Month: February 2022

Your CI/CD pipeline has more secrets than your production environment. It is a prime attack target. Top Security Controls OIDC Authentication: Use GitHub OIDC to assume AWS/Azure roles without storing long-lived credentials. Least Privilege: Build agents should only have permissions to push images, not modify IAM. Signed Commits: Require GPG-signed commits before triggering builds. Dependency […]

EF Core 7 introduces mapping JSON columns to complex types. The Address object is serialized to a JSON column in SQL Server/PostgreSQL. You can query inside it with LINQ!

The IaC space has matured. Here is my updated decision matrix. Criteria Terraform Bicep Pulumi Multi-Cloud ✅ Best ❌ Azure Only ✅ Good Language HCL DSL C#/TS/Python/Go State S3/Azure Blob Azure (ARM) Pulumi Cloud/Self-Hosted Testing Sentinel What-If Native Unit Tests My Verdict: If Azure-only, use Bicep. If multi-cloud or you want real programming language power, […]

Browsers cannot call gRPC directly (no HTTP/2 trailers). gRPC Transcoding exposes your gRPC service as a REST API automatically. Now GET /v1/hello/World calls the gRPC method. You maintain one codebase, two protocols.

Copy-pasting YAML between repos is a maintenance nightmare. Reusable Workflows solve this. Creating a Shared Workflow In a central repo (e.g., `my-org/.github`), create: Consuming It

Netflix popularized Chaos Engineering. In 2022, it should be standard practice. We deliberately inject failures to verify our systems handle them gracefully. Simmy Library Polly’s Simmy extension allows injecting faults in .NET. Run this in a staging environment and verify your retry logic, circuit breakers, and fallback mechanisms work correctly.