Ever had to implement an external API that does have documentation, but does not offer an SDK or OpenAPI spec? GitHub Copilot is a really great tool to help with these kinds of conversions. In this post, I’ll show you how to quickly consume an external API using GitHub Copilot. The problem I would like to use the OpenWeather API to get the current weather for a specific location. The API documentation is available at https://openweathermap....

Converting data to different formats with copilot Recently, I got a question from a client if GitHub Copilot would be able to convert data from a table designer tool into working test files. The answer is probably yes! The only requirement is that the table designer tool is able to export its table (or tables) into a textual format, like SQL, JSON or CSV. Here’s how you could achieve this with Copilot:...

Extending your alerts with additional data from the Log Analytics API I recently came accross a scenario where I needed to extend the data that was available in an alert. The alert data that was sent in the actiongroup only contained an EventId field. I was not at liberty to modify the alert, but I did notice an interesting extra property in the payload. The payload looked something like this:...

If you are using Renovate or a similar tool to manage some aspects of your Azure DevOps repositories, you might have come accross a security issue. Renovate wants to to use a PAT that you created, or the $(System.AccessToken) variable. You probably want to stay away from creating a PAT yourself for the following reasons: User Dependency: PATs are tied to the user account that creates them. If that user leaves the organization or if their permissions change, the PAT and any processes using it will be affected....

Ever spent too much time debugging an issue that seemed impossible at first, but then turned out to be stupid? I have. Pipeline I was working on a pipeline. Just your run of the mill deployment pipeline really. I was trying to deploy some resources from a bicep template. It looked something like the following: variables: path: $(Build.SourcesDirectory)/agw-bicep agwName: 'my-agw' agwRg: 'my-agw-rg' kvName: 'my-agw-kv' trigger: none pool: vmImage: ubuntu-latest jobs: - job: deploy pool: vmImage: ubuntu-latest timeoutInMinutes: 15 steps: - task: AzureCLI@2 displayName: 'Call Azure Cli' inputs: azureSubscription: '<sub>' scriptType: 'pscore' scriptLocation: 'inlineScript' workingDirectory: $(oath) inlineScript: | (....

Secret Scanning in Azure DevOps with GitLeaks As you might know, it is important to keep any private keys, passwords and/or other secrets away from your source control. Having secrets in source control poses many risks, the most important one being: you have no idea how or where those secrets will be stored once someone pulls your repository. If your repository is private, then you might argue that it is reasonably safe, but even then secrets will be stored in plain text on the pc of every person that works with the repository....

dotnet MAUI public key pinning When it comes to client-side security, mobile apps can be a double-edged sword. On the one hand, the software is on a user-controlled device, so security is out of your hands. On the other hand, that device will probably connect to any old public wifi that it can get its hands on. Man-in-the-middle attacks are a definite risk. Luckily, we can improve protection against these by using certificate pinning, or public key pinning....

The DevOps movement has claimed it’s rightful place in our hearts. If it hasn’t, go read up on it. Working in a proper DevOps environment is amazing, and I cannot recommend enough for any organization to try it. But, let’s be real. DevOps has been around for a while. It is not the shiny new thing it used to be anymore. We need something new. Maybe something security related, security is always an important aspect of creating software....

Xamarin Development Setup Part 2. Continuous Integration/Delivery With our initial solution in place, we will now start defining our build/deployment pipelines. So let us quickly sum up what we want our pipelines to do. First of all, we want to build the project and run our unit tests each and every time we make a commit, and before we are allowed to merge a pull request. We can do this quickly and often, as the build time is usually a measure of minutes, and so are the unit tests....