Infrastructure as Code (IaC) is now the standard way to manage and provision cloud resources, and Terraform is one of the most widely adopted tools to do this on Azure. But Terraform needs credentials to talk to Azure: client IDs, client secrets, certificates, tokens, subscription IDs, and more. Those credentials are extremely powerful. If they […]
Why CodeQL Belongs in Your DevSecOps Pipeline Static analysis is most effective when it runs where developers work. GitHub Actions provides native integration with CodeQL, enabling you to: Reference Workflow The workflow below scans supported languages on a nightly cadence and for every pull request targeting main. It stores the CodeQL database as an artifact for
You know, when I first started using Terraform and Infrastructure as Code on Azure, I honestly didn’t realize how crucial static code analysis could be. At the time, I was more focused on just getting things deployed quickly into Azure subscriptions and keeping costs down. But as our Azure footprint grew—more resource groups, more VNets,
Not a chance. I outsource that memory to kubectl and keep my brain for coffee orders and incident timelines. ☕🚀 Here’s how I look clever without memorizing a phone book of resources: 1) See every resource + its short name This shows NAME, SHORTNAMES, APIGROUP, NAMESPACED, KIND. 2) When you remember the full name and
Today, I’d like to share a practical example of working with HashiCorp Packer. This amazing open-source tool is used for creating identical machine images for multiple platforms from a single source configuration. In this case, we will focus on creating a custom image and pushing it to the Azure Compute Gallery. Let’s get started! Step
DevSecOps stands for Development, Security, and Operations. It is an evolution of the DevOps practice that integrates security practices throughout the software development lifecycle instead of treating security as an afterthought. In traditional software development, security reviews and testing often occur late in the release process. This approach can lead to vulnerabilities being discovered just
GitHub is a web-based hosting service for Git repositories that provides tools for collaboration, code review, and project management. It builds on Git by offering a central place to store and manage repositories, making it easy for teams to contribute from anywhere. What is GitHub? GitHub is more than just a hosting service for Git
Git is a distributed version control system that allows developers to track changes in source code while collaborating with others. It records every change made to a project, enabling you to explore previous versions and revert when necessary. Getting started with Git involves a few basic commands: These commands form the foundation for using Git