Testing how to use some container vulnerabilities scanners with Azure Pipelines

Vulnerability scanning allows us to review the security state of the container images and take actions to fix issues identified during the scan, resulting in more secure deployments. In this post I will be covering how you can use some of the most well-known scanners alongside with your Azure DevOps CI/CD YAML Pipelines.
Read more →

Setting up the SonarQube scanner when building a .NET Core container image

If you’re using containers quite probably you’re doing the build, test and analysis steps inside the Dockerfile, and setting up the SonarQube scanner when building the image can be a little more cumbersome than usual, and that’s why I wanted to write a little bit about it.
Read more →

Securing a graphQL API with Azure Active Directory

In today’s post I want to talk about how you can secure a .NET graphQL API that uses HotChocolate (https://chillicream.com/) with Azure Active Directory.
Read more →

Some common gotchas when trying to deploy a dotnet gRPC app to AWS ECS

Lately I’ve been deploying a sizable amount of gRPC services to AWS ECS so I thought it might be useful to talk a little bit about some gotchas I have encountered. Some of the problems I’ll be talking about on this post are specific of the .NET implementation of gRPC and another ones are from the AWS side.
Read more →

How to build a .NET template and use it within Visual Studio. Part 2: Creating a template package

This is a 2 part-series post. In part 2 I’ll show you how to convert a few .NET apps into .NET templates, package them together in a single NuGet pack and use them as templates within Visual Studio.
Read more →