Integrating Azure Key Vault with AKS via External Secrets Operator

Managing secrets centrally is a best practice in software development. Secrets should be stored and rotated in a central location, even when they are used by multiple components of an application. However, when secrets need to be accessed in different places, such as CI/CD pipelines and Kubernetes, manually copying them can lead to errors and failures caused by human mistakes.

To address this in Kubernetes, we can use External Secrets Operators, which automatically sync secrets from external secret stores such as Azure Key Vaults into Kubernetes secrets. This removes the need for manual synchronization and reduces the risk of errors due to incorrect or outdated secrets.

Pre-requites:

• Azure Kubernetes Cluster
• Azure Key vault
• Managed identity

Fixing Azure CLI Storage Account Whitelisting Error: ‘IPs does not appear to be an IPv4 or IPv6 network

This blog explains an error that occurs when whitelisting IPs on a storage account using an Azure CLI script. The script attempts to pass the IPs as a space-separated string and apply them through the CLI. However, it fails with an error indicating that the IP format is incorrect. This post explains the issue and provides the steps to fix it.

Pre-requites:

• Azure Storage account
• The $ipList parameter accepts a semicolon-separated list of IP addresses

How to Extract Certificates and Keys from a PFX File in Windows Using WSL

A Personal Information Exchange (PFX) is a cryptographic file format used to store and protect sensitive information such as certificates, private keys, and secrets. In this blog, I’ll explain how to extract the certificates and private keys from PFX using OpenSSL in Windows Subsystem for Linux (WSL).

Prerequisites:

1. WSL
2. PFX file with certificate and private key

• Open WSL and run sudo apt update to refresh the list of available packages and their versions.
• Run sudo apt install openssl to install OpenSSL in WSL.

Creating and Testing Ingest Pipelines with Grok for NGINX Logs in Elasticsearch

The Elastic Stack is widely used for log management, monitoring, analytics, and observability. It includes several tools such as Beats, which collect logs from various systems. However, not all data in these logs is necessary for indexing. To filter, transform, and enrich documents before they are indexed, we can use ingest pipelines. In this blog, we will discuss how to create a simple ingest pipeline and test it.

Automate PagerDuty Maintenance Windows with Azure DevOps

Reliable notifications, scheduled escalations, and effective on-call management are essential for operations teams to quickly identify and address issues. PagerDuty is a platform that provides all of these capabilities, enabling teams to maintain high reliability and reduce operational noise.When working with any operations platform, reliability is key to avoiding unnecessary alerts or actions. For example, during a scheduled system update, creating a maintenance window in PagerDuty can prevent false alarms triggered by expected changes.

In this blog, we'll discuss how to create a PagerDuty maintenance window using an Azure DevOps pipeline. By adding this step to your deployment process, you can automatically start a maintenance window during system updates, improving alert accuracy and reducing manual overhead.

Using StringList Parameters in Azure DevOps Pipelines

Azure DevOps YAML pipelines now support the stringList parameter type, which allows you to present multiple selectable options as checkboxes in the pipeline UI.

This blog explains a pipeline that uses a stringList parameter with three values: dev, qa, and prod. After adding the region parameter as a stringList, the pipeline looks similar to the image below.

Exploring the Full YAML Pipeline View in Azure DevOps

Azure DevOps YAML pipelines can be created using reusable YAML templates that help define parts of the pipeline as modules. By using templates, we can create shorter YAML pipelines and avoid duplication. However, debugging a YAML pipeline with templates is not easy, as we are unable to view the full, expanded pipeline easily. Azure DevOps now supports a new feature that allows us to see the full YAML pipeline of a pipeline run. In this blog post we are going to learn how to navigate to the full YAML pipeline view of the YAML pipeline that uses templates.

Pre-requisites:

• Azure DevOps YAML pipeline that uses templates

Resolve Azure DevOps Build Pipeline Warning, "The windows-2019 runner image is being deprecated, consider switching to windows-2022 (windows-latest) or windows-2025 instead"

The Windows-2019 runner image in Azure DevOps is being deprecated, and pipelines using the Windows-2019 hosted agent display a warning recommending a switch to a newer hosted agent. However, after changing the agent, build pipelines may break due to dependency and environment differences. This blog explains a NuGet restore failure that occurred after switching to Windows-2022 and provides a solution for it.

Warning: The windows-2019 runner image is being deprecated, consider switching to windows-2022 (windows-latest) or windows-2025 instead