A Clockwork Engineer

Wildcard For Azure Devops Branch Policies

Wildcard For Azure Devops Branch Policies

We use GitFlow as our branching model on Azure Devops. When we create a new Release branch, we want it to be protected by default. By protection I mean, preventing unreviewed code changes.

This is not like setting a branch policy for an existing branch, it would be a wildcard for future branches. You need to do one extra step to access the correct page for a wildcard and this is not documented yet.


Architect Azure API Management service

Architect Azure API Management service

API Gateway

Let’s setup an API gateway using the Azure API Management service with a nice architecture.

An API gateway is positioned between your APIs and the Internet. You can control how the APIs are exposed or limit the usage per subscription through the Azure portal.

Why would I use the Azure API Management service?

It is a native Azure SaaS (software as a service) which brings nice pros;

  • API documentation
  • Rate limiting access
  • Health monitoring
  • Moodern formats like JSON
  • Connections to any API
  • Analytics
  • Security
  • Built-in caching
  • Network tracing

Is there any trade-off?

Yes, the circuit breaker policy is not implemented yet. You can build your own API gateway with a circuit breaker using third-party libraries like Ocelot and Polly with Quality of Service configured but does it worth to go down to a PaaS (platform as a service) instead of a SaaS?


Hacking with Python

Hacking with Python

As software developers, we need to know any software vulnerability to prevent them before they happen. Every software developer should act or think like a hacker at some point. It is like asking what would a thief do to infiltrate our house and taking precautions. On the other side, hackers are evolving. They are getting better and faster tools.

Karen from comparitech has contacted me about her colleague’s article about ethical hacking by using Python. Please, have a look at this 6 best online courses for ethical hackers guide. It has a wide range of courses even including one for non-coders.

Image: Monty Python and the Holy Grail (1975)


Microservices with Sam Newman

Microservices with Sam Newman

Last week, I was lucky to have a workshop from Sam Newman about microservices. I have his Building Microservices book and he signed it with a funny quote for me.

The best thing about the workshop was that it did not start with all that hatred against to monolith systems. If you are building something from scratch you can still build it as a monolith system, it is not that bad.

I have worked in a lot of places, real big and real bad ones though and that gave me a lot of experience. When I read books about how to deal with legacy stuff or killing that monolith giant, the worst case scenarios were not even as bad as what I have seen. Still I can solve the stuff with the knowledge in the books but I could not use it exactly as it is. So it is always different in the book and in the real-world. The book cannot help you to solve your specific situation and you help yourself by hiring a consultant at the end.


Cheat sheet for dotnet cli

Visual Studio is one of the best IDEs in the market. I started to use it when it’s name was Visual Basic. It had the same name with the programming language. Then Visual Studio came out with the support for multiple programming languages. Now, it supports more languanges from outside of the .NET ecosystem and it even has a free version.

Lately, .NET Framework started to transform into .NET Core to meet needs of developers that work on various operating systems. But Visual Studio is really big to port on to the other operating systems. Microsoft created a modern IDE Visual Studio Code which is nothing like Visual Studio and OS agnostic like .NET core. It looks really neat and fun, but you should know some commands to work with it. On the other side, I think, the beautiful Visual Studio -with it’s intellisense menu as well- spoiled us a lot so we did not go much for consoles or terminals like others do.

I am not happy about what they did with dotnet to make backwards compatible but still I love it. I try to specialize on it but remembering those commands that I use once in a while is getting boring and time consuming. I tried to find a cheat sheet but apperantly it is not that popular right now. So I created my own cheat sheet and I hope you enjoy it, too.

You can find it on good old Cheatography or download as PDF.

otomatik muhendis dotnet cli cheat sheet

Source: Microsoft Docs - dotnet command - .NET Core CLI

PS: While I was preparing this cheat sheet, I found a miss typing in the Microsoft documents, just fixed it and my change is on the way to production with Sprint 138.


Freebies for Developers

Freebies for Developers

I have built my first websites on free hosting services like GeoCities and Tripod. I like to apply what I learned instantly and the main purpose of these kind of free services is providing an environment to try our new skills.

Here is a curated list of freebies for developers.

In general, they limit their target area to students but you can be a student at any age. Life-long learning is our motto of life right? After all those engineering bachelor and master’s, I am still a student of photography and cameraman.

Github Student Pack

You can access to this package on https://education.github.com/pack address and I think it is the most comprehensive one. The list is changing with the time but it still has a wide range of products. I suggest you to try all of them.

Microsoft Imagine (previously Dreamspark)

You can see the full product catalog on https://imagine.microsoft.com/en-us/catalog website. It is for generally Microsoft products with a range from tutorials to operating systems.

JetBrains

This was in the Github Student Pack list before. Now, you can through their webpage on https://www.jetbrains.com/student/ link. If you are a strudent then you can get a JetBrains certificate for every usefull product of JetBrains like ReSharper and WebStorm.


Isolating Integration Test Data

When we write an integration test, we should leave the persistence as it was before. I will show you how to do it with NUnit easily.

After covering every corners of our code with unit tests, we can move on to integration tests that we normally test happy path scenarious. If we are using a database as a persistence then we need to run our DML commands backwards. So you should write your CRUD operations for DRUC (delete, read, update and create) as well.

On the other hand, we can use good old TransactionScope in the System library. Thanks to NUnit unit-testing framework, we do not need to initialize a transaciton scope every time we write a test case. We can create an attribute which is inherited ITestAction interface so it would be ran before and after every test case.


Software Craftsmanship

Software Craftsmanship

Raising the bar.

For all those companies which are in the middle of agile transformation or transformed already.

As software developers, we have another manifesto that raises the bar a little bit higher over Agile Software Development, that is called Software Craftsmanship and signed by same people who wrote Agile manifesto.

We should start from definitions to understand anything so let’s examine Software Craftsmanship word by word.

Craft

A craft is a profession that requires particular skills and knowledge of skilled work. Software Development is our profession so it is our craft.

Craftsmanship

Craftsmanship is our journey and we can define our journey like;


Code in Stranger Things 2

Code in Stranger Things 2

If you want to break a software’s security pass in early 1980’s, you need to code in BASIC like in the series Deutchland 83

Stranger Things 2 is in 1984 as well so once again we are dealing with some BASIC code.

hawkinsLabSystemsHack.png

As you can clearly see there are nested 4 loops to find 4 digit numbers of the password but interesting part is that there is a misterious function called checkPasswordMatch which gets an integer as a parameter and returns a boolean result. Actually the important part is in that function, the rest that we see on the screen just tries some brute-force attack.


Guru99

Tutorials Library

Guru99 is a website worth to mention. Their comprehensive tutorials contain beautifully annotated screenshots. Their goal is to provide fun and free education for everyone.

Sometimes I prefer video tutorials but they can be time consuming so a source like this is more accesible with its content.

I could only check out their amazing JUnit tutorials for one of my posts called Attributes and Annotations of Testing Frameworks. As a blog writer I can see their effort in it.

The JUnit course covers;

  • JUnit Basics like Introduction, Test framework, Download and Install Guide
  • Introduces Junit Annotation, API, Assert and JUnit Test Suite
  • Advanced topics like Ignore Test, Exception Test, ErrorCollector and Parameterized Test