Connecting to your Azure SQL database over a Private Endpoint
In a corporate network, internal database servers are usually heavily firewalled in separate network segments. However, when we deploy our database in Azure, we can connect to it directly over the internet. To improve the security of your database, you should use a private link (also known as Private Endpoint) to connect to your database from your application. This will route the traffic over internal Azure connections, and you can disallow any public access to the database server. …
Fixing 'Could not inject value for GitVersion' in Azure Pipelines
If you are using GitVersion with NUKE and you are trying to get the pipeline working, but are running into the build failing with Could not inject value for GitVersion. I will assume you are using a YAML pipeline (and in my case I was pulling the sources from GitHub), try this. First open the pipeline that is experiencing issues and go select ‘Edit’: Select the additional settings that are collapsed and go to ‘Triggers’: Once there, select YAML and the repository and make sure that ‘Shallow fetch’ is disabled. …
Capturing application logging in MsTest
In a lot of projects I have been on I’ve seen the following approaches when it comes to application logging in test: The most popular option: It is completely ignored, either by pumping it into a mock or a NullLogger It is tested by verifying that the correct log messages are written. This is usually done to satisfy a ‘strict’ mocking framework. Neither of these options are ideal in my opinion. …
Easy way to set Azure RBAC roles in Bicep
When deploying resources in Azure using Bicep, occasionally you will have to assign rights to a user or principal to perform certain actions. For example, authorizing an app service to access a storage account. Initially you would create something like this: // Assume we have an app service with a System Assigned managed service identity var principalId = appService.identity.principalId; resource storageAccount 'Microsoft.Storage/storageAccounts@2021-06-01' existing = { name: 'some-existing-storage-account' } resource roleAuthorization 'Microsoft. …
Running GitVersion as a .NET Core local tool in FAKE
Recently I wanted to use GitVersion to determine the version number for a project. To keep the project self-contained I installed GitVersion as a .NET Local Tool. However, when trying to get the generated version numbers through FAKE it didn’t work. Unfortunately, the current version of FAKE does not support running GitVersion as a dotnet tool. To bridge that gap I wrote the following FAKE script to get it to work. …
SQL Server integration testing using xUnit
Recently I wanted to verify that my data access layer could properly read and write to a SQL Server database, and I wanted to have these tests automated. I wanted to answer these questions: Can my DbContext roundtrip entities to the database and back? Does the schema in my migration scripts match the expected schema in my code? (follows from 1) Can my migration scripts be applied to the database correctly? …
Hosting an ASP.NET Core web application in Azure
As a side project, I am working on a web application that I want to host in Azure eventually. There is a ton of documentation available around Azure but instructions vary by product. I have documented the steps I needed to run a web application in Azure. To make it easier to automate the deployment steps I am avoiding the Azure portal. I want to script these steps later so that I can automate my deployments. …
Authorizing Managed Service Identity in Azure SQL Database
When trying to deploy a simple web application and Azure SQL database through Azure DevOps pipelines, I wanted to use a system managed application identity to authorize the web application to access the database. This requires running something like the following SQL script on the Azure SQL database. CREATE USER [<identity-name>] FROM EXTERNAL PROVIDER; ALTER ROLE db_datareader ADD MEMBER [<identity-name>]; ALTER ROLE db_datawriter ADD MEMBER [<identity-name>]; ALTER ROLE db_ddladmin ADD MEMBER [<identity-name>]; I was having a lot of trouble getting the Azure SqlCmd task to work, while the error(s) it was showing was not helpful at all. …
Reducing GuidCombGenerator allocations
Recently at work, I had to implement some functionality that required the use of Guid identifiers that were stored in SQL Server. The Guids were generated in the application and used as an alternative key / external identifier for other systems. To avoid excessive index fragmentation, we opted to use the GuidComb variant using a generator from the NHibernate project. The GuidCombGenerator generates Guid values that have a timestamp embedded into the last 6 bytes. …
SSH cmdlets missing from posh-git
After repaving my machine and installing the latest version of posh-git I noticed that my Powershell profile was no longer working properly. I was using the Start-SshAgent cmdlet to load my SSH keys and well, it was no longer recognized. When I checked the GitHub repository, it was not immediately clear that these have been moved to a separate project: posh-sshell. Follow the instructions (or clone the repository), and include this new Powershell module as well in your profile! …