Keeping your code safe and sound

A quick guide for your GitHub, Azure DevOps and App Center repositories

Photo by Gino Messmer on Unsplash

As you may hopefully already know, you should never include secrets (such as API keys, symmetrical keys, certificates, etc.) in your repositories. Not even in private ones.

Recently, I had to use secrets for a personal project and for a customer project. I had to come up with an elegant solution for my .NET projects and I thought I’d share my insights and my best practices with you.

Generally speaking, there are two approaches when it comes to implementing secrets in your .NET projects:

User Secrets

You include secrets in a secret file. The .NET app will load them for you during…

Making networking boring, it rocks

And how you can deploy containerized applications with ease and confidence, too

Photo by Brendan Church on Unsplash

I’m currently studying Applied Computer Science at the Cooperative State University Karlsruhe in Germany and about to finish yet another semester (the exceptional 2020 edition).

For the last two semesters, I’ve been working on a project for our Software Engineering lecture with a few friends of mine. The project consolidates many of our university’s online services into a central hub which is due for finals this week.

One of our end goals is to deploy an environment that will be used as a live demo. …

A Journey in Automated API Tests

And how you can prepare for some heavy load

Photo by SpaceX on Unsplash

Load tests have become more prevalent over recent years and especially during the recent weeks as the COVID-19 pandemic forces many workers (including me) to work from home or work remotely and rely on cloud-based services to work with their teammates.

But many service providers still struggle to adapt to the current demand. Even Microsoft is facing issues, downtimes and has disabled some non-essential features for Office 365. Queued Azure DevOps build-runs take a long time until they eventually start. Notifications don’t pop up in Microsoft Teams. Discord has frequent downtimes since many schools and organizations use it now.


Ditch variables. Parameters have finally arrived.

Photo by Ran Berkovich on Unsplash

The Azure DevOps team has finally released Sprint 166. It’s a very small update but introduces a new neat feature that was way too long overdue.

Chances are high that you are familiar with some true madness like this:

A Journey in Automated API Tests

Photo by Brian Suman on Unsplash

In my previous post, I looked into running API tests and automate them. For this, I stumbled upon Insomnia and Loadmill. This time, I want to integrate these tests into my CI/CD pipeline as easily as possible.

Let’s depart and check out some possibilities.

Framework specific tools

ASP.NET Core has a test server extension (it’s called TestServer) by Microsoft, a dependency that neatly integrates into ASP.NET Core and exposes an in-memory web host. In addition to that, it also provides a pre-configured HTTP client that we can use.

This extension does also integrates well into test frameworks like xUnit or NUnit. That sounds…

A Journey in Automated API Tests

Testing can be time-consuming and a bit tedious. Many clients don’t add automated testing to their contracts because it’s too expensive or time-consuming. This comes with a trade-off that can heavily impact your product’s quality and lifespan.

For the scope of this article, I’m going into the fundamentals of API testing and inspire you to easily integrate it into your existing and new CI pipelines.

Photo by Viktor Jakovlev on Unsplash

Set sail ⛵

Let’s imagine you’re about to ship your API to production. You already have API testing in mind but you’re not quite sure how to embark from here. It’s important to outline your tests while you…

I remember whenever I build forms and handle validation of any kind on my own it’s going to end with huge pain and with tears, especially in web development.

Photo by NORTHFOLK on Unsplash

But there are actually smart approaches that simplify the whole process and let you focus on your business logic.

One thing I really love about React is that it allows you to build stuff the way you like, the way that makes most sense for you. While this might end in a catastrophe pretty easily, there are actually pretty great patterns for specific use cases out there.

This leads us to…

I was looking for fancy stock images based on the Guilloché pattern for one of my front end projects — You know, these fancy patterns that are being used for various banknotes as additional security feature to prevent tampering.

No money talk in here. We’ll be taking a look at the famous pattern behind the ‘100’ figures label

However, I haven’t found any free ones and I couldn’t be bothered to create one in Illustrator or in any other vector graphics editor because I lack experience in these.

So I went ahead and decided to boot up Unity3D again after a long while and have some fun in 2D.

Where do we start?

First of all, some back story behind the Guilloché pattern…

Update: This article makes use of the obsolete build pipeline for Azure DevOps. An updated article that makes use of the new YAML scheme is in the works. Follow my profile to be notified.

By using your custom NuGet package feed within your Azure DevOps (previously VSTS) instance, you’ll be able to distribute your packages within your organization with ease.

“fragile sign board” by Stephane YAICH on Unsplash

Here’s everything you need to know. Without any further ado and yada yada, let’s just jump straight into it.

NuGet Packages within Azure DevOps

That’s right. Microsoft offers an official extension for publishing and managing your private NuGet feeds.

It starts from a single DevOps…

Gino Messmer

Microsoft Learn Student Ambassador (MLSA) | Full-stack software engineer @medialesson and CS student | Buy me a coffee:

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store