Add :8080 to your TFS 2017 bindings after upgrading to SSL

Jesse Houwing
Because TFS 2017 allows authentication with Personal Access Tokens (PAT) it's recommended to upgrade to SSL if you were still on port 80. The installer will even help with the configuration and can add a redirect from port :80 to :443.

It doesn't add a a redirect from port :8080 though, so your users may have to update all their bookmarks. Or you can add that second binding in IIS yourself:

And that will help your users find the new location more easily.

Running Windows Containers on Azure Service Fabric – Part II

The previous post showed how you can create an unsecure Service Fabric test cluster in Azure, and how to run a Windows Container on it. In this follow up post, I’ll show you what’s going on inside the cluster, using the Docker command line. Knowledge about this can be very useful when troubleshooting.

 Read more

Running Windows Containers on Azure Service Fabric

Background


Since the release of Service Fabric runtime version 5.4.145, Microsoft added a (preview) feature to run Windows Containers on Windows Server 2016. The Linux version already supported this for a while. This post explains why Containers are useful and how to get it to work.

 Read more

Tester in an agile team: a necessity or dispensable?

Maaike Brinkhof

Let’s imagine it’s the year 2025 and we peek inside an average IT company to take a look at the software development teams working there: what are the chances that there will still be a person who is a tester in each of these teams? Some of you will say: “of course they’ll be gone, everybody will be a developer by then”, while some will hope that the role of the tester will still exist. What would that role look like, then?

If we go back to the current day and age, we can already see a trend that’s been going on in a lot of companies that will give us a peak in a not so pleasant future. Read more

Top 5 Ingredients for developing Cloud Native Applications

Tom Höfte

Introduction

Cloud Native Applications is a trend in IT that promises to develop and deploy applications at scale fast and cost-efficient by leveraging cloud services to get run-time platform capabilities such as performance, scalability and security out of the box. Teams are able to focus on delivering functionality to increase the pace of innovation.  Everything aimed to stay ahead of the competition. Companies such as Netflix and Uber disrupt their markets by leveraging cloud native capabilities to quickly introduce their products at a global scale. Adapt or die.

This article serves as the start of a serie of articles. The goal of this initial article is to explain the why and how of cloud native applications by defining the top 5 ingredients and their rationale. In follow-up articles, I will explain the ingredients in more detail. Read more

Being an Agile Security Officer: pwn the process

Dave van Stein

This is the third part of my 'Being an Agile Security Officer series'. As mentioned in my previous blog, in the Agile world the Product Owner is the person who translates business and customer desires into work items for the teams. To do this, product owners have several techniques and means at their disposal. In this blog I will focus on the backlog and the definition of done. As a security officer it's important to understand their purpose and to learn how they can help you achieve your goals.

 Read more

How to create your own Lint rule

jwillemsen@xebia.com

When you are part of a multi-team project in Android, it becomes relatively hard to have a common understanding of how components should be used. This is where Android Lint can help you! In this blog we will show you how you can write your own Lint rules and test them. As an example, we create a sample Lint Detector, which is used to detect whether you have excluded the "secret data" in your application from the Android Authobackup introduced in Android Marshmallow.

 Read more

Building, testing and deploying precompiled Azure Functions

Geert van der Cruijsen

Azure functions are great to build small specialized services really fast. When you create an Azure Functions project by using the built-in template from the SDK in Visual Studio you’ll automatically get a function made in a CSX file. This looks like plain old C# but in fact it is actually  is C# Script. When you’re deploying these files to Azure you don’t have to compile them locally or on a build server but you can just upload them to your Azure Storage directly.

In the last update for Azure Functions the option to build precompiled functions was added. Doing this is actually pretty simple. I’ve created a sample project on Github containing a precompiled Azure function, unit tests for the function and an ARM template to deploy the function. Lets go over the steps to create a precompiled Azure function.

 Read more

Verbal Turn Indicators For Intercultural Product Owners

Chris Lukassen

Jujutsu exams are coming up. One of the things that examiners want to see in jujutsu is the use of go-no-sen, sen-no-sen and tai-no-sen. Go-no-sen means that you respond to an action of your opponent, tai-no-sen means you act simultaneously and sen-no-sen means you take the initiative and act before the opponent has a chance.

When we debate product features, roadmaps, implementations, marketing plans etc. this happens all the time. We listen to what the other person has to say and respond (go-no-sen) or we interrupt and try to take over the discussion (tai-no-sen).
 Read more

A better way (and script) to add a Service Principal in Azure for VSTS

Marco Mansi

From Visual Studio Team Services (VSTS) it’s possible to deploy to an Azure Subscription using an Active Directory Service Principal.

The Microsoft documentation refers to a blog post which describes a 3-clicks and a manual way to setup this principal.

Although the information on the blog post for the 3-clicks setup is still actual, the script link provided for the manual configuration is not available anymore (not found, probably because the Git repo has been moved/renamed).

For both the suggested ways (3-clicks or manual), there are some concerns from my side about the principal setup, which I think they could be improved:

  • The principal which is created during the process gets the “Contributor” role granted on the whole Azure subscription, and using the manual powershell script, the default role is even “Owner” (this can be modified).
  • The name of the Active Directory Application/Principal is some random guid which is difficult to be identified, see this picture:

 Read more