Restoring a Deleted Branch in Azure DevOps

Following a branching strategy is useful to ensure smooth version control and deployments. Based on the nature of the project and other operational considerations, organizations define several branches in their version control systems. However, what if you accidentally deleted an important branch from the version control system? This blog explains how to recover a deleted branch in Azure DevOps

Prerequisites: Azure DevOps project with multiple branches. In this blog, I will use main branch and two branches named releases/1.0.0 and releases/1.0.1

How To Customize Chef Recipes To Compatible With Multiple Chef Client Versions

Metadata.rb is used in Chef to define several important metadata values within the Chef cookbook. Chef infra client version is one of them. The Chef version setting can be used to define the range of chef client versions supported by the cookbook.

For example, the following specifies a match for any chef client version in the16.x series. The configurations defined in Chef recipes will be applied only to servers (nodes) running chef client version 16.x

                chef_version '~> 16.0'

However, even after setting the 'chef_version' for cookbook as shown in the above example, you can still customize your recipes to work with other chef client versions.

This blog explains one possible mechanism for customizing a Chef recipe to run with different versions of Chef clients. 

Pre-requisites: chef workstation, chef cookbook

Let's get started.

Deploy Azure Container App with Azure CLI

This blog explains how to setup an Azure DevOps release pipeline to deploy a container app to the Azure Container Environment using an Azure CLI script.

Pre-requisites: 

• Azure DevOps deployment pipeline
•  Azure container app environment 
• Azure Container registry

Add an Azure CLI task to the Azure DevOps pipeline and add following script. The script installs a few required extensions and create a container app.

Verify Terraform Configurations Using Terraform Test

This blog explains how to use the terraform test framework to verify that new changes do not break existing resources. 

Pre-requisites: Follow this blog and configure a terraform project with a test file.

The sample terraform project configure a resource group and a storage account in Azure.

Getting Started with Terraform Test

This blog explains how to use new terraform test framework to test infrastructure automation scripts.

Pre-requisites: Install Terraform v1.6.0 or later version, Azure subscription, code editor (Visual studio code use as the code editor in this blog)

What is the use of terraform test?

Terraform has introduced new test framework which helps to achieve followings.

• Validate terraform configuration updates and get verified new changes does not introduce any breaking changes.
• Terraform test supports running test against test environment which allows to create short lived resources without breaking existing resources.

Set Longer Expiration date for Azure SPN Client Secrets

Azure SPN client secret expiration period can be set as 3 months, 6 months, 12 months, 18 months and 24 months via Azure portal. Other than the above-mentioned fixed time durations, there is an option to select customize expiration period for client secrets. However, maximum duration allowed to select as the secret end date is 24 months. 

Container App Deployment with YAML Template

This blog explains how to deploy an Azure container app using a YAML template.

Pre-requisites: 

1. Azure container app environment
2. Azure container registry with docker image

Create a YAML file and add following content to it. 

Add values for Container App name, resource group name, Azure subscription id where resources going to be created, Container App Environment name and resource group, Azure Container Registry (ACR) name, ACR username, ACR password, image path and image tag.

How To Resolve Automatic Redirect HTTP To HTTPS In Chrome

This blog explains a one of the solutions for automatic redirection from http to https when using Chrome browser.

Reason for the issue: 

HTTP Strict Transport Security (HSTS) forces user's web browser to use https even when requesting http. 

Working with Chef Automate API on Windows

This blog explains how to use the Chef Automate API on a Windows machine. 

Pre-requisites:

• Chef Automate Dashboard with node added to compliance.

Chef Automate API request with an API token passed in the header. This token can be created in chef automate dashboard as follows.

Login to Chef Automate dashboard. Go to token section in the settings page. 

Resolve Azure DevOps Pipeline Failure "Cannot open server requested by the login. Client with IP address is not allowed to access the server."

This blog explains how to resolve Azure DevOps pipeline failure when running dotnet ef migration update command. 

Cannot open server 'demo-sql' requested by the login. Client with IP address 'xxx.xxx.xxx.xxx' is not allowed to access the server.  To enable access, use the Windows Azure Management Portal or run sp_set_firewall_rule on the master database to create a firewall rule for this IP address or address range.  It may take up to five minutes for this change to take effect.

Deploy Azure Container App Environment Using Terraform

Azure container app environment is fully managed environment to run containerized applications. This blog contains terraform script that can be used to deploy Azure Container App Environment with internal only ingress which means accessible only from VNet. You can find the complete code sample in GitHub here.

Use an Image from Azure Container Registry in a Different Subscription from an Azure Container App

This blog explains the limitation and a workaround to access Azure Container Registry from Container App Environment when the two resources are in two separate subscriptions.

Pre- requisites: Azure Container App and Azure Container Registry deployed to two separate subscriptions.

Go to Azure Container App and click on Containers. Then Click on Edit and Deploy.

How to Access Cognitive Service Translator API With Virtual Network Endpoint

Microsoft Cognitive Service translator accessible with Web API, Virtual Network and container endpoints. This blog explains how to access cognitive service with virtual network endpoint.

Pre-requisites: cognitive service translator

Go to translator app Networking under Resource Management. Select Firewalls and virtual networks tab.

How to Call Cognitive Service Translator API With Postman

This blog explains how to setup postman to test cognitive service translator. 

Pre-requisites: Cognitive service translator, access to postman

Open postman, add a new post request and add following configurations.

If the translator access limited to VNet use following URL format.

URL : https://your-translate-service-name.cognitiveservices.azure.com/translator/text/v3.0/translate?to=fr

ex: https://my-demo-translator.cognitiveservices.azure.com/translator/text/v3.0/translate?from=en&to=fr

Resolve Pipeline Execution User Lacks Permission Error in Azure DevOps Release Pipeline

In Azure DevOps you might have encountered the situations where pipelines failing with error message mentioning the user with a given GUID does not have permission to run the pipeline or access Azure DevOps artifacts. Solution is giving the right permission to the user. This blog explains how to find the right user who need the permission.

Copy the GUID of the user from Azure DevOps pipeline logs.

Scan Code in Azure DevOps Build Pipelines Using Microsoft Security DevOps

Static code analysis is a mechanism to find and fix security vulnerabilities in source code without running the software. This blog explains how to integrate Microsoft Security DevOps to a build pipeline, which installs and configures static code analysis tools against your source code.

Pre-requisites: 

• Azure DevOps build pipeline
• Build agent which has .NET 6 (for MicrosoftSecurityDevOps build task) and NET 3.1 (CredScan analyzer) installed.

The New Pre-defined System Variable in Azure DevOps Build Pipeline

There could be requirement to get Azure DevOps build definition location when developing scripts to use with Azure DevOps. In such script, you can hardcode build definition location or use recently introduced pre-defined system variable, Build.DefinitionFolderPath in Azure DevOps.

Pre requirement: Azure DevOps build definition

The build definition we use for this blog post is under Demo Build Pipeline.

Disabling Creation of Classic Pipeline in Azure DevOps

Azure DevOps has introduced new toggle which can be used to disable classic pipeline creation in team projects. If your organization decided to use only YAML pipelines, you can use this feature. It will disable classic build pipelines, classic release pipelines, task groups and deployment groups from Azure DevOps.

Before enable the toggle, you would be able to see the option to create a new classic pipeline as shown in below.