Skip to main content

Posts

Showing posts from April, 2020

Integrating React with SonarQube using Azure DevOps Pipelines

In the world of automation, code quality is of paramount importance. SonarQube and Azure DevOps are two tools which solve this problem in a continuous and automated way. They play well for a majority of languages and frameworks. However, to make the integration work for React applications still remains a challenge. In this post we will explore how we can integrate a React application to SonarQube using Azure DevOps pipelines to continuously build and assess code quality.
Creating the React Application
Let's start at the beginning. We will use npx to create a Typescript based React app. Why Typescript? I find it easier to work and more maintainable owing to its strongly-typed behavior. You can very well follow this guide for jsx based applications too. We will use the fantastic Create-React-App (CRA) tool to create a React application called 'sonar-azuredevops-app'.
> npx create-react-app sonar-azuredevops-app --template typescript
Once the project creation is done, we will …

The New Normal

My three year old daughter today asked me if I would take her to the mall. This would normally have been an ordinary request but these are extraordinary times. I had to say no. She bargained - What if she wore a mask? To escape the situation, I had to put the blame entirely on Narendra Modi. 😉
When would we go back to normal?This is a question on everyone's mind. But how do you define normal? Let's examine this objectively.
The current lock down cannot last forever. Sooner or later it will have to be lifted for people to earn livelihoods. It may be lifted in phases but don't expect schools, malls, or places of social gathering to be opened up anytime soon. Any potential vaccine is still forever 12-18 months away. Even if a vaccine is invented quicker than that, production, distribution and finally vaccination itself would take years. People would keep falling sick due to COVID-19 and dying and there is nothing we can do to stop that.
Society would change too. In India, peopl…

Encrypt/Decrypt text using the new Azure Key Vault Client Libraries

Securing applications is hard. We often have to struggle with storing connection strings, encryption keys and other sensitive pieces of information securely in our code base. Azure Key Vault is a great place to store these securely and allow only limited access to authorized applications. Azure Key Vault can store Keys, Secrets and Certificates. It supports storing only asymmetric keys (RSA and EC). One can generate a key in Azure Key Vault and it will only give out Public Key to your application. All operations involving Private Key has to be done by Azure Key Vault only. Encryption algorithms like AES are symmetric encryption methods - meaning they use one key to encrypt and decrypt the data. There are two ways we can store this key - either as a secret in Azure Key Vault (less secure) or encrypt the key itself using the RSA key generated in Azure Key Vault and store the encrypted key as a secret (more secure). If you are using .NET, there are numerous examples on the interwebs show…