convenient-to-execute (probably easily available on all employee laptops and in most CI/CD pipeline runtimes), cross-platform alternative to paid HTTPS web API testing suites like Postman.
  4. There’s a new version of PowerShell out.

Troubleshooting

I helped diagnose that a customer had asked their support desk for the wrong type of IAM / access control request within Entra/Azure, and helped them figure out what the right ticket type, and the right ticket details, would be, so that they can get Azure Synapse’s system-assigned managed identity (“SMI”) reading from an Azure Key Vault (answer: request an Azure RBAC Role Assignment with the SMI as principal, the Key Vault resource as scope, and “Key Vault Secrets User” as the role).

Documentation

I updated documentation for a customer, disambiguating “how to get access to the Git repositories stored within a given GitHub organization owned by the enterprise” vs. “how to get a GitHub Copilot license,” now that GitHub Enterprise Cloud has disentangled the two licensing issues from each other in 2026.

Research

I enjoyed chatting with a sysadmin about “a day in the life” when virtual machine (“VM”) state-change requests come in.

It’s a lot more similar to a “new feature request” coming in on a web application than I’d realized. A web application might have separate “frontend” and “backend” source code repositories, with separate teams managing each. Most “new feature” requests that make it into the product roadmap of the webapp are going to end up implemented, in a coordinated fashion yet separately (because separate teams), in both of the 2 codebases. And yet, from a business-level product management perspective, the new feature is arguably just 1 concept.

And so it goes in sysadminning VMs. 1 new business-level conceptual “desire” about what “state” a given piece of infrastructure like a VM should “be” in … might end up having to be coordinatedly coded and orchestrated in 2 separate “desired infrastructure state” configuration approaches:

  1. The “virtual screwdriver spinning / rack-and-stack” work that goes on in a VM hypervisor before VM bootup – e.g. “add a 2GB disk as disk #2”
  2. The “within the Windows or Linux operating system after the VM has been booted up” stuff – e.g. “map disk #2 as the P:\ drive” or “install an antivirus” or “install a log-telemetry agent”

I’m seeing so many classic questions about IaC language choice, “merely declarative & idempotent but state-file-lessly” vs. “state-file-fully” language choice, how many state files to use if using state files, how many repos to break things up into, how to orchestrate drift remediation from the “desired state,” etc. with fresh eyes after this “aha” moment! Lots to ponder.

--- ---