DEV Community: Antonio Di Motta The latest articles on DEV Community by Antonio Di Motta (@antdimot). https://dev.to/antdimot https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F40701%2F5ee78fab-e662-4117-bad2-8ec99b8ab10b.jpeg DEV Community: Antonio Di Motta https://dev.to/antdimot en MCP Server with .Net Antonio Di Motta Thu, 12 Mar 2026 22:52:52 +0000 https://dev.to/antdimot/mcp-server-with-net-5cih https://dev.to/antdimot/mcp-server-with-net-5cih <p>With the <a href="https://csharp.sdk.modelcontextprotocol.io" rel="noopener noreferrer">release 1.0 of the official ModelContextProtocol .Net SDK</a>, we are ready to make a MCP Server fully compliant with MCP specs and entirely in C#.</p> <p>As usually when I need to learn new stuffs I develop a simple demo around a real scenario. For the MCP Server I thought to build one for managing some data like customers, products and orders stored into a Postgres database.</p> <p>The MCP server provides the data on behalf of user prompt like:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> give me the customer list tell me the most expensive order how many USB-C Hub has been ordered ? give me the customer list without orders suggest a new product <span class="k">for </span>the customer Jane Smith add new order ..... </code></pre> </div> <p>The most important feature of MCP Server is the tool as function able to do something. Below an example of tool:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="p">[</span><span class="nf">McpServerTool</span><span class="p">(</span><span class="n">Name</span> <span class="p">=</span> <span class="s">"GetCustomer"</span><span class="p">),</span> <span class="nf">Description</span><span class="p">(</span><span class="s">"Retrieve a single customer from the database."</span><span class="p">)]</span> <span class="k">public</span> <span class="k">static</span> <span class="k">async</span> <span class="n">Task</span><span class="p">&lt;</span><span class="kt">object</span><span class="p">&gt;</span> <span class="nf">GetCustomer</span><span class="p">(</span><span class="n">AppDbContext</span> <span class="n">db</span><span class="p">,</span> <span class="n">CancellationToken</span> <span class="n">ct</span><span class="p">,</span> <span class="n">ILogger</span><span class="p">&lt;</span><span class="n">MCPTool</span><span class="p">&gt;</span> <span class="n">logger</span><span class="p">,</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"Full name of the customer to retrieve."</span><span class="p">)]</span> <span class="kt">string</span> <span class="n">fullName</span> <span class="p">){</span> <span class="n">logger</span><span class="p">.</span><span class="nf">LogDebug</span><span class="p">(</span> <span class="s">$"Executing GetCustomer tool with full name : </span><span class="p">{</span><span class="n">fullName</span> <span class="p">}</span><span class="s">"</span> <span class="p">);</span> <span class="kt">var</span> <span class="n">query</span> <span class="p">=</span> <span class="n">db</span><span class="p">.</span><span class="n">Customers</span><span class="p">.</span><span class="nf">AsNoTracking</span><span class="p">();</span> <span class="kt">var</span> <span class="n">result</span> <span class="p">=</span> <span class="k">await</span> <span class="n">query</span><span class="p">.</span><span class="nf">Where</span><span class="p">(</span><span class="n">c</span> <span class="p">=&gt;</span> <span class="p">(</span><span class="n">c</span><span class="p">.</span><span class="n">FirstName</span> <span class="p">+</span> <span class="s">" "</span> <span class="p">+</span> <span class="n">c</span><span class="p">.</span><span class="n">LastName</span><span class="p">)</span> <span class="p">==</span> <span class="n">fullName</span><span class="p">)</span> <span class="p">.</span><span class="nf">FirstOrDefaultAsync</span><span class="p">(</span><span class="n">ct</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">result</span> <span class="p">==</span> <span class="k">null</span><span class="p">)</span> <span class="k">return</span> <span class="s">$"Customer with full name </span><span class="p">{</span><span class="n">fullName</span><span class="p">}</span><span class="s"> not found."</span><span class="p">;</span> <span class="k">return</span> <span class="n">result</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>The example shows how to help llm to recognize the right tool by using specific custom attributes [McpServerTool].</p> <p>Another interesting feature is the prompt. I implemented one to create a model capable of handling requests that require more complex and detailed context for responses.</p> <p>Here an example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="p">[</span><span class="n">McpServerPrompt</span><span class="p">,</span> <span class="nf">Description</span><span class="p">(</span><span class="s">"Generate product suggestion for new order prompt"</span><span class="p">)]</span> <span class="k">public</span> <span class="k">static</span> <span class="n">IEnumerable</span><span class="p">&lt;</span><span class="n">ChatMessage</span><span class="p">&gt;</span> <span class="nf">SuggestProductByCustomer</span><span class="p">(</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"Full name of the customer"</span><span class="p">)]</span> <span class="kt">string</span> <span class="n">fullName</span> <span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">[</span> <span class="k">new</span><span class="p">(</span><span class="n">ChatRole</span><span class="p">.</span><span class="n">System</span><span class="p">,</span> <span class="s">"You are an assistant for an e-commerce platform. You help customers find products based on their preferences and past purchases."</span><span class="p">),</span> <span class="k">new</span><span class="p">(</span><span class="n">ChatRole</span><span class="p">.</span><span class="n">User</span><span class="p">,</span> <span class="s">$"Please suggest products for the customer with full name: </span><span class="p">{</span><span class="n">fullName</span><span class="p">}</span><span class="s">"</span><span class="p">),</span> <span class="k">new</span><span class="p">(</span><span class="n">ChatRole</span><span class="p">.</span><span class="n">Assistant</span><span class="p">,</span> <span class="s">"To suggest products for the customer, I will need to look up their past purchases and preferences in the database. I will use the GetCustomer and GetOrders tools to retrieve this information and then analyze it to find suitable product suggestions."</span><span class="p">)</span> <span class="p">];</span> <span class="p">}</span> </code></pre> </div> <p>The entire demo is available <a href="https://github.com/antdimot/aiworkshop/tree/main/session3/mcpserver" rel="noopener noreferrer">here</a>. It contains a dev setup environment which able to spin up quickly the Postgres database with already some test data.</p> <p>happy coding!</p> dotnet mcp ai Azure Key Vault for local development Antonio Di Motta Sun, 23 Jul 2023 16:01:05 +0000 https://dev.to/antdimot/azure-key-vault-for-local-development-4gga https://dev.to/antdimot/azure-key-vault-for-local-development-4gga <p>One of the most huge mistakes that a developer can do It's storing secrets (i.e. database connection string) directly into the source code repository and also forgetting one could be very dangerous.</p> <p>Ideally, all secrets should be stored and accessible by a secret manager (<a href="https://azure.microsoft.com/en-us/products/key-vault" rel="noopener noreferrer">Azure Key Vault</a>) and stored on repository only reference to right secret. On the other hand, the developer needs to use the secret's values on their configuration files (i.e. appSettings.json), so a fast way for retrieve them from Key Vault should be nice.</p> <p>To accomplish this operation I have developed a powershell script called Set-ValuesFromKeyVault, which I have included an example of using it below.</p> <h3> Example </h3> <p>We want replace the key vault references into the following json file:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"parent-property1"</span><span class="p">:</span><span class="w"> </span><span class="s2">"@Microsoft.KeyVault(SecretUri=https://&lt;&lt;your-keyvault-resource&gt;&gt;.vault.azure.net/secrets/&lt;&lt;your-secret1&gt;&gt;)"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Values"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"nested-property2"</span><span class="p">:</span><span class="w"> </span><span class="s2">"@Microsoft.KeyVault(SecretUri=https://&lt;&lt;your-keyvault-resource&gt;&gt;.vault.azure.net/secrets/&lt;&lt;your-secret2&gt;&gt;)"</span><span class="p">,</span><span class="w"> </span><span class="nl">"nested-property3"</span><span class="p">:</span><span class="w"> </span><span class="s2">"@Microsoft.KeyVault(SecretUri=https://&lt;&lt;your-keyvault-resource&gt;&gt;.vault.azure.net/secrets/&lt;&lt;your-secret3&gt;&gt;)"</span><span class="p">,</span><span class="w"> </span><span class="nl">"non-keyvault-binding-property"</span><span class="p">:</span><span class="w"> </span><span class="s2">"&lt;&lt;any-value&gt;&gt;"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>To do that, first establish a connection to an Azure account and than execute the powershell script as reported below:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="c"># connect to azure</span><span class="w"> </span><span class="n">Connect-AzAccount</span><span class="w"> </span><span class="c"># execute the replace on data.json file</span><span class="w"> </span><span class="o">.</span><span class="n">/Set-ValuesFromKeyVault.ps1</span><span class="w"> </span><span class="nt">-FileName</span><span class="w"> </span><span class="nx">data.json</span><span class="w"> </span></code></pre> </div> <p>The result will be a new json file called out.json within the secrets replaced as this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"parent-property1"</span><span class="p">:</span><span class="w"> </span><span class="s2">"&lt;&lt;your-secret1-value&gt;&gt;"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Values"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"nested-property2"</span><span class="p">:</span><span class="w"> </span><span class="s2">"&lt;&lt;your-secret2-value&gt;&gt;"</span><span class="p">,</span><span class="w"> </span><span class="nl">"nested-property3"</span><span class="p">:</span><span class="w"> </span><span class="s2">"&lt;&lt;your-secret3-value&gt;&gt;"</span><span class="p">,</span><span class="w"> </span><span class="nl">"non-keyvault-binding-property"</span><span class="p">:</span><span class="w"> </span><span class="s2">"&lt;&lt;any-value&gt;&gt;"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>The script is available on my <a href="https://github.com/antdimot/devops/tree/main/azure#azure-keyvault-powershell-script" rel="noopener noreferrer">repository</a>.</p> azure devops powershell The powershell way to validate Azure infrastructure Antonio Di Motta Sun, 19 Feb 2023 12:10:48 +0000 https://dev.to/antdimot/the-powershell-way-to-validate-azure-infrastructure-5blf https://dev.to/antdimot/the-powershell-way-to-validate-azure-infrastructure-5blf <p>One of the most important challenge in the cloud era is to use the flexibility provided in the most productive way possible for our projects. To help about this Microsoft provides a set of guiding tenets called <strong><em>Azure Well-Architected Framework</em></strong>, that can be used to improve the quality of a workload.</p> <p>The framework consists of five pillars of architectural excellence:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fh1yt1bl24zbu1hhr3eye.jpg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fh1yt1bl24zbu1hhr3eye.jpg" alt=" " width="800" height="445"></a></p> <p>The set of rules are available directly on <a href="https://learn.microsoft.com/en-gb/azure/architecture/framework" rel="noopener noreferrer">Microsoft documentation</a>.</p> <p>To validate an infrastructure about the following of rules, we can use <a href="https://learn.microsoft.com/en-us/azure/advisor/advisor-overview" rel="noopener noreferrer">Azure Advisor</a> which is able to make an assessment review of the resources provisioned by generating a set of recommendations.</p> <p>As devops I prefer an alternative way based on Powershell called <a href="https://github.com/Azure/PSRule.Rules.Azure" rel="noopener noreferrer">PSRule for Azure</a> which provides a suite of rules to validate resources and infrastructure as code (IaC) using PSRule. It provides two methods for analyzing Azure resources:</p> <ul> <li> <em>Pre-flight</em> - Before resources are deployed from Azure Resource Manager templates.</li> <li> <em>In-flight</em> - After resources are deployed to an Azure subscription.</li> </ul> <p>Below an example of In-flight use:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="c"># STEP 1: Install PSRule.Rules.Azure from the PowerShell Gallery</span><span class="w"> </span><span class="n">Install-Module</span><span class="w"> </span><span class="nt">-Name</span><span class="w"> </span><span class="s1">'PSRule.Rules.Azure'</span><span class="w"> </span><span class="nt">-Scope</span><span class="w"> </span><span class="nx">CurrentUser</span><span class="p">;</span><span class="w"> </span><span class="c"># STEP 2: Authenticate to Azure, only required if not currently connected</span><span class="w"> </span><span class="n">Connect-AzAccount</span><span class="p">;</span><span class="w"> </span><span class="c"># Confirm the current subscription context</span><span class="w"> </span><span class="n">Get-AzContext</span><span class="p">;</span><span class="w"> </span><span class="c"># STEP 3: Exports a resource graph stored as JSON for analysis</span><span class="w"> </span><span class="n">Export-AzRuleData</span><span class="w"> </span><span class="nt">-OutputPath</span><span class="w"> </span><span class="s1">'out/templates/'</span><span class="p">;</span><span class="w"> </span><span class="c"># STEP 4: Run analysis against exported data</span><span class="w"> </span><span class="n">Invoke-PSRule</span><span class="w"> </span><span class="nt">-InputPath</span><span class="w"> </span><span class="s1">'out/templates/'</span><span class="w"> </span><span class="nt">-Module</span><span class="w"> </span><span class="s1">'PSRule.Rules.Azure'</span><span class="w"> </span><span class="o">-As</span><span class="w"> </span><span class="nx">Summary</span><span class="p">;</span><span class="w"> </span><span class="n">RuleName</span><span class="w"> </span><span class="nx">Pass</span><span class="w"> </span><span class="nx">Fail</span><span class="w"> </span><span class="nx">Outcome</span><span class="w"> </span><span class="o">--------</span><span class="w"> </span><span class="o">----</span><span class="w"> </span><span class="o">----</span><span class="w"> </span><span class="o">-------</span><span class="w"> </span><span class="n">Azure.ACR.MinSku</span><span class="w"> </span><span class="nx">0</span><span class="w"> </span><span class="nx">1</span><span class="w"> </span><span class="nx">Fail</span><span class="w"> </span><span class="n">Azure.AppService.PlanInstanceCount</span><span class="w"> </span><span class="nx">0</span><span class="w"> </span><span class="nx">1</span><span class="w"> </span><span class="nx">Fail</span><span class="w"> </span><span class="n">Azure.AppService.UseHTTPS</span><span class="w"> </span><span class="nx">0</span><span class="w"> </span><span class="nx">2</span><span class="w"> </span><span class="nx">Fail</span><span class="w"> </span><span class="n">Azure.Resource.UseTags</span><span class="w"> </span><span class="nx">73</span><span class="w"> </span><span class="nx">36</span><span class="w"> </span><span class="nx">Fail</span><span class="w"> </span><span class="n">Azure.SQL.ThreatDetection</span><span class="w"> </span><span class="nx">0</span><span class="w"> </span><span class="nx">1</span><span class="w"> </span><span class="nx">Fail</span><span class="w"> </span><span class="n">Azure.SQL.Auditing</span><span class="w"> </span><span class="nx">0</span><span class="w"> </span><span class="nx">1</span><span class="w"> </span><span class="nx">Fail</span><span class="w"> </span><span class="n">Azure.Storage.UseReplication</span><span class="w"> </span><span class="nx">1</span><span class="w"> </span><span class="nx">7</span><span class="w"> </span><span class="nx">Fail</span><span class="w"> </span><span class="n">Azure.Storage.SecureTransferRequ...</span><span class="w"> </span><span class="nx">2</span><span class="w"> </span><span class="nx">6</span><span class="w"> </span><span class="nx">Fail</span><span class="w"> </span><span class="n">Azure.Storage.SoftDelete</span><span class="w"> </span><span class="nx">0</span><span class="w"> </span><span class="nx">8</span><span class="w"> </span><span class="nx">Fail</span><span class="w"> </span></code></pre> </div> <p>Some examples of PSRule for Azure module usage are:</p> <ul> <li><a href="https://github.com/Azure/PSRule.Rules.Azure/blob/main/docs/scenarios/azure-pipelines-ci/azure-pipelines-ci.md" rel="noopener noreferrer">Validate Azure resources from templates with Azure Pipelines</a></li> <li><a href="https://github.com/Azure/PSRule.Rules.Azure/blob/main/docs/scenarios/azure-template-ci/azure-template-ci.md" rel="noopener noreferrer">Validate Azure resources from templates with continuous integration (CI)</a></li> <li><a href="https://azure.github.io/PSRule.Rules.Azure/customization/enforce-custom-tags/" rel="noopener noreferrer">Create a custom rule to enforce Resource Group tagging</a></li> <li><a href="https://azure.github.io/PSRule.Rules.Azure/customization/enforce-codeowners/" rel="noopener noreferrer">Create a custom rule to enforce code ownership</a></li> </ul> azure powershell devops Managing Powershell collections graphically Antonio Di Motta Sat, 28 Jan 2023 15:36:25 +0000 https://dev.to/antdimot/managing-powershell-collections-graphically-5ghe https://dev.to/antdimot/managing-powershell-collections-graphically-5ghe <p>One of the most interesting features of Powershell is manipulation of data as object collections, which is a feature inherited from the .net platform.</p> <p>A collection (eg array) can be the result of powershell command and it could contain a lot of objects but only a subset of them could be interesting. To facilitate the selection of data subset, exists a Powershell Cmdlet console-based GUI called <a href="https://github.com/PowerShell/GraphicalTools" rel="noopener noreferrer">Out-ConsoleGridView</a>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="c"># installation</span><span class="w"> </span><span class="n">Install-Module</span><span class="w"> </span><span class="nx">Microsoft.PowerShell.ConsoleGuiTools</span><span class="w"> </span><span class="c"># usage example1:</span><span class="w"> </span><span class="n">PS</span><span class="w"> </span><span class="nx">C:\</span><span class="err">&gt;</span><span class="w"> </span><span class="nx">Get-Process</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">Out-ConsoleGridView</span><span class="w"> </span></code></pre> </div> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmzkl8scbco9y1gwete5o.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmzkl8scbco9y1gwete5o.png" alt=" " width="748" height="666"></a></p> <p>As you can see the tool is always integrated into the terminal because it has built on a cross platform UI toolkit based on a fantastic open source project called <a href="https://github.com/gui-cs/Terminal.Gui" rel="noopener noreferrer">Terminal.Gui</a>. Now you can select the objects by using space bar and than confirm the selection with enter.<br> The result will be:<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fl7cos3f1ccue72rnxbjp.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fl7cos3f1ccue72rnxbjp.png" alt=" " width="660" height="175"></a></p> <p>As you noted the result its still a collection so we can use it by pipe with another Powershell command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="c"># usage example2:</span><span class="w"> </span><span class="n">PS</span><span class="w"> </span><span class="nx">C:\</span><span class="err">&gt;</span><span class="w"> </span><span class="nx">Get-Process</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">Out-ConsoleGridView</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">Export-Csv</span><span class="w"> </span><span class="nt">-Path</span><span class="w"> </span><span class="o">.</span><span class="nx">\ProcessLog.csv</span><span class="w"> </span></code></pre> </div> powershell devops Powershell Secret Store Antonio Di Motta Tue, 10 Jan 2023 10:46:34 +0000 https://dev.to/antdimot/powershell-secret-store-1g9m https://dev.to/antdimot/powershell-secret-store-1g9m <p>As devops I have to use a lot of secrets for managing my projects which are complex and requires several environments (dev,sit,uat,e2e,prod...), so the number of secrets to manage can grow quickly.</p> <p>Where to store secrets Its important because are critical information and incorrect management can create huge problems for the security of the applications. When deploy the application we use a secret management service like Azure Key Vault, but what can we do with secrets saved on personal machine? If you are using a simple plain text file then you are making a mistake.</p> <p>A better idea is also have Key Vault on personal machine, so I decided to use <a href="https://github.com/powershell/SecretStore" rel="noopener noreferrer">Powershell Secret Store</a> which is an extension vault module for the PowerShell SecretManagement module. It stores secrets locally on file for the current user account context, and uses .NET crypto APIs to encrypt file contents. Secrets remain encrypted in-memory, and are only decrypted when retrieved and passed to the user. </p> <p>Next an example of use:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="c"># install secret management module</span><span class="w"> </span><span class="n">Install-Module</span><span class="w"> </span><span class="nt">-Name</span><span class="w"> </span><span class="nx">Microsoft.PowerShell.SecretManagement</span><span class="w"> </span><span class="c"># install extension vault to store secrets to the local machine</span><span class="w"> </span><span class="n">Install-Module</span><span class="w"> </span><span class="nt">-Name</span><span class="w"> </span><span class="nx">Microsoft.PowerShell.SecretStore</span><span class="w"> </span><span class="c"># register a new local secret store</span><span class="w"> </span><span class="n">Register-SecretVault</span><span class="w"> </span><span class="nt">-Name</span><span class="w"> </span><span class="nx">mySecretStore</span><span class="w"> </span><span class="nt">-ModuleName</span><span class="w"> </span><span class="nx">Microsoft.PowerShell.SecretStore</span><span class="w"> </span><span class="nt">-DefaultVault</span><span class="w"> </span><span class="c"># add two secrets to mySecretStore </span><span class="w"> </span><span class="n">Set-Secret</span><span class="w"> </span><span class="nx">secret1</span><span class="w"> </span><span class="nt">-Vault</span><span class="w"> </span><span class="nx">mySecretStore</span><span class="w"> </span><span class="nt">-Secret</span><span class="w"> </span><span class="s2">"this-is-the-value-for-secret1"</span><span class="w"> </span><span class="nt">-metadata</span><span class="w"> </span><span class="p">@{</span><span class="s2">"envname"</span><span class="o">=</span><span class="s2">"dev"</span><span class="p">;</span><span class="s2">"varname"</span><span class="o">=</span><span class="s2">"var1"</span><span class="p">}</span><span class="w"> </span><span class="n">Set-Secret</span><span class="w"> </span><span class="nx">secret2</span><span class="w"> </span><span class="nt">-Vault</span><span class="w"> </span><span class="nx">mySecretStore</span><span class="w"> </span><span class="nt">-Secret</span><span class="w"> </span><span class="s2">"this-is-the-value-for-secret2"</span><span class="w"> </span><span class="nt">-metadata</span><span class="w"> </span><span class="p">@{</span><span class="s2">"envname"</span><span class="o">=</span><span class="s2">"dev"</span><span class="p">;</span><span class="s2">"varname"</span><span class="o">=</span><span class="s2">"var2"</span><span class="p">}</span><span class="w"> </span><span class="c"># show the list of secrets stored into mySecretStore</span><span class="w"> </span><span class="n">PS</span><span class="w"> </span><span class="err">&gt;</span><span class="w"> </span><span class="nx">get-secretinfo</span><span class="w"> </span><span class="nt">-vault</span><span class="w"> </span><span class="nx">mySecretStore</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">fl</span><span class="w"> </span><span class="n">Name</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="nx">secret1</span><span class="w"> </span><span class="kr">Type</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="nx">VaultName</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="nx">mySecretStore</span><span class="w"> </span><span class="n">Metadata</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="p">{[</span><span class="n">varname</span><span class="p">,</span><span class="w"> </span><span class="n">var1</span><span class="p">],</span><span class="w"> </span><span class="p">[</span><span class="n">envname</span><span class="p">,</span><span class="w"> </span><span class="n">dev</span><span class="p">]}</span><span class="w"> </span><span class="n">Name</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="nx">secret2</span><span class="w"> </span><span class="kr">Type</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="nx">VaultName</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="nx">mySecretStore</span><span class="w"> </span><span class="n">Metadata</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="p">{[</span><span class="n">varname</span><span class="p">,</span><span class="w"> </span><span class="n">var2</span><span class="p">],</span><span class="w"> </span><span class="p">[</span><span class="n">envname</span><span class="p">,</span><span class="w"> </span><span class="n">dev</span><span class="p">]}</span><span class="w"> </span><span class="c"># retrieve secret value</span><span class="w"> </span><span class="n">PS</span><span class="w"> </span><span class="err">&gt;</span><span class="w"> </span><span class="nx">get-secret</span><span class="w"> </span><span class="nx">secret1</span><span class="w"> </span><span class="nt">-vault</span><span class="w"> </span><span class="nx">mySecretStore</span><span class="w"> </span><span class="nt">-asplaintext</span><span class="w"> </span><span class="n">this-is-the-value-for-secret1</span><span class="w"> </span></code></pre> </div> <p>As you noted Its possible define a set of metadata for each secret, so I decided to use this capability for improving the process of secret retrieve. For example, I defined an envname for better separation of contexts and varname to automate the process of the powershell variables creation to store the secrets in memory.</p> <p>I implemented this logic into a function called <em>Set-VariablesFromVault</em> which is able retrieve secrets by envname and store them into variables with name format envname_varname. Below an example of use:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="c"># import my functions for loading secrets</span><span class="w"> </span><span class="n">Import-Module</span><span class="w"> </span><span class="o">.</span><span class="nx">\ADMsecret.psm1</span><span class="w"> </span><span class="c"># create powershell variables with secret values based metadata envname and varname</span><span class="w"> </span><span class="n">Set-VariablesFromVault</span><span class="w"> </span><span class="nt">-vaultname</span><span class="w"> </span><span class="nx">mySecretStore</span><span class="w"> </span><span class="nt">-envname</span><span class="w"> </span><span class="nx">dev</span><span class="w"> </span><span class="c"># check the results</span><span class="w"> </span><span class="n">PS</span><span class="w"> </span><span class="err">&gt;</span><span class="w"> </span><span class="nx">get-variable</span><span class="w"> </span><span class="n">Name</span><span class="w"> </span><span class="nx">Value</span><span class="w"> </span><span class="o">----</span><span class="w"> </span><span class="o">-----</span><span class="w"> </span><span class="n">dev_var1</span><span class="w"> </span><span class="nx">this-is-the-value-for-secret1</span><span class="w"> </span><span class="n">dev_var2</span><span class="w"> </span><span class="nx">this-is-the-value-for-secret2</span><span class="w"> </span><span class="o">......................................................</span><span class="w"> </span></code></pre> </div> <p>The code of <em>Set-VariablesFromVault</em> is available <a href="https://github.com/antdimot/devops/tree/main/powershell/secret" rel="noopener noreferrer">here</a></p> powershell secret devops PowerShell Secret Management Antonio Di Motta Thu, 17 Nov 2022 16:17:54 +0000 https://dev.to/antdimot/powershell-secret-management-1733 https://dev.to/antdimot/powershell-secret-management-1733 <p>A secret management is the best way for securely storing and accessing secrets which are anything that you want to tightly control access to, such as API keys, passwords, certificates, or cryptographic keys.</p> <p>All major cloud providers have a secret management service, for instance <a href="https://azure.microsoft.com/en-us/products/key-vault/" rel="noopener noreferrer">Azure Key Vault</a> and <a href="https://aws.amazon.com/secrets-manager/" rel="noopener noreferrer">AWS Secrets Manager</a>. Usually the common way for managing these services is by web portal or CLI.</p> <p>Another way to manage secrets is by using <strong><a href="https://github.com/powershell/SecretManagement" rel="noopener noreferrer">PowerShell SecretManagement Module</a></strong>. Next the description of the module grabbed directly from the github repository:</p> <blockquote> <p><em>"PowerShell SecretManagement module provides a convenient way for an user to store and retrieve secrets. The secrets are stored in SecretManagement extension vaults. An extension vault is a PowerShell module that has been registered to SecretManagement. An extension vault can store secrets locally or remotely. Extension vaults are registered to the current logged in user context, and will be available only to that user (unless also registered to other users)."</em></p> </blockquote> <p>Now, I'm going to describe how to manage secrets stored on <a href="https://azure.microsoft.com/en-us/products/key-vault/" rel="noopener noreferrer">Azure Key Vault</a>. </p> <p>Step 1, install the required modules:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="c"># install secretmanagement module</span><span class="w"> </span><span class="n">PS</span><span class="w"> </span><span class="err">&gt;</span><span class="w"> </span><span class="nx">Install-Module</span><span class="w"> </span><span class="nt">-Name</span><span class="w"> </span><span class="nx">Microsoft.PowerShell.SecretManagement</span><span class="w"> </span><span class="c"># install extension vault provider for Azure KeyVault</span><span class="w"> </span><span class="n">PS</span><span class="w"> </span><span class="err">&gt;</span><span class="w"> </span><span class="nx">Install-Module</span><span class="w"> </span><span class="nt">-Name</span><span class="w"> </span><span class="nx">Az.KeyVault</span><span class="w"> </span><span class="c"># tip to find the extension vault providers available</span><span class="w"> </span><span class="n">PS</span><span class="w"> </span><span class="err">&gt;</span><span class="w"> </span><span class="nx">Find-Module</span><span class="w"> </span><span class="nt">-tag</span><span class="w"> </span><span class="s2">"SecretManagement"</span><span class="w"> </span></code></pre> </div> <p>Step 2, register the extension vault to the current user:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="n">PS</span><span class="w"> </span><span class="err">&gt;</span><span class="w"> </span><span class="nv">$subId</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"&lt;&lt;keyvault-subscriptionid&gt;&gt;"</span><span class="w"> </span><span class="n">PS</span><span class="w"> </span><span class="err">&gt;</span><span class="w"> </span><span class="nv">$vaultName</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"&lt;&lt;keyvault-name&gt;&gt;"</span><span class="w"> </span><span class="n">PS</span><span class="w"> </span><span class="err">&gt;</span><span class="w"> </span><span class="nx">Register-SecretVault</span><span class="w"> </span><span class="nt">-Name</span><span class="w"> </span><span class="nx">myAzKV</span><span class="w"> </span><span class="nt">-ModuleName</span><span class="w"> </span><span class="nx">Az.KeyVault</span><span class="w"> </span><span class="nt">-VaultParameters</span><span class="w"> </span><span class="p">@{</span><span class="nx">AZKVaultName</span><span class="o">=</span><span class="nv">$vaultName</span><span class="p">;</span><span class="nx">SubscriptionId</span><span class="o">=</span><span class="nv">$subId</span><span class="p">}</span><span class="w"> </span><span class="c"># tip to show the list of extension vault registered (can have more)</span><span class="w"> </span><span class="n">PS</span><span class="w"> </span><span class="err">&gt;</span><span class="w"> </span><span class="nx">Get-SecretVault</span><span class="w"> </span><span class="n">Name</span><span class="w"> </span><span class="nx">ModuleName</span><span class="w"> </span><span class="nx">IsDefaultVault</span><span class="w"> </span><span class="o">----</span><span class="w"> </span><span class="o">----------</span><span class="w"> </span><span class="o">--------------</span><span class="w"> </span><span class="n">myAzKV</span><span class="w"> </span><span class="nx">Az.KeyVault</span><span class="w"> </span><span class="nx">True</span><span class="w"> </span></code></pre> </div> <p>Step 3, show the secrets currently stored on registered extension vault:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="c"># get list of secrets</span><span class="w"> </span><span class="n">PS</span><span class="w"> </span><span class="err">&gt;</span><span class="w"> </span><span class="nx">Get-SecretInfo</span><span class="w"> </span><span class="n">Name</span><span class="w"> </span><span class="nx">Type</span><span class="w"> </span><span class="nx">VaultName</span><span class="w"> </span><span class="o">----</span><span class="w"> </span><span class="o">----</span><span class="w"> </span><span class="o">---------</span><span class="w"> </span><span class="n">key1</span><span class="w"> </span><span class="nx">Unknown</span><span class="w"> </span><span class="nx">myAzKV</span><span class="w"> </span><span class="n">key2</span><span class="w"> </span><span class="nx">Unknown</span><span class="w"> </span><span class="nx">myAzKV</span><span class="w"> </span></code></pre> </div> <p>Step 4, store a new secret<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="n">PS</span><span class="w"> </span><span class="err">&gt;</span><span class="w"> </span><span class="nx">Set-Secret</span><span class="w"> </span><span class="nx">key3</span><span class="w"> </span><span class="nt">-Vault</span><span class="w"> </span><span class="nx">myAzKV</span><span class="w"> </span><span class="n">cmdlet</span><span class="w"> </span><span class="nx">Set-Secret</span><span class="w"> </span><span class="nx">at</span><span class="w"> </span><span class="nx">command</span><span class="w"> </span><span class="nx">pipeline</span><span class="w"> </span><span class="nx">position</span><span class="w"> </span><span class="nx">1</span><span class="w"> </span><span class="n">Supply</span><span class="w"> </span><span class="nx">values</span><span class="w"> </span><span class="nx">for</span><span class="w"> </span><span class="nx">the</span><span class="w"> </span><span class="nx">following</span><span class="w"> </span><span class="nx">parameters:</span><span class="w"> </span><span class="n">SecureStringSecret:</span><span class="w"> </span><span class="o">***********</span><span class="w"> </span><span class="c"># tip add metadata to secret</span><span class="w"> </span><span class="n">PS</span><span class="w"> </span><span class="err">&gt;</span><span class="w"> </span><span class="nx">Set-SecretInfo</span><span class="w"> </span><span class="nx">key3</span><span class="w"> </span><span class="nt">-Metadata</span><span class="w"> </span><span class="p">@{</span><span class="s2">"purpose"</span><span class="o">=</span><span class="s2">"demo"</span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Step 5, retrieve the contents of a secret<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="c"># get secret contents</span><span class="w"> </span><span class="n">PS</span><span class="w"> </span><span class="err">&gt;</span><span class="w"> </span><span class="nx">Get-Secret</span><span class="w"> </span><span class="nx">key3</span><span class="w"> </span><span class="nt">-AsPlainText</span><span class="w"> </span><span class="nt">-vault</span><span class="w"> </span><span class="nx">myAzKV</span><span class="w"> </span><span class="n">Hello</span><span class="w"> </span><span class="nx">World</span><span class="w"> </span></code></pre> </div> <p>Thanks for reading!</p> powershell azure secret Expand-JsonFile Antonio Di Motta Mon, 17 Oct 2022 17:40:54 +0000 https://dev.to/antdimot/expand-jsonfile-53l2 https://dev.to/antdimot/expand-jsonfile-53l2 <p>Json format is an amazing way to define things, so devs often use it into the code repository to describe entities. Devops also uses json files to configure application or other stuff.</p> <p>Proliferation of the number of json files and inconsistent data could be a problem, so to avoid them I have created a small powershell script that is able to resolve expressions contained into json file. The expression defines the correlation between different files.</p> <p>Example:</p> <p>Into the data folder there are three json files:</p> <ul> <li>customers.json (which contains a set of customer)</li> <li>products.json (which contains a set of product)</li> <li>orders.json (which contains a set of order)</li> </ul> <p>The <em>orders.json</em> has two properties (product and customer) which need to be calculated by evaluating a reference expression:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">//</span><span class="w"> </span><span class="err">orders.json</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"created"</span><span class="p">:</span><span class="s2">"2022-10-15T09:00:00"</span><span class="p">,</span><span class="w"> </span><span class="nl">"product"</span><span class="p">:</span><span class="s2">"[data/products(pid=1).title]"</span><span class="p">,</span><span class="w"> </span><span class="nl">"quantity"</span><span class="p">:</span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="nl">"customer"</span><span class="p">:</span><span class="s2">"[data/customers(cid=3).name]"</span><span class="p">,</span><span class="w"> </span><span class="nl">"notes"</span><span class="p">:</span><span class="s2">"this is a note"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"created"</span><span class="p">:</span><span class="s2">"2022-10-15T10:00:00"</span><span class="p">,</span><span class="w"> </span><span class="nl">"product"</span><span class="p">:</span><span class="s2">"[data/products(pid=2).title]"</span><span class="p">,</span><span class="w"> </span><span class="nl">"quantity"</span><span class="p">:</span><span class="mi">2</span><span class="p">,</span><span class="w"> </span><span class="nl">"customer"</span><span class="p">:</span><span class="s2">"[data/customers(cid=3).name]"</span><span class="p">,</span><span class="w"> </span><span class="nl">"notes"</span><span class="p">:</span><span class="s2">"this is a note2"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span></code></pre> </div> <p>The function <strong>Expand-JsonFile</strong> evaluates the reference expressions contained in the orders.json file and produce a new file:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="n">import-module</span><span class="w"> </span><span class="nt">-name</span><span class="w"> </span><span class="o">.</span><span class="nx">\ADMjson.psm1</span><span class="w"> </span><span class="nt">-Force</span><span class="w"> </span><span class="n">Expand-JsonFile</span><span class="w"> </span><span class="nt">-SourceFile</span><span class="w"> </span><span class="nx">data/orders.json</span><span class="w"> </span><span class="nt">-TargetFile</span><span class="w"> </span><span class="nx">data/orders_expanded.json</span><span class="w"> </span></code></pre> </div> <p>The result json file contains property values:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">//</span><span class="w"> </span><span class="err">orders_expanded.json</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"created"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2022-10-15T09:00:00"</span><span class="p">,</span><span class="w"> </span><span class="nl">"product"</span><span class="p">:</span><span class="w"> </span><span class="s2">"xbox"</span><span class="p">,</span><span class="w"> </span><span class="nl">"quantity"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="nl">"customer"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Paperino"</span><span class="p">,</span><span class="w"> </span><span class="nl">"notes"</span><span class="p">:</span><span class="w"> </span><span class="s2">"this is a note"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"created"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2022-10-15T10:00:00"</span><span class="p">,</span><span class="w"> </span><span class="nl">"product"</span><span class="p">:</span><span class="w"> </span><span class="s2">"playstation"</span><span class="p">,</span><span class="w"> </span><span class="nl">"quantity"</span><span class="p">:</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="w"> </span><span class="nl">"customer"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Paperino"</span><span class="p">,</span><span class="w"> </span><span class="nl">"notes"</span><span class="p">:</span><span class="w"> </span><span class="s2">"this is a note2"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span></code></pre> </div> <p>The script code is available <a href="https://github.com/antdimot/devops/tree/main/powershell" rel="noopener noreferrer">here</a></p> json powershell devops Postgres environment with docker-compose Antonio Di Motta Fri, 08 Jul 2022 21:08:15 +0000 https://dev.to/antdimot/postgres-environment-with-docker-compose-17pl https://dev.to/antdimot/postgres-environment-with-docker-compose-17pl <p>Are you looking for a way to start a new development environment quickly? If this is the case this article could be useful for you.</p> <p>Summarizing the Wikipedia definition, an environment is a set of resources able to run a software solution. Generally its possible to have many environments each of which has specific goal. For instance, development (dev), system integration test (sit), end to end test (e2e), user acceptance test (uat) and production (prod). All of these must be completely isolated each other, for example we should be sure that the front-end of sit is not able to connect to database of e2e. To do that, we have to design the network system and storage system to avoid any overlaps even if it happens accidentally and if we have many environments it can become a hard job.</p> <p>Docker-compose is a great tool to start an environment creating all compute resources to run the solution but also the infrastructure resources like networking and storage ready to guarantee the isolation required. To prove this, I wrote a <a href="https://docs.docker.com/compose/" rel="noopener noreferrer">docker-compose</a> yaml file which is able to start a solution based on:</p> <ul> <li> <a href="https://www.postgresql.org/" rel="noopener noreferrer">Postgres</a>, as database server</li> <li> <a href="https://www.pgadmin.org/" rel="noopener noreferrer">Pgadmin</a>, as postgres management tool</li> <li> <a href="https://www.nginx.com/" rel="noopener noreferrer">NGinx</a>, as reverse proxy</li> </ul> <p>Next, I parametrized the composer yaml with a .env properties file which contains some environment parameters:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>ENV_NAME=&lt;&lt;environment-name&gt;&gt; NGINX_RELEASE=1.21 NGINX_HOSTPORT=8081 POSTGRES_RELEASE=12 POSTGRES_USER=&lt;&lt;postgres-user&gt;&gt; POSTGRES_PASSWORD=&lt;&lt;postgres-password&gt;&gt; PGADMIN_RELEASE=latest PGADMIN_EMAIL=&lt;&lt;pgadmin-user&gt;&gt; PGADMIN_PASSWORD=&lt;&lt;pgadmin-password&gt;&gt; </code></pre> </div> <p>The most important of them is the first one <strong>ENV_NAME</strong> is used for identify the scope of networks, volumes and containers. Below an example of how to use it.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># Use postgres/example user/password credentials</span> <span class="na">version</span><span class="pi">:</span> <span class="s1">'</span><span class="s">3.7'</span> <span class="na">services</span><span class="pi">:</span> <span class="na">proxy</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">nginx:${NGINX_RELEASE}</span> <span class="na">container_name</span><span class="pi">:</span> <span class="s">${ENV_NAME}_nginx</span> <span class="na">restart</span><span class="pi">:</span> <span class="s">unless-stopped</span> <span class="na">environment</span><span class="pi">:</span> <span class="na">NGINX_HOST</span><span class="pi">:</span> <span class="s">${ENV_NAME}</span> <span class="na">NGINX_PORT</span><span class="pi">:</span> <span class="s">${NGINX_HOSTPORT}</span> <span class="na">networks</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">frontend</span> <span class="na">volumes</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">./config/templates:/etc/nginx/templates</span> <span class="pi">-</span> <span class="s">./config/certs:/etc/nginx/certs</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">${NGINX_HOSTPORT}:${NGINX_HOSTPORT}</span> <span class="pi">-</span> <span class="s">443:443</span> <span class="na">pgadmin</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">dpage/pgadmin4:${PGADMIN_RELEASE}</span> <span class="na">container_name</span><span class="pi">:</span> <span class="s">${ENV_NAME}_pgadmin</span> <span class="na">depends_on</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">postgres</span> <span class="na">environment</span><span class="pi">:</span> <span class="na">PGADMIN_DEFAULT_EMAIL</span><span class="pi">:</span> <span class="s">${PGADMIN_EMAIL}</span> <span class="na">PGADMIN_DEFAULT_PASSWORD</span><span class="pi">:</span> <span class="s">${PGADMIN_PASSWORD}</span> <span class="na">networks</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">frontend</span> <span class="pi">-</span> <span class="s">backend</span> <span class="na">volumes</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">pga_data:/var/lib/pgadmin</span> <span class="na">postgres</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">postgres:${POSTGRES_RELEASE}</span> <span class="na">container_name</span><span class="pi">:</span> <span class="s">${ENV_NAME}_postgres</span> <span class="na">restart</span><span class="pi">:</span> <span class="s">always</span> <span class="na">environment</span><span class="pi">:</span> <span class="na">POSTGRES_USER</span><span class="pi">:</span> <span class="s">${POSTGRES_USER}</span> <span class="na">POSTGRES_PASSWORD</span><span class="pi">:</span> <span class="s">${POSTGRES_PASSWORD}</span> <span class="na">volumes</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">ps_data:/var/lib/postgresql/data</span> <span class="na">networks</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">backend</span> <span class="na">volumes</span><span class="pi">:</span> <span class="na">ps_data</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">${ENV_NAME}_postgres</span> <span class="na">pga_data</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">${ENV_NAME}_pgadmin</span> <span class="na">networks</span><span class="pi">:</span> <span class="na">frontend</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">${ENV_NAME}_frontend</span> <span class="na">backend</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">${ENV_NAME}_backend</span> </code></pre> </div> <p>For example if ENV_NAME is <strong>demo_dev</strong> we will have the following result:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fx56wgs13f4xm4zyxx6ij.JPG" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fx56wgs13f4xm4zyxx6ij.JPG" alt=" " width="800" height="400"></a></p> <p>As you can see the networks, the volumes and the containers names have been customized, so if we will start again the composer with different environments parameters, we will have a new environment isolated from the previous one.</p> <p>The code is available on my <a href="https://github.com/antdimot/devops/tree/main/docker/postgres" rel="noopener noreferrer">github</a> repository.</p> docker postgres devops BulkRun Powershell Script for Azure Pipelines Antonio Di Motta Sun, 12 Jun 2022 10:36:35 +0000 https://dev.to/antdimot/bulkrun-powershell-script-for-azure-pipelines-fm6 https://dev.to/antdimot/bulkrun-powershell-script-for-azure-pipelines-fm6 <p>Azure Devops provides a great UI for managing and run the pipelines, but sometimes we need to run it manually, just to reuse the deployment logic or when its required to run many of them.</p> <p>To accomplish this job, I created a simple powershell script to run a set of pipeline programmatically by using the Azure Devops rest API and it requires a <a href="https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&amp;tabs=Windows" rel="noopener noreferrer">Personal Access Token</a></p> <h3> Example </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># Step 1: Create the pipeline on Azure Devops with following yaml code. Below an example with parameters.</span> <span class="na">parameters</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">name</span> <span class="na">displayName</span><span class="pi">:</span> <span class="s2">"</span><span class="s">Name"</span> <span class="na">type</span><span class="pi">:</span> <span class="s">string</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">surname</span> <span class="na">displayName</span><span class="pi">:</span> <span class="s2">"</span><span class="s">Surname"</span> <span class="na">type</span><span class="pi">:</span> <span class="s">string</span> <span class="na">pool</span><span class="pi">:</span> <span class="na">vmImage</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">script</span><span class="pi">:</span> <span class="s">echo Hello ${{ parameters.name }} ${{ parameters.surname }}</span> <span class="na">displayName</span><span class="pi">:</span> <span class="s1">'</span><span class="s">Run</span><span class="nv"> </span><span class="s">a</span><span class="nv"> </span><span class="s">one-line</span><span class="nv"> </span><span class="s">script'</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="c"># Step 2: Create a pipeline definition file (pipetorun.csv) with the information to run an ado pipeline for each row.</span><span class="w"> </span><span class="c"># The definitionid is the definitionid of Azure Devops pipeline</span><span class="w"> </span><span class="c"># Branch is the pipeline's branch.</span><span class="w"> </span><span class="c"># Parameters are defined as a dictionary (key=value separate by semicolon, key is equal the pipeline parameter name)</span><span class="w"> </span><span class="n">definitionid</span><span class="p">,</span><span class="nx">name</span><span class="p">,</span><span class="nx">branch</span><span class="p">,</span><span class="nx">parameters</span><span class="w"> </span><span class="mi">12</span><span class="p">,</span><span class="n">hello</span><span class="p">,</span><span class="nx">main</span><span class="p">,</span><span class="nx">name</span><span class="o">=</span><span class="n">Alan</span><span class="p">;</span><span class="n">surname</span><span class="o">=</span><span class="n">Turing</span><span class="w"> </span><span class="nx">12</span><span class="p">,</span><span class="nx">hello</span><span class="p">,</span><span class="nx">main</span><span class="p">,</span><span class="nx">name</span><span class="o">=</span><span class="n">Clude</span><span class="p">;</span><span class="n">surname</span><span class="o">=</span><span class="n">Shannon</span><span class="w"> </span><span class="nx">12</span><span class="p">,</span><span class="nx">hello</span><span class="p">,</span><span class="nx">main</span><span class="p">,</span><span class="nx">name</span><span class="o">=</span><span class="n">Tim</span><span class="p">;</span><span class="n">surname</span><span class="o">=</span><span class="n">Berners-Lee</span><span class="w"> </span><span class="nx">12</span><span class="p">,</span><span class="nx">hello</span><span class="p">,</span><span class="nx">main</span><span class="p">,</span><span class="nx">name</span><span class="o">=</span><span class="n">Edsger</span><span class="p">;</span><span class="n">surname</span><span class="o">=</span><span class="n">Dijkstra</span><span class="w"> </span><span class="nx">12</span><span class="p">,</span><span class="nx">hello</span><span class="p">,</span><span class="nx">main</span><span class="p">,</span><span class="nx">name</span><span class="o">=</span><span class="n">Leslie</span><span class="p">;</span><span class="n">surname</span><span class="o">=</span><span class="n">Lamport</span><span class="w"> </span><span class="c"># Step 3: Run five pipeline by using the script and the defintion file. (How to create a PAT )</span><span class="w"> </span><span class="o">.</span><span class="n">\BulkRun.ps1</span><span class="w"> </span><span class="nt">-PAT</span><span class="w"> </span><span class="nx">personal-access-token</span><span class="w"> </span><span class="nt">-File</span><span class="w"> </span><span class="o">.</span><span class="nx">\pipetorun.csv</span><span class="w"> </span></code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight powershell"><code><span class="c"># Result</span><span class="w"> </span><span class="n">hello</span><span class="w"> </span><span class="nx">inProgress</span><span class="w"> </span><span class="nx">on</span><span class="w"> </span><span class="nx">main</span><span class="w"> </span><span class="o">-</span><span class="err">&gt;</span><span class="w"> </span><span class="nx">https://dev.azure.com/dimotta/demo/_build/results</span><span class="nf">?</span><span class="nx">buildId</span><span class="o">=</span><span class="nx">119</span><span class="w"> </span><span class="n">hello</span><span class="w"> </span><span class="nx">inProgress</span><span class="w"> </span><span class="nx">on</span><span class="w"> </span><span class="nx">main</span><span class="w"> </span><span class="o">-</span><span class="err">&gt;</span><span class="w"> </span><span class="nx">https://dev.azure.com/dimotta/demo/_build/results</span><span class="nf">?</span><span class="nx">buildId</span><span class="o">=</span><span class="nx">120</span><span class="w"> </span><span class="n">hello</span><span class="w"> </span><span class="nx">inProgress</span><span class="w"> </span><span class="nx">on</span><span class="w"> </span><span class="nx">main</span><span class="w"> </span><span class="o">-</span><span class="err">&gt;</span><span class="w"> </span><span class="nx">https://dev.azure.com/dimotta/demo/_build/results</span><span class="nf">?</span><span class="nx">buildId</span><span class="o">=</span><span class="nx">121</span><span class="w"> </span><span class="n">hello</span><span class="w"> </span><span class="nx">inProgress</span><span class="w"> </span><span class="nx">on</span><span class="w"> </span><span class="nx">main</span><span class="w"> </span><span class="o">-</span><span class="err">&gt;</span><span class="w"> </span><span class="nx">https://dev.azure.com/dimotta/demo/_build/results</span><span class="nf">?</span><span class="nx">buildId</span><span class="o">=</span><span class="nx">122</span><span class="w"> </span><span class="n">hello</span><span class="w"> </span><span class="nx">inProgress</span><span class="w"> </span><span class="nx">on</span><span class="w"> </span><span class="nx">main</span><span class="w"> </span><span class="o">-</span><span class="err">&gt;</span><span class="w"> </span><span class="nx">https://dev.azure.com/dimotta/demo/_build/results</span><span class="nf">?</span><span class="nx">buildId</span><span class="o">=</span><span class="nx">123</span><span class="w"> </span></code></pre> </div> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0zup7l7t6tij9j2ha0v0.JPG" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0zup7l7t6tij9j2ha0v0.JPG" alt=" " width="800" height="460"></a></p> <p>The BulkRun script code is available <a href="https://github.com/antdimot/devops/blob/main/ado/BulkRun.ps1" rel="noopener noreferrer">here</a></p> azurepipelines devops powershell Powershell Confluence Scripts Antonio Di Motta Mon, 25 Apr 2022 18:00:26 +0000 https://dev.to/antdimot/powershell-confluence-scripts-g6k https://dev.to/antdimot/powershell-confluence-scripts-g6k <p>As a devops sometimes I need to create small scripts to include in my pipelines for managing recurring tasks. To carry out this kind of activity powershell provides great features to develop script quickly.</p> <p>Lately, I needed to create a <a href="https://www.atlassian.com/it/software/confluence" rel="noopener noreferrer">Confluence</a>'s page as the last task of a pipeline with some information reported on it, so I decided to create a <a href="https://github.com/antdimot/devops/tree/main/confluence" rel="noopener noreferrer">small library</a> for this purpose.</p> <p>The library needs of a Atlassian api token which is provided by <a href="https://id.atlassian.com/manage-profile/security/api-tokens" rel="noopener noreferrer">https://id.atlassian.com/manage-profile/security/api-tokens</a></p> <p>Here are some examples of using the library.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzwl1v6rl1gt4t5tckiar.JPG" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzwl1v6rl1gt4t5tckiar.JPG" alt="define env variables" width="566" height="100"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdwy5wmddunkr1qg4f2yc.JPG" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdwy5wmddunkr1qg4f2yc.JPG" alt="page creation" width="618" height="341"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fybu6ho1s9qadl29neesj.JPG" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fybu6ho1s9qadl29neesj.JPG" alt="get page content confluence" width="643" height="320"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fqrwx1rruxav15y49zfqe.JPG" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fqrwx1rruxav15y49zfqe.JPG" alt="update page content confluence" width="683" height="291"></a></p> confluence powershell devops entity2sql Antonio Di Motta Sat, 16 May 2020 10:40:21 +0000 https://dev.to/antdimot/entity2sql-4cm3 https://dev.to/antdimot/entity2sql-4cm3 <p>I have always had a strong interest in making small libraries that could facilitate the life of a developer. The most useful libraries are those that allow you to solve recurring problems ( possibly without creating others :) )</p> <p>For this purpose, some time ago, I created a library that would allow me to generate SQL code from the definition of classes that represented my entity data model. It is not an ORM (complete or micro) but a simple generator of SQL code.</p> <p>I know that there are already many excellent solutions around, but for me, it was an opportunity to analyze an interesting problem and at the same time have full control of the SQL code that I wanted to generate.</p> <p>The final result is the following:</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>var sqlBuilder = new SQLStatementBuilder(); var select = sqlBuilder.MakeSelect&lt;User&gt;( o =&gt; o.FirstName == "Antonio" || o.LastName == "Di Motta" &amp;&amp; o.Age == 150 ); // SELECT t1.ID,t1.FIRST_NAME,t1.LAST_NAME,t1.AGE,t1.RoleID FROM USERS t1 WHERE (t1.FIRST_NAME = 'Antonio' OR (t1.LAST_NAME = 'Di Motta' AND t1.AGE = 150 )) var join = sqlBuilder.MakeJoin&lt;User,Role&gt;( (u,r) =&gt; u.Role.Id == r.Id ); // SELECT t1.ID,t1.FIRST_NAME,t1.LAST_NAME,t1.AGE,t1.RoleID,t2.ID,t2.NAME FROM USERS t1 INNER JOIN ROLES t2 ON t1.RoleID=t2.ID </code></pre> </div> <p>In order to generate the SQL code, I added metadata (by custom attribute) to the classes of the domain model, below an example:</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>[TableMap( Name = "USERS" )] public class User { [PKeyMap( Name ="ID")] public int Id { get; set; } [ColumnMap( Name ="FIRST_NAME")] public string FirstName { get; set; } [ColumnMap( Name = "LAST_NAME" )] public string LastName { get; set; } [ColumnMap( Name = "AGE" )] public int Age { get; set; } [ColumnMap( Name = "RoleID" )] public Role Role { get; set; } } [TableMap( Name = "ROLES" )] public class Role { [PKeyMap( Name = "ID" )] public int Id { get; set; } [ColumnMap( Name = "NAME" )] public string Name { get; set; } } </code></pre> </div> <p>The main classes of the library are SQLStatementBuilder and EntityInfo.<br> The first generates the SQL code by reading the metadata via reflection, which is a very expensive operation in terms of speed, for this reason, it maintains an EntityInfo dictionary for each entity whose metadata it has read.</p> <p>EntityInfo retains metadata information and It is created on first access to the entity, from the second access on it will no longer be necessary to use reflection.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2Fy6apnms3akf0jasjut55.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2Fy6apnms3akf0jasjut55.png" alt="Alt Text" width="671" height="464"></a></p> <p>The code of the entire project is available <a href="https://github.com/antdimot/entity2sql" rel="noopener noreferrer">here</a></p> <p>Any advice is welcome.</p> dotnet sql opensource