Rescuing your GIT Repositories using Amend, Reset, Revert, Rebase, Bisect, and Cherry-Picking

Have you ever said: "I just pushed a commit to remote main instead of my branch! Help!"?

Have you ever been in the following scenario: "We merged two features to main but now only one of them needs to go to production without losing the code for the other one ASAP - what do we do?"

Have you ever thought you messed up your branch on rebase, and then can't figure out what happened, and/or had the fear that you might have lost work during a rebase operation?

What about the time where you accidentally put a secret into GitHub and you need it to look like that commit never happened to avoid getting fired?

In this session, we'll discuss the GIT commands of Amend, Reset, Revert, Rebase, Bisect, and Cherry-Picking to perform surgery on any GIT repository when the stuff hits the fan such as the four scenarios mentioned above.

After learning how to fix these scenarios, you can take the knowledge and use it to handle many more difficult scenarios using these same commands and strategies.

Attendees will learn about the listed commands and then will get a chance to see them in action. If time allows, other discussions around protecting a repository and squash and rebase strategies can be discussed. Attendees will also be given links to public repositories with instructions on how to rescue their repository in specific scenarios.

Azure Functions and APIM

You want to go Serverless. You think Azure functions are cool, but you're not sure how to use them to host multiple API Endpoints. You are also worried about the security of the Functions and the ability to throttle requests. You are also concerned that having multiple endpoints could be confusing for your customers and hard for your team to manage, especially when it comes to versioning your endpoints.

In this session, you'll see a practical approach to resolve all of these problems using Azure Functions with Azure API Management (APIM). You'll learn how to lock everything down with Azure Active Directory and Identity management, and you'll see how to use APIM Subscriptions to get the right information to the correct users with just one entry point facade (which can be throttled by subscription for various levels of access like basic and premium - or to just prevent bad players and DDoS attacks). You'll also learn about creating products to group your APIs for customer use, exposing on the APIs and Operations your customers need. You'll see how all of your API endpoints will be hosted from the same public endpoint (which of course can be set to your own custom domain).

Additional concepts will be the ability to enforce specific URI query string parameters that the user doesn't need to know about, and how to utilize additional services that host endpoints, as well as leverage third party APIs without your customers ever knowing where and how the backend is working.

We'll cover Azure Functions and authentication with Azure Active Directory. We'll build an APIM solution to communicate with the functions, setting up products and subscriptions to expose various products and levels of access to the APIs and operations for the customers, and we'll show how to test the various functions as we go using postman to create products and subscriptions.

Architecting and Building Event-Driven Serverless Solutions in Azure

This workshop is an intense dive into working with resources at Azure in an event-driven, serverless architecture, however the material can be utilized to complete the solution no matter what your levels of development and/or azure experience currently are.

In this workshop, you'll build an event-driven architecture with serverless technologies at Azure, leveraging and learning about the following services:
- Azure blob storage (and blob storage created events)
- Azure AI Vision (formerly Cognitive Services - Computer Vision)
- Azure Event Grid for topics and subscriptions
- Azure Functions for processing data and classifying results as needs review or ready for import
- Azure Logic Apps to send email (via SendGrid or another provider)
- Azure SQL to store the finalized results for the "legacy" system
- Service Bus to Queue results for processing so that your team can review and approve or correct results from computer vision asynchronously
- Azure App Service to show the final results of the processing and allow for review/approval of pending import data based on vision results for the images

After completing the workshop, attendees will be able to take the skills they've learned and apply them to solutions for both enterprise and personal projects.

The Attendees will need to be able to access an Azure Subscription and GitHub. This should be done on personal, non-work email accounts and non-work machines, unless the attendee is certain those accounts are in compliance with their company and also will not present access issues from a remote location at the conference.

This workshop is a proven guided activity with step-by-step instructions. The attendees will be able to complete the activities by walking through step-by-step instructions during the workshop and any additional work they want to do can still be completed post workshop.

The first part of the workshop will start by presenting the real-world problem and a bit of brainstorming on the architecture, then it will be all about implementation. We'll talk about the different services within Azure as we go.

The attendees can complete this on their own or in groups.

Attendees will need access to a personal email, Azure Subscription, and GitHub.

All attendees will be directed to the repo for the workshop, where full walkthroughs and resource information exists (so they can take the workshop home and do it again)
https://github.com/AzureCloudWorkshops/ACW-ServerlessArchitecture

Azure Messaging, Queueing, and Events - Which service is right for your solution?

With Event Hub, IoT Hub, Service Bus, and Azure Storage Queue, Azure has a number of PaaS offerings available when it comes to Queueing, Eventing, and Messaging. The number of services and mystery about their purposes can lead to a bit of analysis paralysis when it comes to which service to use, and, more importantly, when to use each service.

This session will help you answer all of the following questions:
- Which service is used for ingesting a stream of data?
- What service responds to a single event?
- Do you need an Event Hub to use Event Grid or an Event Grid to use Event Hub?
- When should you use Azure Storage Queue vs Azure Service Bus Queue?
- Is there a way to have one message go to multiple Queues based on the interest or access level of a customer/client?
- How do you enhance a stream to make sure that critical failures are handled immediately?
- What is "at-most-once" vs. "at-least-once" delivery of messages and which services can guarantee these options?

In this session you will learn about the services available at Azure for queueing, handling events, and messaging, and you'll get to see working examples of when and how to use each of the various services.

By the end of the talk you'll be ready to choose the correct service for your solution with confidence.

Overviews and practical use-cases for each platform offering, with demos to work with each using C#.NET. This material is incredibly important for the AZ-204 exam as well as just to know as a .NET developer with Azure.

Protecting Your Secrets using Azure Key Vault, Azure App Configuration, GitHub, and C# MVC

Your team has been working well for a long time, but developers keep checking in the connection strings to Azure Services (like SQL Databases and Storage). You know that once you check in a secret it should be considered compromised so you've built a robust rotation strategy and you are ready to move forward, but you want to solve the real problem, which is preventing the team from checking in (and even knowing) what your secrets are. Another problem that you noticed is that Application Insights and your users are logging sensitive information that needs to be sanitized.

In this session you will learn how to get notifications when users have checked in secrets using GitHub and third-party tools. You'll also see how to leverage secrets in your code without having to know the secrets, both locally and at Azure via the Azure Key Vault.

You will then learn how to leverage secrets that need to be shared to Azure App Configuration and have the ability to use them from your local and Azure environments.

To complete the journey, you will then learn how to capture output before committing to your logs (or app insights) with a few simple code changes to make sure that sensitive information is sanitized before being permanently recorded.

This talk also has a backing repo with step-by-step instructions.

A Developer's guide to Deploying Secure Applications in Azure

Deploying an application to Azure is easy, however most developers and teams are deploying on the Azure Public Backbone, which works, but also exposes a number of surfaces for attack.

In this session, you'll learn about various Azure Services for networking and security, as well as basic network patterns like the hub-and-spoke architecture and primary and secondary regions. You'll also learn about various ways to implement security such as service endpoints and private endpoints.

Various methods to ingress into the network will also be discussed, including Bastion, Azure Firewall, VPN connections, Front Door, and Web Application Gateway.

Additional discussions will talk about ways to use automated deployments while maintaining network perimeter security.

By the end of the session, you'll be familiar with the tools available for creating and deploying secure applications with minimal attack surfaces and secure network communication.

This talk addresses a very big problem in the Azure cloud space where many teams are just deploying to the public backbone. By the end of the talk, attendees will have a better understanding of the Azure Networking resources they should be in command of to deploy an application that has network perimeter security.

Automated resource deployment with Bicep

This hands-on workshop provides a day of training that teaches you how to work with Bicep. The workshop starts by introducing Bicep and the key components that are necessary to understand when working with automated deployments and infrastructure as code.

During the first part of the workshop, you'll learn about:
- Creating Bicep files
- Deploying resources (a simple storage account) to a single resource group using the command line
- Parameters
- Variables
- Modules
- Outputs
- Orchestration of multiple deployment files for a subscription-level deployment from the command line
- How to create Azure Service Principals and set the correct permissions to authorize a third-party solution like GitHub to deploy to your subscription
- Automating your first orchestrated pipeline to your Azure subscription using GitHub actions

As the day progresses, you'll learn how to:
- Create specific Azure resources using Bicep to deploy a robust web application with App Service, Key Vault, Application Insights, Log Analytics, and SQL Server
- Leverage prior modules to get the output from a previous deployment to configure settings like Key Vault Secrets on the App Service configuration page

You'll then see how to set the CI/CD pipeline to deploy the application code.

The day finishes up with a final look at moving your shared secrets into Azure App Configuration with a couple of small changes to the Bicep pipeline and the application code.

This workshop has both a Bicep and a Terraform path, so the attendees will be able to leverage the training materials provided to learn about Terraform as well if they are so inclined, even after the conference is over.

Sam and I delivered both paths at Codemash 2024, with half-day workshops and determined that either path is best served as a full-day workshop.

co-presenter for this is Sam Gomez

GitHub Actions for architecture deployment and CI/CD

As your team has moved to modernize your applications, you are now looking to create robust deployments utilizing GitHub Actions. You know that you will have the responsibility to create pipelines that will both deploy architecture and also the application code.

In this session, you'll learn how to create GitHub Actions that will deploy your architecture using ARM or Bicep to Azure. You will learn about the various parts of the GitHub action, including steps, jobs, and tasks. You'll learn how to create service principals to authorize your GitHub action to deploy to your Azure subscription, and you'll learn how to store the relevant information in GitHub secrets so that the two services (Azure and GitHub) can play nicely together. You'll also learn how to set an environment to ensure that you don't deploy to the wrong subscription if the pipeline is triggered incorrectly.

You'll also learn how to create various triggers on the pipeline, either for push or pull-request, as well as manual workflow triggers. You'll also learn how you can build single-stage or multi-stage pipelines, and how to require the first stage to complete before the second stage will execute.

Your multi-stage pipeline can be useful for either a dev/prod deployment or an architecture/app deployment in multiple environments.

At the end of this session, you'll have the resources and information you need to create robust deployment pipelines for your team, both for the architecture and for the application deployment itself.

This is an introduction and overview that shows some various approaches to building pipelines. Some time will be spent on a few basics of the YAML and layout of the pipeline, what sections are for, and how it all works. No time will be spent on creation of Bicep/ARM or application code. This talk is all about the pipeline and leverages pre-built bicep and an azure web application.
This talk will mention tools for code scanning and other additional devsecops concerns, but will not cover them.

Cloud Native Containerized Applications with Azure - Which service is right for me?

When it comes to deploying cloud native apps, there are a number of services to choose from, and it's not always clear which service is correct.

Do you need to scale to massive workloads? Do you just need to run a 5 minute job? Perhaps you need something that is up and running 24/7 but doesn't necessarily need to support high traffic volumes.

Even though not all cloud-native apps need to be containerized, this talk will focus on the various offerings available in Azure for deploying containerized applications.

Specifically, you'll leave the talk with information about each of the following services (and when you would consider using each one):
- Azure Container Registry
- Azure Container Instances
- Azure App Service for Containers
- Azure Container Apps
- Azure Kubernetes Services

This talk presents the attendee with information about the listed services and how to choose the correct one for their applications.

The talk is definitely more breadth than depth, but should help architects and senior/lead devs to make appropriate choices for application deployments using containers and Azure services.

GIT: From beginner to Fearless

This training is an introduction to GIT for source control. We'll take a look at getting started with GIT on our own machines, as well as working with GIT at public/private repositories on GitHub and/or BitBucket. Tools we'll use include BASH and VSCode

GIT can scare people. It shouldn't. GIT is awesome, and it's something that everyone should be using - it can even be used for more than just code [yes, you can version documents and spreadsheets]!

This workshop is primarily geared towards those who do code in any language and/or do web development with any tech stack, however learning the basics and commands of GIT can benefit anyone.

The workshop will cover practical scenarios needed for anyone in a normal GIT workflow, how to interact with other developers, and ends with how to solve some more tricky problems that happen.

By the end of the day, you should no longer have any fear about wrecking your repository or losing your changes.

The workshop general outline will look something like this:

Getting Started
Git Basic Info
A single-person/developer general flow
A simple multiple-person/developer flow
Advanced GIT commands to rescue your material
Release Management
Using GIT from Visual Studio or Eclipse