Short Update on: Elastic self-hosted pool for Azure DevOps (on Kubernetes)

Introduction Few months before, I have written a Kubernetes .net controller that uses Azure Kubernetes Service as a platform to host Azure pipeline agents. It allows elastic scale-out model by continuously watching the job queue in Azure DevOps. You can read about it here. I have received quite a few messages from others who are … Continue reading Short Update on: Elastic self-hosted pool for Azure DevOps (on Kubernetes)

Empower Kubernetes developers with guardrails

Background A while ago, I wrote a post: Azure DevOps Multi-Stage pipelines for Enterprise AKS scenarios. The idea was having a platform team that enforces best practices, security and other compliance aspects to Kubernetes platform and allows one ore more workload-teams (i.e., product teams) build and deploy their workload into the cluster. The previous post suggested … Continue reading Empower Kubernetes developers with guardrails

Multi-Tenant Daemons with Microsoft Identity platform

Background I have recently speaking to a customer about the following scenario. Customer has an API that supposed to be consumed by some **trusted** daemon applications built and managed by their partners. It's not the interactive users (no signed in users via an web application) who will be using the API, rather some background process … Continue reading Multi-Tenant Daemons with Microsoft Identity platform

Secure your pipelines by frequently rotating secrets

TL; DR: This article and accompanying source codes helps you setting up an automated secret or certificate rotations for Azure service principals and Azure DevOps service connections. Jump into the technical part here. Background If you are deploying applications on Azure from Azure DevOps service connections (or GitHub actions) you are most likely using a … Continue reading Secure your pipelines by frequently rotating secrets

Elastic self-hosted pool for Azure DevOps (on Kubernetes)

UpdateThere is a follow up post with some updates, you can read here. Introduction If you are using Azure Pipelines, then you surely have used Microsoft-hosted agent. With Microsoft-hosted agents, maintenance and upgrades are taken care of for you. However, there are times when self-hosted agents are needed (i.e. customized images, network connectivity requirements etc.). … Continue reading Elastic self-hosted pool for Azure DevOps (on Kubernetes)

Azure App Service with Front-door – how to fix outbound URLs?

https://docs.microsoft.com/en-us/azure/frontdoor/quickstart-create-front-doorThis article shows how to rewrite IIS URLs (outbound) with URL rewrite module to configure legacy asp.net web apps hosted on Azure App Service but safeguarded with a WAF (Front-door/Application Gateway). Setting up Azure Front-door or Azure Application Gateway are fairly straight forward process and well documented in Microsoft Azure Docs. That is beyond the … Continue reading Azure App Service with Front-door – how to fix outbound URLs?

Bridge to Kubernetes – be confident on shipping software

Bridge to Kubernetes is a successor of Azure Dev Space. Distributed software’s are comprised of more than one services (often referred as micro-services), they depend on each other (one service invoking APIs of another service) to deliver capabilities to end users. While separations of services bring flexibility in delivering features (or bug fixes) faster, it … Continue reading Bridge to Kubernetes – be confident on shipping software

How to use ADFS/SAML2.0 as Identity provider with Azure AD B2C

Azure Active Directory B2C (Azure AD B2C) provides support for the SAML 2.0 identity provider. With this capability, you can create a technical profile in Azure AD B2C to federate with SAML-based identity provider, such as ADFS. Thus, allow users to sign in with their existing enterprise identities. Microsoft has good docs on this topic, … Continue reading How to use ADFS/SAML2.0 as Identity provider with Azure AD B2C