This week's reading notes cover a variety of insightful topics, from enhancing your development environment with dev containers on Windows to prioritizing open-source bugs effectively. You'll also find helpful posts on integrating MFA into your login process, exploring RavenDB's vector search capabilities, and understanding the differences between Ask Mode and Agent Mode in Visual Studio.
Why You Should Incorporate MFA into Your Login Process (Suzanne Scacca) - You think the answer is simple, think again. Nice post that explains the difference between 2FA and MFA and why you should or should not implement one of those
Aspire Dashboard (Joseph Guadagno) - Great deep dive about the Aspire dashboard, learn all the features packed inside it
Open Source
How I Prioritize OSS Bugs (jeremydmiller) - A very instructive post on a real-life issue. It's harder than people think to prioritize. And it may help you write better bug reports...
MCP server integration in Visual Studio (Mark Downie) - Great update! That security stuff is very important and a good example using get up to store your tokens love it
Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
Getting a complete CI/CD pipeline for your .NET Aspire solution doesn't have to be complicated. I've created a template that gives you everything you need to get started in minutes.
Replace the sample project with your own .NET Aspire code
Push to your GitLab repository
Watch your CI/CD pipeline run automatically
That's it! You immediately get automated builds, testing, and security scanning.
Pro Tip: The best time to set up CI/CD is when you're just starting your project because everything is still simple.
Part 2: Building the Template with GitLab Duo
Now let me share my experience creating this template using GitLab's AI assistant, GitLab Duo.
Starting Simple, Growing Smart
I didn't build this complex pipeline all at once. I started with something very basic and used GitLab Duo to gradually add features. The AI helped me:
Add secret detection when I asked: "How can I scan for accidentally committed secrets?"
Fix test execution issues when my unit tests weren't running properly
Optimize the pipeline structure for better performance
Working with GitLab in VS Code
While you can edit .gitlab-ci.yml files directly in GitLab's web interface, I prefer VS Code. Here's my setup:
Install the official GitLab extension from the VS Code marketplace
Once you've signed in, this extension gives you:
Direct access to GitLab issues and work items
AI-powered chat with GitLab Duo
GitLab Duo in Action
GitLab Duo became my pair programming partner. Here's how I used it:
Understanding Code: I could type /explain and ask Duo to explain what any part of my pipeline configuration does by highlighting that section.
Solving Problems: When my solution didn't compile, I described the issue to Duo and got specific suggestions. For example, it helped me realize some projects weren't in .NET 9 because dotnet build required the Aspire workload. I could either keep my project in .NET 8 and add a before_script instruction to install the workload or upgrade to .NET 9; I picked the latest.
Adding Features: I started with just build and test, then incrementally asked Duo to help me add security scanning, secret detection, and better error handling.
Adding Context: Using /include to add the project file or the .gitlab-ci.yml file while asking questions helped Duo understand the context better.
Learn More with the Docs: During my journey, I knew Duo wasn't just making things up as it was referencing the documentation. I could continue my learning there and read more examples of how before_script is used in different contexts.
The AI-Assisted Development Experience
What impressed me most was how GitLab Duo helped me learn while building. Instead of just copying configurations from documentation, each conversation taught me something new about GitLab CI/CD best practices.
Conclusion
I think this template can be useful for anyone starting a .NET Aspire project. Ready to try it? Clone the template at cloud5mins/aspire-template and start building with confidence.
Whether you're new to .NET Aspire or CI/CD, this template gives you a good foundation. And if you want to customize it further, GitLab Duo is there to help you understand and modify the configuration.
If you think we should add more features or improve the template, feel free to open an issue in the repository. Your feedback is always welcome!
This week, we're exploring a wide range of topics, from .NET 10 previews and A/B testing to the latest in Azure development and AI. Plus, a selection of insightful podcast episodes to keep you informed and inspired.
Docker Model Runner ( DevOps and Docker Talk: Cloud Native Interviews and Tooling) - I tried the new model feature of Docker and had many questions. All of them were answered during this episode.
Michael Washington: The Nature Of Data - Episode 353 (Azure & DevOps Podcast) - Interesting discussion about data, and a bit more about a really cool project, Michael's Data warehouse, because sometimes we need something that runs locally.
Welcome to another edition of my reading notes! This week, I’ve gathered a selection of insightful articles and resources covering topics like AI, cloud security, open source, and developer productivity. Whether you’re interested in best practices, new tools, or thought-provoking perspectives, there’s something here for everyone.
Dive in and enjoy the highlights!
Suggestion of the week
Copilot, The Good Parts: Efficiency (Rob Conery) - I love that post, it's so true! There are good and bad ways to use any tools. And I personally would really like seeing Rob build his stuff. Let's him know If you think like me.
Fantastic Alert Messages Using SweetAlert (Héctor Pérez ) - A great component to manage our alerts in C# instead of having JavaScript. That makes code easier to test when all is in the same language.
You DON’T Need Microservices for Serverless! (Derek Comartin) - A great post that explained the difference between cold coupling and monolithics versus microservices great post.
Open Source
How to convince your boss to sponsor Open Web Docs (Patrick Brosset) - Open source is important! And to contribute, it doesn't have to be code. Nice post that shares ideas and explains a few things about OSS.
Local code review with Docker and smollm2 before pushing to git (Gerardo Lopez) - This is a great idea! Definitely a good way to avoid the light of shame and be able to quickly validate that your code looks okay. It's also a great way to experiment free hook.
Welcome to Reading Notes #653 another packed edition of insights, tools, and updates from the tech world! This week's roundup dives into legendary engineering wisdom, AI controversies, and the latest innovations in Docker, Azure, and VS Code. Whether you're exploring MCP, refining your scripting skills, or gearing up for the newest Azure Developer CLI release, there's something here for every developer.
Let’s get into it!
Cloud
Azure Developer CLI (azd) - June 2025 (Kristen Womack) - Love that tool, great updates, so many new features and improvements in this version, very looking forward to try all of them, turning them all
AI
Publishing AI models to Docker Hub (Kevin Wittek) - Running model locally is a lot of people are looking forward to it, so this is good news can't wait to try it
This week, we explore a variety of topics, from database containerization and AI security risks to the evolving landscape of gaming devices and cloud technologies. We also explore the shift towards security-first development and the integration of .NET Aspire with SQL Server for integration testing.
Let's dive in!
Suggestion of the week
GitHub MCP Exploited: Accessing private repositories via MCP (Marco Milanta, Luca Beurer-Kellner) - AI tools are very powerful but also pretty new in our lives. It's important to stay up to date and understand the risks. Not scared, but to see the potential flaws and how to avoid them.
Beyond DevSecOps: The Rise of Security-First Development (Industry Perspectives) - DevSecOps was a wake-up call, and we need to build our app security first. That seems to make sense, right? Have a read of this post to dig deeper into this idea and understand its foundation
Welcome to another edition of my reading notes! This week brings some fascinating insights into AI's real-world impact, exciting developments in .NET and containerization, plus practical tools for improving our development workflows.
From local AI-powered code reviews to Docker security hardening and the upcoming .NET 10 features, there's plenty to explore.
AI
The promise that wasn’t kept (Salma Alam Maylor) - Interesting thoughts about AI and its impact on our work but also on our life, and the planet.
Inside GitHub: How we hardened our SAML implementation (Greg Ose, Taylor Reis) - Very interesting post that pushes the curtain a little bit so we could see behind the scene how this very used but notification system works and has been updated
Enhance productivity with AI + Remote Dev (Brigit Murtaugh, Christof Marti, Josh Spicer, Olivia Guzzardo McVicker) - I love the dev container environments, they are so useful! And I also use the remote one when I'm not on my dev device so easy. Happy to see that Copilot will be right there with me.
It's time for another edition of Reading Notes! This week brings exciting developments in the open source world, with major announcements from Microsoft making WSL and VS Code's AI features open source. We've also got updates on Azure Container Apps, .NET Aspire, and some great insights on developer productivity tools.
Let's dive into these interesting reads that caught my attention this week.
Cloud
Happy 5th Birthday Bicep! (Sam Cogan) - What?! Five years already! That's incredible, I remember all the discussion about how we make our business better and honestly, bicep is a big success. Congrats to the team
Have I Been Pwned 2.0 is Now Live! (Troy Hunt) - New look, new merch, and confetti, all without API breaking changes! Learn all about this major update in this post.
What's new in .NET Aspire 9.3 (David Pine) - Wow! How so many great new features can be added in a single version?! Aspire is a must for all .NET developers.
Accelerate Your .NET Upgrades with GitHub Copilot (McKenna Barlow) - That's the tool I've been waiting for ages! Adding a Copilot to the extension is the smartest move they could make. I'm going to update an app right away. I'll share more later
Open Source
Edit is now open source (Christopher Nguyen) - That's a great news! I installed it half through the post and it great! Fast, simple, and tiny!! Love it!
Agent mode for every developer (Katie Savage) - Great new for everyone as the agent mode become available in so many different editor. This post also contains videos to shows some scenarios.
Podcasts
Reimagining the Windows Terminal with Warp's Zach Lloyd (Scott Hanselman) - A very interesting talk with the CEO of Warp that answers so many questions I had about this very different terminal. Really interesting episode, and terminal too BTW)
The experience is enough (Salma Alam-Naylor) - Whether we like it or not, we are people creature. We all need to stop hiding behind our screens and get out there!
This post is a collection of my latest reading notes, highlighting interesting articles and resources on AI, programming, databases, and more. Each link includes a brief summary of what I found valuable or noteworthy.
Help yourself to thrive (Salma) - The human body is an extraordinary machine, extremely strong and conciliant, but it also requires a fine turning. Great post, we must learn from it.
Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
Welcome to this week's collection of fascinating reads across cloud computing, AI, and programming! As technology continues to evolve at breakneck speed, I've gathered some of the most insightful articles that caught my attention. From securing MCP servers to exploring Rust, there's something here for every tech enthusiast.
Dive in and discover what's new in our rapidly changing digital landscape.
When ASP.NET Core Identity Is No Longer Enough (Andrea Chiarelli) - Authentication and authorization have an important place in our Apps. This post shares details about how things work and the different processes.
New Docker Extension for Visual Studio Code (Remy Suen) - This extension was already a must, they made it better, it's a must must! But seriously give it a try and try it by yourself.
Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
Welcome to this week's reading notes! I've found some great articles that caught my eye - from security tips for MCP servers to exciting updates in Rust and AI. Whether you're into cloud services, programming tools, or wondering about the future of coding with AI, there's something here for you.
Let's dive in!
Programming
The Aspire Compiler (David Fowler) - I really appreciate Aspire. It's one of the tools that completely changed my experience as a developer. Learning more about it is, without a doubt, interesting.
Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
Welcome to Reading Notes #639, a curated selection of intriguing articles across programming, AI, cloud computing, and more. Dive into new productivity features in Visual Studio, the latest front-end development trends, .NET AI evaluations, and essential learning techniques.
What are Custom Integrations in .NET Aspire? (Kalle Marjokorpi) - This second post in a series shows how to configure the identity server name Curity. It's implemented in a .NET Aspire solution and looks very well structured.
5 Learning techniques you should know (Marco Siccardi) - Learning how to learn is a concept that in underrated. This post shares 5 accessible tips with big impact.
Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
This week Reading Notes, covers various topics in programming and databases. Discover the latest ASP.NET Core release, the importance of clear error messages, and coding with voice commands. Learn about new features in Azure EasyAuth and Microsoft Entra Authentication for Azure PostgreSQL. We also bid farewell to Azure Data Studio as it moves to VS Code extensions.
The Importance of Good Error Messages (jdanton1) - I cannot agree more with the idea! How many of us have lost hours trying to figure out what was the error because the description wasn't clear!
Azure Data Studio Retirement | Microsoft Community Hub (carlosrobles) - I used in love Azure Data Studio and I'm a little bit sad to see it go away but I think it's for the best since all the functionality will be now available in vs code extension
Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
Each week, I read a myriad of topics that pique my curiosity and spark new ideas. From AI advancements and low-code solutions to tutorials on enhancing accessibility and performing database operations in .NET MAUI, this week's reading notes offer an eclectic mix of insights and practical knowledge.
Dive in and explore the fascinating links that kept me captivated over the past few days!
AI
AI mistakes are very different from human mistakes (Mark Downie) - Very interesting thoughts. Looking forward to seeing how we adapt and integrate new security practices to avoid those new potential mistakes
Using Tools (Safely) with LLMs (Mark Heath) - This is a nice C# tutorial that explains how to extend the capabilities of your AI without compromising security.
Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
This edition of Readings Notes covers the synergies between C# and Rust, open-source software licensing challenges, and securing the software supply chain. It also feature a beginner’s guide to programming C# in Visual Studio Code. Finally, we delve into the evaluation process of AI models for GitHub Copilot.
Enjoy the read!
Programming
Why Every C# Developer Should Explore Rust (Chris Woodruff) - Even though I heard of Rust I don't think I ever wrote a single line. This post gives a brief list of ideas where we could make a combo c#-rust, and where to get started. Hmmm.
.NET OSS Projects: Better to Re-license or Die? (Aaron Stannard) - What are the options when a free OSS project changes its license? Nice post that provides an overview of a recent change like this.
How we evaluate AI models and LLMs for GitHub Copilot (Connor Adams, Klint Finley) - This is an interesting post that shares the methods used to test the different models before they can be included. Testing a model is different than testing a regular piece of code, what are they looking for, and what's important?
Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
This edition of ReadingNotes covers new AI tools, WSL updates, .NET 9 features, and debugging tips with GitHub Copilot. Plus, insightful podcasts on .NET Aspire, productivity tools, and frontend engineering.
Sharing my Reading Notes is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
Easier to fix async exceptions (Mark Downie) - Debugging Asynchronous code as been always more complicated, looking forward to seeing (and using) that new capability in .NET 9.
How to make your web page faster before it even loads (Salma Alam-Naylor) - To make sure our users have he best experience possible it important to fine-tune some little details. This post goes deep and explains them very well.
Welcome to this week’s edition of Reading Notes! In this roundup, we explore a variety of topics across cloud, programming, databases, and AI. From understanding Docker’s USER instruction to styling Blazor components with CSS, I’ve got you covered. Let’s dive in!
Suggestion of the week
Understanding the Docker USER Instruction (Jay Schmidt) - A great post to that explains really clearly the basic usage of user when building our container. After reading this post you should feel confident to follow this best practices.
Happy Canada Day! It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
You also read something you liked? Share it!
Cloud
Is .NET Aspire NuGet for Cloud Service Dependencies? (Phil Haack) - I like the comparison with NuGet. Using .NET Aspire in a project does indeed simplify a lot things. I'll be waiting for that follow up post.
Announcing TypeScript 5.5 - TypeScript (Daniel Rosenwasser) - Really good news for the JavaScript developers. This post shares all the new features like ECMAScript, Set Methods support, and the performance improvement included in this release candidate of Typescript.
Blazor Basics: Dealing with Complex State Scenarios (Claudio Bernasconi) - Interesting package Fluxor that help managing states. The post also explains different pros and cons of methods to maintain states.
It's reading notes time! It is a habit I started a long time ago, where I share a list of all the articles, blog posts, and books that catch my interest during the week.
Bringing the Aspire dashboard to ACA (Mark Downie) - One of the great tool that was released with Aspire is its dashboard as it shows traces across services. This post shares how to enable this amazing tool in Azure.
