Joseph Price

FOSS advocate in a Windows world...

Restic backups to B2 without delete - 2023

Restic 0.15.0 quietly merged #2398 which finally allows native support of keys without delete permissions. After updating the binary on relevant systems, reversing the two changes from my earlier post (i.e. swapping rclone:b2:bucketname/foldername back to…

Continue Reading →

ARM Templates: list*() & reference() functions in variables workaround

Use ARM templates enough and eventually you'll wish to use one of the list*() functions or reference() in your variables.

For example, you have multiple app services which require near identical appsettings. You'd like to define this object/array once, then reuse multiple times elsewhere in the template. Who likes repeating themselves? Unfortunately one of those settings includes e.g. a storage account access key or a reference() to grab an application insights key...

Unfortunately, it's well documented that this is not supported:

The template function 'listKeys' is not expected at this location

Continue Reading →

CVE-2020-15228 redux: Azure DevOps Pipelines RCE

Reading hackernews, I came across Issue 2070: Github: Widespread injection vulnerabilities in Actions. While I've yet to use github actions seriously, I recognised the feature described as near idential to Azure DevOps' "Logging Commands" and decided to look at whether they were vulnerable to the same issue. They are:

Continue Reading →

Restic backups to B2 without delete

Update 2023-03-28: Restic now supports limited keys by default, and also recommends the B2 S3 api instead. See here Original Post: Since setting up restic to back up to b2 I had embarassingly missunderstood the following UI wording around lifecycle settin…

Continue Reading →

Multi-repos KISS

I have never worked in a monorepo professionally.

Continue Reading →