March 2026 · .NET 8+ · GitHub Copilot SDK (Technical Preview) What if you could get the full agentic power of GitHub Copilot — tool calling, multi-turn sessions, streaming, automatic context compaction — but run it on your own infrastructure, with your own models, and no GitHub dependency at runtime? That's exactly what the GitHub Copilot SDK enables through its BYOK… Continue reading Building AI Agents on Azure Container Apps with the GitHub Copilot SDK and Your Own Foundry Models
This Azure Pipeline Pattern Scales to 100+ Teams (Rolling, Canary & Blue-Green)
Previously, I have been working on demonstrating how in an enterprise, Platform Engineering Team can provide curated, compliant templates that provides deployment strategies out of the box for workload teams. You can read all about that here: https://moimhossain.com/2026/01/06/blueprints-for-unified-azure-pipelines-governing-rolling-blue-green-and-canary-deployments/ I have put a bit more work on top of that concept to make it more easy… Continue reading This Azure Pipeline Pattern Scales to 100+ Teams (Rolling, Canary & Blue-Green)
Blueprints for Unified Azure Pipelines: Governing Rolling, Blue/Green, and Canary Deployments
Governing Azure Pipelines with Extensible Templates Modern enterprises rarely run a single delivery workflow. They run dozens—each with its own language stack, runtime, and compliance targets. Without a consistent orchestration model, the platform team spends its life reviewing YAML changes while workload teams reinvent complex rollout mechanics. The solution is to treat pipeline templates like… Continue reading Blueprints for Unified Azure Pipelines: Governing Rolling, Blue/Green, and Canary Deployments
Migrating Azure DevOps repositories to GitHub Enterprise with the GitHub import APIs
Azure DevOps (ADO) teams keep asking for a repeatable way to land on GitHub Enterprise Cloud without babysitting manual Git mirrors. The good news: GitHub’s import surface now covers one-off REST-based imports, the GitHub Enterprise Importer (GEI) GraphQL APIs, and automation-friendly tooling such as the gh ado2gh extension. Below is a field-tested playbook that blends those APIs,… Continue reading Migrating Azure DevOps repositories to GitHub Enterprise with the GitHub import APIs
Synapse deployments with Workload Identity from Azure Pipeline
The official Azure Synapse Analytics deployment extension for Azure Pipelines still ships without Workload Identity Federation (WIF) support, and there is no public ETA for when that capability will land. Rather than wait, I pulled down the same codebase Microsoft uses and produced a like-for-like variant that lights up WIF so anyone who is blocked… Continue reading Synapse deployments with Workload Identity from Azure Pipeline
Building Backstage AI Chat Plugin with Azure AI Foundry Agents
This post shows how to add an AI assistant plugin to Backstage that lets internal developers chat with their own domain data using Azure AI Foundry Agents. We cover agent concepts, minimal API usage, plugin structure (frontend + lightweight backend proxy), security (secrets & identity), and deployment guidance. 1. Why an AI Chat Plugin in… Continue reading Building Backstage AI Chat Plugin with Azure AI Foundry Agents
Backstage on Azure Container Apps with Microsoft Entra ID (Azure AD) Authentication
End-to-end guide: containerizing Backstage, provisioning Azure resources (with Bicep & CLI), enabling Microsoft Entra (formerly Azure AD) sign-in, managing secrets, scaling, observing, troubleshooting, and cleaning up — all aligned with current Azure best practices (managed identities, least privilege, and no hard‑coded secrets). Why Backstage + Azure Container Apps Backstage centralizes your internal developer portal (catalog,… Continue reading Backstage on Azure Container Apps with Microsoft Entra ID (Azure AD) Authentication
Measuring API Latency & Throughput with k6
Modern API platforms live and die by their tail latency. Your users do not care that the “average” response time is fine if 5% of requests are 10× slower. This post walks through using k6 to benchmark Azure API Management (APIM) backed APIs, first with a basic latency script and then with per‑request telemetry streamed into Azure… Continue reading Measuring API Latency & Throughput with k6
Securely Trigger GitHub Workflows from Azure Logic Apps Using GitHub App Authentication
In this tutorial, we'll explore how to trigger GitHub Actions workflows from Azure Logic Apps without relying on Personal Access Tokens (PATs). Instead, we'll utilize GitHub App authentication, which offers enhanced security and scalability for automated workflows. 🧩 Prerequisites Before we begin, ensure you have the following: An Azure Logic App (Standard). A GitHub App… Continue reading Securely Trigger GitHub Workflows from Azure Logic Apps Using GitHub App Authentication
Multi-Tenant Identity Federation: Accessing Multiple Entra ID Tenants with Managed Identity
Introduction Recently, I had the opportunity to help a customer solve a complex challenge involving multi-tenant identity federation. They needed to securely access resources across different Azure Active Directory (now Entra ID) tenants without managing secrets or certificates. The solution involved using managed identity with federated credentials to perform token exchange between tenants—a powerful but… Continue reading Multi-Tenant Identity Federation: Accessing Multiple Entra ID Tenants with Managed Identity
Reverse Engineering 