Joseph Price

FOSS advocate in a Windows world...

ARM Templates: list*() & reference() functions in variables workaround

Use ARM templates enough and eventually you'll wish to use one of the list*() functions or reference() in your variables.

For example, you have multiple app services which require near identical appsettings. You'd like to define this object/array once, then reuse multiple times elsewhere in the template. Who likes repeating themselves? Unfortunately one of those settings includes e.g. a storage account access key or a reference() to grab an application insights key...

Unfortunately, it's well documented that this is not supported:

The template function 'listKeys' is not expected at this location

Continue Reading →

CVE-2020-15228 redux: Azure DevOps Pipelines RCE

Reading hackernews, I came across Issue 2070: Github: Widespread injection vulnerabilities in Actions. While I've yet to use github actions seriously, I recognised the feature described as near idential to Azure DevOps' "Logging Commands" and decided to look at whether they were vulnerable to the same issue. They are:

Continue Reading →

Restic backups to B2 without delete

Since setting up restic to back up to b2 I had embarassingly missunderstood the following UI wording around lifecycle settings: I had assumed that this meant that all versions of the file would be maintained, no matter what clients did. The B2 docs…

Continue Reading →

Multi-repos KISS

I have never worked in a monorepo professionally.

Continue Reading →

LXD performance observation

You might want to consider enabling tmpfs...

Continue Reading →