Posts

DevOps and security - Frenemies turned BFFs

This post is a summary of the Universe 2024 Fireside Chat with Brian Rossi from Caterpillar Digital. Continue reading DevOps and security - Frenemies turned BFFs

Why Culture is so important in the Age of AI

GitHub Copilot is proven to improve individual productivity at the task level. However, organizations need to be intentional and systematic in how they scale GitHub Copilot broadly in order to realize organizational benefits. In this post I’ll discuss why culture is so important in the Age of AI. Continue reading Why Culture is so important in the Age of AI

Ingredients for scaling GitHub Copilot

GitHub Copilot is proven to improve individual productivity at the task level. However, organizations need to be intentional and systematic in how they scale GitHub Copilot broadly in order to realize organizational benefits. In this post I’ll discuss some considerations for scaling GitHub Copilot. Continue reading Ingredients for scaling GitHub Copilot

Measuring the impact of Developer Experience and GitHub Copilot

Measuring the impact of Developer Experience and GitHub Copilot is a complex subject. Understanding leading and lagging indicators can help organizations measure the right things, and thus prove out the value of good Developer Experience in general, as well as the impact of GitHub Copilot. Continue reading Measuring the impact of Developer Experience and GitHub Copilot

Who needs GitHub Copilot?

Generative AI? Who needs it? You’re the consummate developer and nothing is beyond your staggering cognitive powers, so why would you need GitHub Copilot - or any copilot for that matter? Continue reading Who needs GitHub Copilot?

Mission Control - and what it means for DevSecOps

Culture, culture, culture - it eats DevSecOps for breakfast! But what sort of culture should organizations build to succeed at DevSecOps? In this post I take a look at Mission Control and what it means for DevSecOps culture. Continue reading Mission Control - and what it means for DevSecOps

Team Autonomy vs Enterprise Alignment

Tooling is an important aspect of DevSecOps - but culture dramatically influences how organization scale. In this post I’ll talk about a key cultural concept: Team Autonomy vs Enterprise Alignment. Continue reading Team Autonomy vs Enterprise Alignment

Spicy Takes 🌶️🌶️🌶️ on RSA 2023

I was recently at RSA for the first time. I have some spicy takes from the week. Continue reading Spicy Takes 🌶️🌶️🌶️ on RSA 2023

Using GitHub Copilot Effectively

GitHub Copilot is an AI pair programmer that can dramatically increase developer productivity. However, it is still a tool - and developers must learn how to frame Copilot’s capabilities in order to make the best use of it. Continue reading Using GitHub Copilot Effectively

Allowing Bypass of Secret Scanning Push Detections is a Good Thing

Secret Scanning Push Protection allows you to block pushes that contain secrets. These blocks can by bypassed, which may be surprising. However, allowing bypasses is actually a good thing! Continue reading Allowing Bypass of Secret Scanning Push Detections is a Good Thing

Fine Tuning CodeQL Scans using Query Filters

CodeQL is a fantastic Static Analysis Scanning Tool (SAST). It can be enabled quickly using Actions, but it can be hard to figure out how to fine-tune which queries are run. In this post I’ll cover using Query Filters to fine-tune your CodeQL scans. Continue reading Fine Tuning CodeQL Scans using Query Filters

Shift Left - How far is too far?

We’ve all heard the mantra to “shift left” - mainly for testing but also for security. Security scanning earlier (lefter 😸) in the process makes sense, but can you shift left too far? Continue reading Shift Left - How far is too far?

Using OIDC with Terraform in GitHub Actions

I’ve posted before about how to authenticate to Azure in GitHub Actions using OIDC. It should follow that Terraform templates would be easy to use - but there are some gotchas. Continue reading Using OIDC with Terraform in GitHub Actions

GHAS Will Win the AppSec Wars

GitHub Advanced Security is positioned to win the “AppSec Wars”. In this post I go over why I think this is the case. Continue reading GHAS Will Win the AppSec Wars

Runners, Runners - Everywhere!

Hosted runners for Actions are great - but there are some scenarios where you’ll need self-hosted runners, such as deploying to private networks. But how can you effectively manage your self-hosted runners? In this post I’ll cover some thoughts. Continue reading Runners, Runners - Everywhere!

Consuming Environment Secrets in Reusable Workflows

One canonical use of reusable workflows is a reusable deployment job. While this is definitely possible with reusable workflows, it’s not easy to get it working. In this post I’ll show you how to do it. Continue reading Consuming Environment Secrets in Reusable Workflows

Displaying Help for Custom CodeQL Queries

The latest release of CodeQL CLI now includes the ability to display help files for custom queries. In this post I walk through how to get your custom help files to display. Continue reading Displaying Help for Custom CodeQL Queries

GitHub Actions: Authenticate to Azure Without a Secret using OIDC

Authenticating to Azure in GitHub Actions requires a secret for a Service Principal. However, at Universe, GitHub released a new OIDC-based authentication mechanism that eliminates the need for secrets in secure deployments. Continue reading GitHub Actions: Authenticate to Azure Without a Secret using OIDC

Enforcing Reusable Workflows for Standardization

Reusable workflows are great, but how do you ensure that teams are using your reusable workflows? In this post I show how you can structure repos, teams and environments to ensure standardization for your workflows. Continue reading Enforcing Reusable Workflows for Standardization

Comparing Code Quality Metrics with Code Security

Code security is becoming more important for modern software development. What about code quality metrics? How do code quality metrics and code security compare and contrast? I’ll discuss some thoughts in this post. Continue reading Comparing Code Quality Metrics with Code Security

On Demand Ephemeral Self-Hosted Runners

Do you need to deploy to private VNets using GitHub Actions, but don’t want to have to keep self-hosted runners running all the time? In this post I show you how you can use Ephemeral Runners to create on-demand self-hosted runners. Continue reading On Demand Ephemeral Self-Hosted Runners

Musings on GitHub Actions Reusable Workflows

Newly released Reusable Workflows allows you to reuse workflows in your GitHub workflows. While this still has some limitations, it’s still better than copy/paste! Continue reading Musings on GitHub Actions Reusable Workflows

Create Azure DevOps Work Item Action

If you’re managing backlogs in Azure Boards but using GitHub Actions for CI/CD, you may have scenarios where you want to create Work Items from an Action. Continue reading Create Azure DevOps Work Item Action

Custom CodeQL

CodeQL is a powerful code scanning tool that can be integrated into your pipelines. In this post I show you some basics, as well as how to develop and integrate custom queries into your pipelines. Continue reading Custom CodeQL

Deployment with GitHub Actions: The Bad and the Ugly

GitHub Actions can be used for Continuous Deployment (CD) - but there are some rough edges. In this post I take you through a deep dive and lift the kimono on Actions. Continue reading Deployment with GitHub Actions: The Bad and the Ugly

DevOps Benefits of Limiting WIP

Generally limiting WIP is discussed in the context of work item tracking - but too much WIP has detrimental effects on branching, testing, architecture and technical debt too! Continue reading DevOps Benefits of Limiting WIP

Azure Pipelines for Private AKS Clusters

Creating private AKS clusters is a good step in hardening your Azure Kubernetes clusters. In this post I walk through the steps you’ll need to follow to enable deployment to private AKS clusters. Continue reading Azure Pipelines for Private AKS Clusters

Little's Law Doesn't Work

Little’s Law is well known, but not well understood. Daniel Vacanti has some deep insights into the assumptions that need to be made to make Little’s law “work” for you. Continue reading Little's Law Doesn't Work

az devops cli like a boss

One of the best features of Azure DevOps is the extensive API. However, while having a REST API is great, interacting with a service at HTTP level can be frustrating. In this post, I examine the az devops cli using 10 practical examples. Continue reading az devops cli like a boss

Hosting Code On Premises: GitHub Enterprise with Azure DevOps

Do you want to be on the latest DevOps platforms, but are required to keep source code on premises? In this post I talk about considerations for hosting GitHub Enterprise and Azure DevOps Server on premises. Continue reading Hosting Code On Premises: GitHub Enterprise with Azure DevOps

Azure DevOps Work Item Hierarchy Reports in PowerBI

In this post I show how you can query Work Item data and build hierarchical reports using PowerBI. Continue reading Azure DevOps Work Item Hierarchy Reports in PowerBI

LetsEncrypt Auto-Renewal For Azure Web Apps for Linux

In this post I show how I achieved automated LetsEncrypt cert registration and renewal for Azure Web Apps for Linux using nginx and CertBot. Continue reading LetsEncrypt Auto-Renewal For Azure Web Apps for Linux

ChatOps with GitHub Actions and Azure Web Apps

In this video, I show you how to use GitHub Actions to implement ChatOps with Azure Web Apps. Continue reading ChatOps with GitHub Actions and Azure Web Apps

Azure Pipeline Parameters

In this post I dive into parameters for Azure Pipelines. Continue reading Azure Pipeline Parameters

Executing JMeter Tests in an Azure Pipeline

Visual Studio Load Testing tools have been deprecated, along with Cloud Load Testing. In this post I investigate how to use JMeter as a load testing alternative. Continue reading Executing JMeter Tests in an Azure Pipeline

Azure Pipeline Variables

In this post I take a deep dive into Azure Pipeline variables. Continue reading Azure Pipeline Variables

Azure DevOps Build and Test Reports using OData and REST in PowerBI

Enterprise GitHub

Container DevOps: Beyond Build (Part 4) - Telemetry with Prometheus

Container DevOps: Beyond Build (Part 3) - Canary Testing

Container DevOps Beyond Build: Part 2 - Traefik

Container DevOps: Beyond Build (Part 1)

Container DevOps: Beyond Build (Part 5) - Prometheus Operator

Lessons about DevOps from 3D Printing

.NET Core Multi-Stage Dockerfile with Test and Code Coverage in Azure Pipelines

Modernizing Source Control - Migrating to Git

Implement an Azure DevOps Release Gate to ServiceNow

Pimp Your Consoles on Windows

Serverless Parallel Selenium Grid Testing with VSTS and Azure Container Instances

Terraform all the Things with VSTS

Managing Credentials and Secrets in VSTS Release Management

Auditing VSTS Client Access IPs

VSTS, One Team Project and Inverse Conway Maneuver

Tip: Creating Task Groups with Azure Service Endpoint Parameters

Using Chrome to Solve Identity Hell

Using VSTS to Test Python Code (with Code Coverage)

Using Linked ARM Templates with VSTS Release Management

Tips and Tricks for Complex IaaS Deployments Using VSTS Deployment Groups

A/B Testing with Azure Linux Web Apps for Containers

Configuring AAD Authentication to Azure SQL Databases

Protecting a VSTS Web Hook with Basic Authentication

DevOps with Kubernetes and VSTS: Part 1

DevOps with Kubernetes and VSTS: Part 2

Aurelia, Azure and VSTS

Testing in Production: Routing Traffic During a Release

New Task: Tag Build or Release

Easy Config Management when Deploying Azure Web Apps from VSTS

Running Selenium Tests in Docker using VSTS Release Management

DevOps Drives Better Architecture–Part 2 of 2

DevOps Drives Better Architecture–Part 1 of 2

You Suck: Or, How to Process Criticism

Managing Config for .NET Core Web App Deployments with Tokenizer and ReplaceTokens Tasks

End to End Walkthrough: Deploying Web Applications Using Team Build and Release Management

Using Release Management to Manage Ad-Hoc Deployments

Load Balancing DotNet Core Docker Containers with nginx

DacPac Change Report Task for VSTS Builds

Parallel Testing in a Selenium Grid with VSTS

Running the New DotNet Core VSTS Agent in a Docker Container

DotNet Core, VS 2015, VSTS and Docker

Updating XAML Release Builds after Upgrading Release Management Legacy from 2013 to 2015

Continuous Deployment of Service Fabric Apps using VSTS (or TFS)

AppInsights Analytics in the Real World

DevOps is a Culture, Not a Team

Staging Servers Must Die – Or Must They?

Building VS 2015 Setup Projects in Team Build

Config Per Environment vs Tokenization in Release Management

WebDeploy, Configs and Web Release Management

Docker DevOps

Continuous Deployment with Docker and Build vNext

Developing a Custom Build vNext Task: Part 1

Developing a Custom Build vNext Task: Part 2

Build vNext and SonarQube Runner: Dynamic Version Script

Azure Web Apps, Kudu Console and TcpPing

Release Management 2015 with Build vNext: Component to Artifact Name Matching and Other Fun Gotchas

Enable SAFe Features in Existing Team Projects After Upgrading to TFS 2015

PaaS and Time Compression in the Cloud

My First VSO Extension: Retry Build

Why You Should Switch to Build VNext

Aurelia, Karma and More VS Debugging Goodness

Aurelia – Debugging from within Visual Studio

Aurelia: Object Binding Without Dirty Checking

JSPM, NPM, Gulp and WebDeploy in a TeamBuild

Reflections on DSC for Release Management

Gulp – Workaround for Handling VS Solution Configuration

Don’t Just Fix It, Red-Green Refactor It!

Azure Outage – I was a victim too, dear Reader

Real Config Handling for DSC in RM

Using WebDeploy in vNext Releases

Moving to Northwest Cadence

Matching Binary Version to Build Number Version in TFS 2013 Builds

New vNext Config Variable Options in RM Update 4 RC

Source Control Operations During Deployments in Release Management

Test Result Traceability Matrix Tool

A Day of DevOps, Release Management, Software Quality and Agile Project Requirements Management

Branch Is Not Equal to Environment: CODE-PROD Branching Strategy

Bulk Migrate Work Item Comments, Links and Attachments

Install and Configure SQL Server using PowerShell DSC

More DSC Release Management Goodness: Readying a Webserver for Deployment

Using PowerShell DSC in Release Management: The Hidden Manual

PowerShell DSC: Remotely Configuring a Node to “RebootNodeIfNeeded”

Imaginet Timesheet: Time Tracking for TFS and Visual Studio Online

Enabling JavaScript Code Coverage Link in Builds

Colin’s ALM Corner – New Theme and Live Tiles

Colin’s ALM Corner – Updated Blog Engine

WebDeploy Gets Even More Awesome – Profile Specific Transforms

Application Insights Telemetry for WAWS or Customer-Hosted Sites Without MMA

Project Plans, Agile, Pizza and Startups

Integrating TFS and Project Server – Two Way Manual Sync

Fix: Release Management WebDeploy Deployment Fails: Access Denied

Fix: Release Management “Service Unavailable 503”

CrossBrowser Testing: ChromeDriver Window Hangs after Test

Error Handling Poor Man’s RunScript in 2012 Builds

Build Script Hooks for TFS 2012 Builds

WebDeploy and Release Management – The Proper Way

TFS 2013 Default Build – The GetEnvironmentVariable Activity

Monitoring Web Applications – Continuous IntelliTrace

Fix: You Open TfcvTemplate.12.xaml and Don’t See Any Parameters

Contributions to TFS Build Extensions

New Feature: Lightweight Query Charts in Web Access

Branch Info Team Explorer Extension (BITE) Now Available for VS 2013

Getting Results from Backlog Overview Report in TFS 2013 Preview

Fix: InRelease Demo “Hangs” on Keller’s 2013 Preview VM

Frequent Status Updates–What They Really Mean

Why You Absolutely Need to Unit Test

Adding Custom Team Field to MS Project Mappings

BITE–Branch Info Team Explorer Extension

IntelliTrace Tips and Tricks: IntelliTrace Everywhere

IntelliTrace Tips and Tricks: The Basics

Automated Builds–Why They’re Absolutely Essential (Part 2)

Automated Builds–Why They’re Absolutely Essential (Part 1)

Testing Windows 8 Applications

Improvements to Code Review Checkin Policy

Build Fails: Path Limit Exceeded

Enable Custom IntelliTrace Web Events with a Right-Click

Excel Sheet Showing Parent Items Whose Child Items Are All Closed

Test Case Manager: Customize Failure and Resolution Type

Failing Builds based on Code Coverage

Custom Build Task: Include Merged Changesets (and Work Items) in Build Report

TFS 2012 Upgrade Bugs–again?

Subtle MSF Agile Enhancement: Adding Bugs to the Backlogs

Custom Code Review Checkin Policy

Extending Hybrid Lab Workflow Virtual Hosts

Developing the Hybrid Lab Workflow

Hybrid Lab Workflow: Standard Lab Environment with Snapshots

MVP Status Renewed

TechDays and Jhb Training Class

Lab Management: Configuring Workgroup Lab Machines to a TFS on a Domain

Upgrading MSF Agile 5.0 to MSF Agile 6.0: Why does my velocity chart not work?

Unit Testing Javascript in VS 2012

Code Coverage doesn’t work with Fakes on Hosted Build

2012 Lab Management Standard Environment: Configuring UI Tests Agent Identity Problem

Build with a Hosted Build Controller: A First Attempt

Microsoft Fakes – Customizing the System Whitelist (or, enabling Fakes for classes you’ve always wanted to fake, like WebClient)

VS 2012 RC – Fakes Bugs Fixed

More on Fakes – the beta has issues

Using the Fakes Framework to Test TFS API Code (Part 2 of 2)

Using the Fakes Framework to Test TFS API Code (Part 1 of 2)

Code Monkey?

Using TFS ALM for Sharepoint Development (The Easy Way – with Lab Management)

Workspaces: Updating the owner

ISubscriber: Getting the TFS Url for Client Operations

WpfCell – The Key to Coded UI Automation of DataGrids

GenericAutomationPeer – Helping the Coded UI Framework Find Your Custom Controls

RunQuery won’t work for Hierarchical Queries

I’ve been made an MVP

Presenting at TechEd Africa 2011

TF50299: The value named ‘xxx’ was not found when evaluating a condition

Load Balancing Application Tiers on VMWare

Links to this series:

Links to this series:

Links to this series:

Links to this series:

QFE Fixes VS 2010 SP1 Bug on Test Agents

Imaginet (Notion Solutions) wins Microsoft Partner of the Year in the Application Lifecycle Management Category

Lab Management: Use Database Backups During Deployment for Repeatable Automated Tests

Using Powershell to Replace Config Settings in Lab Management

Running Lab Management with XP SP3 Machines

Running Load Tests in Lab Management: Perfmon Issues

Presenting @ DevDays SA 2011: Cape Town and Johannesburg

Automating Office Tasks in a TeamBuild

Lab management: The Dreaded “Unknown Error: 0x8033811e”

Monitoring Check-in Policy Overrides

TFS 2010 is Complete ALM

Default Team Build to Invoke Instead of Build

Build-Deploy-Test Workflow for Physical Environments

Using Data Generation Plans to create repeatable data for code unit tests

Using Indexed Published Symbols from TeamBuilds

ClickOnce Versioning and Deployment in a TeamBuild

Running Data-Driven Unit Tests with SpreadSheets on Sharepoint

Running DB Data Generation and Unit Tests in TeamBuild 2010