How'd you like to listen to dot net rocks with no ads? Easy? Become a patron for just five dollars a month. You get access to a private RSS feed where all the shows have no ads. Twenty dollars a month, we'll get you that and a special dot net Rocks patron mug. Sign up now at Patreon dot dot net rocks dot com. Hey Carlin Richard here. As you may have heard, NDC is back offering their incredible in person conferences around the world, and we'd like to tell you about them. NDC
Copenhagen is happening August twenty seventh through the thirty first. Go to NDC Copenhagen dot com for more information. NDC Porto is happening October sixteenth through the twentieth. The early bird discount for DC Porto ends July twenty first. Go to Dcporto dot com to register and check out the full lineup of conferences at NDC Conferences dot com. Hey there, this is Jeff Fritz, the Purple Blazer from Microsoft, letting you in on a little secret about my friend Carl Franklin.
You know, the guy who started dot net Rocks, the first podcast about dot net in two thousand and two. The guy who's been teaching Blazer on YouTube since twenty twenty, Yeah that Carl Franklin. Well, Carl's joined up with the folks from Code in a Castle to teach a week long hands on Blazer class at Are you ready to get this? At a castle slash villa in Tuscany. It's sort of a luxury vacation with Blazer learning built in.
Carl's calling it the Blazer master Class. You'll learn Blazer from the ground up, finishing the week with the ability to build and deploy Blazer applications. Since the training happens for only four hours in the morning over six days, you can bring your significant other, your partner with you and you should right This part of Italy is absolutely beautiful. There's so much to see and do, and in Larion Marco from Code into Castle are organizing daily activities both at
the castle and in the area. The castle is in the Marema, a less touristed region of Tuscany, offering both classic Tuscan hill country as well as easy access to the Etruscan Riviera, with sublime local food, wine and olive oil around every corner. Breakfast is included. Every day there will be two communal dinners at the castle book ending the experience, and most other meals and all activities are included. And did I mention you'll learn Blazer in person from
Carl Franklin. Listen, space is limited and for very good reason. This is quality training in a beautiful setting. Go to code in Acastle dot com slash Blazer twenty twenty three that's BLA z O R two zero two three To take advantage of this amazing opportunity to join Carl in Tuscany for an unforgettable week of La dolce vita while advancing your programming skills in this important new technology. Welcome back to dot net Rocks. This is Carl Franklin and this is Richard
Campbell, and um, what can I say? Man? We're it's beginning to rain here and the ash from Ontario and is moving out now that's good weather changes. You know. The first set of forest fires that really hit hard. We had some of the northeast of BC and then Nova Scotia caught fire, which is weird. Nova Scotia normally does not burn right, I know, and they couldn't had a heck of a time trying to contain it, and it wasn't until mother nature came along and said how about some rain
that actually got things under control. But they lost some homes, lots of people evacuated, like it's been, it's been areas. I mean. The saving grace for a place like Quebec is most of the fires are in the north, which is pretty deserted. Not entirely. There are some First Nation villages that were not They weren't able to save. They evaluated the people, but you're talking about places that people have lived at literally for thousands of years.
Thousands of years. Yeah, yeah, and so that is pretty painful. Well, if you're confused, we're actually recording this on June ninth, and it's just a couple of days after the fires in the Quebec started. But just good news that it's it's all over now. Yeah, well mostly for me anyway. It's disturbing to me that forest fire season has started this early. Yeah, you know it's gonna be I think it's gonna be a tough summer. Yeah. Well, let's get started with a little thing.
We call it been or no framework roll the crazy music. Awesome, All right, man, what do you got all right. Far from me to report any news story that prevents people from doing sane things like wearing seat belts or you know, getting vaccinated or using a password manager. Pastor managers are good. Pastor managers are good. However, every once in a while, one of them gets hacked. And this happened on June fifth. It was reported key pass k ee pass version two point five four fixes a bug that
leaked clear text master password. Oh that's not good. Here's the question, like why did they even have it? Like there's no reason? Yes, what yeah, like this this the bigger thing here is that it suddenly breaks into this whole question of what were you people doing under the hood. Well, well, here's the thing. It wasn't. It wasn't like it was just boom done. It was it was a vulnerability where you had to do
a memory dump of the application. So you have to crash the application, right, look through the memory dump, and then even though it's a secure text box, right, Yeah, when the user types in the password, they are leftover strings, so basically it gets everything but the beginning string. You know that little dot that pops up when you're typing your password, right, So those are leftover strings, and the dumper allows users to recover almost
all of the mastered password characters apart from the first one or two. Yeah, so it's not so bad, all right, So you understand that, you're like, oh, so I need direct access to your machine to have put code in it to be able to break that, you know. Okay, Yeah, it's not so much of a of a of a you know,
we used it as clickbait on security this week. Okay. Well, and the other thing is like key passes, the you know Linux kind of yeah, you know, from the open open source community, that's the one that is supposed to be the greatest in a lot of respects, but tricky to use. So uh and it still is very safe, so don't yeah, yeah, let's say, and you know, the only thing worse than using a password manager is not using not using like correct, Yes, I
moved from one from from last pass to Bitwarden. Same here, and I'm happy. We haven't looked back since happy with bit Warden does a good job, right, all right, Well that's what I got. Who's talking to us today, Richard grad A comments Office Show twelve fifty five. So I've gone back in the archives about seven years ago. Jeez. And that was a show that we did with Joe Goodano when we were talking about as your App Insights, and that's a twenty sixteen and I realized reading this, it's
like, hey, you know, those are pretty early days. They were. And one of the conversations that we had at the time was the fact that there were updates that were coming periodically, that we're fairly disruptive to developers, like the work that you were doing and implementations you done and be shifted
around. And so skinnoct actually had this comment related to another comment, a comment from Jan Tarlemaine from show twelve to thirty nine, which is only a few shows before, about cloud service updates making life difficult for developers, and he'd just seen a plural sight course from John Seville. I remember John on Sequel as You're and he mentioned some of the deprecated features. This is probably
much rare, but potentially a much worse problem than updates. It seems to me that the classic challenge here is managing benefits to companies based on features. But otherwise, you guys, keep up the good work. We really like everything here and it run as radio. Thank you and we'll keep working on the problem. And I just I've forgotten that, like seven years ago,
we were dealing with a lot of breaking changes. You know, Asure was relatively young, and they were learning more as a number of customers grew about how things should be architected. And it was an ongoing topic for us five hundred episodes ago. If we don't talk about that anymore, now we don't. It's true, great, Really, it's not a thing. I think we're cred of hitting a maturity point where we can kind of count on the
product to give us pretty clear paths forwards. It still happens once in a while, but they also give you lots of warning to migrade and give you good migration paths. Yeah, so seekonette. Thank you so much for your comment and a copy of music. Cobuy is on its way to un If you'd like a copy of music, go buy right a comment on the website at dot net rocks dot com or on the facebooks publish every show there, and if you comment there and everyady on the show, we'll send you a
copy of music. Go buy, and you can follow us on Twitter if you want to. We've been there a long time. But the real fun stuff's happening on mass done. I met Carl Franklin at tech Hub dot social, and I'm rich Campbell at Massa dot dot social. Send us a tout Rudy too, Rich, Rudy, tuity, fresh and fruity, all right, right, something like that, All right to let me bring on our guests today. Savannah Trotsky is a senior product manager at Microsoft focused on Azure
Cloud native developer tools and experience. She's the product lead for the open source Azure Developer CLI, formerly known as azd a ZYD. Previously, she was the proud manager for the Pilance Language Server, which powers the editing experience in visual Studio, code code Spaces, visual Studio, and more. She's passionate about Python, open source software, debops, and developer experience. Welcome to the show, Savannah, Hello, thanks for having me. Richard named Carl.
Nice to meet both of you as well. Yeah, definitely excited to have you on. And CLI is something that I used to use, you know, PowerShell, and then it's like built right into the portal. Now you can just like click up and it's been there for a while. I realize that you just click a button and poof CLI. I love that. Yeah, there's like a couple of different CLIs happening on Azure these days, like the like Azure Cli you said, PowerShell, cloud Shell stuff, and
now the Azure Developer Cli. So alright, I'm better define the differences here because that's a lot of that's a lot of CLIs, I think. So yeah, I think with the Azure Developer Cli being a new product, I think that is sort of a thing that we have to clarify a little bit. So the Azure Developer CLI, the thing that I work on, is
a higher level application developer friendly CLI. So instead of you interacting with atomic Azure resources like a particular service and passing in a bunch of parameters and flags and configurations in an imperative way in the terminal, the Azure Developer Cli thinks more about like the total application scope, so like all of the Azure resources and how they kind of fit together. And so in the command line we have our commands are more like initialized, provision, deploy up down, and
we defer kind of that complexity to infrastructure is code more declarative model. So that's kind of like the difference I guess um to two tools in the same tool belt, different different jobs to be done, right, right, So is that sort of in the UM the Palumi space or the other the I'm
saying terraform. Yeah, yeah, So we support so um the Asure Developer CLI uses the infrastructure is code in the form of these application templates, and today we support BICEP, which is the Microsoft flavor of infrastruct and Terraform. Our top most upboted issue on our GitHub repoot is also to support Pollumi. The people want it. That's great. That's the first one I really heard
about. But they've all been around for a while, all right. So when you have these high level commands, obviously there's a lot of stuff behind them. So how you're assuming that you're connecting to your what your resource group or something like that first, that is your overarching context for for this CLI?
How does that work? So it's actually like a level but like higher level than that, so like the whole like the original reason the Azure Developer CLI was created was really to like support application developers who don't necessarily have expertise on Azure get their apps on Azure and so a lot of those folks don't
necessarily know what resources they need for their application. They might be able to identify like their local app stack and the technologies they're using to build their prototype, but they don't necessarily know I want Azure Container apps or Azure app service with key vaults and all of that good stuff. And so the idea with AZD is that you go and you find an application template, which you can find on gethub. We have Microsoft authored ones that our team and other teams
of Microsoft have authored. There also community created templates. Find one that maps to your local app stack, and then you basically swap out this the proof of concept source code that's in there and piggyback off of the infrastructure as code assets on daisi er so you don't have to fuss with kind of the complexity
of Azure. I mean, step one is really get your app in the cloud right, and then as time goes on and as you have, you know, problems you want to sort out, Like maybe now your application serves a million users, you might want to change some of the configurations and the skews and that kind of stuff to support a more high highly trafficked app or
a website. And you can do that, but incrementally by kind of fine tuning the infrastructure's code with a specific problem in mind, instead of having to deal with all of the complexity of Azure right right from the get go. Yeah, I mean me as a as a developer that is familiar with provisioning Azure resources. It sounds a little scary to me because if I just say something like deploy, is it going to create resources that I'm now paying for
that I don't know what I'm paying for? Is it going to generate those things for me? Or is it assume that those things exist before I get to deploy? So all of those resources are defined in the infrastructure as code and so there's nothing like magical happening here. We're just kind of like, instead of that imperative like I'm touching an individual Azure resource or walking through the Azure portal, we have this infrastructure as code that lives in the same application
scope as the developers source code. So you can go in there understand what's happening, but the gestures that you need to use day to day are just like a lot easier to remember. Got it? That makes sense? Yeah, it feels like this is a place to hide complexity, so you can just go when you're ready to go and all of that. You only need
to work all this stuff out once. Yeah, I think I kind of talk about in terms of deferring the complexity, you know, because it's there, like the complexity of the cloud is still there, and there's like learning to be done, right, but it's not like you're overwhelmed right from the get go, and like you can focus on the problems you want to focus on when you want to focus on them, right. I mean, we
all we know we should be storing our secrets in key valls. The question is do you have to have all that set up first before you can do a deploy or these there workarounds here that then later I can put key vault in. Yeah, so in like the infrastructure's code, the key vault would be defined there along with like monitoring infrastructure kind of all the stuff that you
would need. And then today it's a pretty manual process to go in and tweak the the iic the infrastructure is code to add a key vault or add a database later. But we are working on features maybe in the next six months to a year from now, that would allow someone to inject infrastructure's code into their project. One very important question. It's not a YAML file,
is it. So we have an azure dot YAML, which is a very yeah, yet another yam file, right, we have like a very simple short YAML file we use to tell the developer CLI like it'll be like what services do you? I mean front end, back end. It has the language, the target hosts, so if you're using app service, and a path toward the source code lives and that's like basically all that really needs to
live in there. But the configuration isn't yammo, right, No, it's bi separate terraform okay, right good and eventually polluted and someday pollumi probably. So I'm literally grabbing links as fast as I can go because you know, I found the Azure yamal for for AZD, like all of these are the little tidbits are like okay, I get this, I need that piece in this piece, Like it's still assembling the bits to make AZD behave for us.
Yeah. Yeah, the like the Azure yamal I kind of consider to be like the entry point for you telling a ZD like what it is you're trying to do, and like where your quote code lives, and like how it can stitch together the app and then the infra diirectory contains all of you your you know, the Azure specific infrastructure is code stuff and pull stuff from there and stitch it all together for you. Yeah, it's still a bunch of bits, there's no two ways about it. I did find the GitHub
repository for awesome AZD because and there's a ton of stuff here. Holy Macaroni's. Yeah, I like the whole awesome idea. There's a whole bunch of awesome collections. Yeah. I have to give a like a shout out to one of the cloud developer advocates. I work with Nitya who who came up
with the idea for calling it awesome. AZDM built the initial prototype of that website, which like is really like a curated template gallery for various application stacks as your technologies, trying to make it more discoverable for folks to find the right recipe right well and not roll your own right. Look, here's here's a solution for implementing the for Kubernetes right for as your front door. It's
like it's been solved. It almost reminds me of the PowerShell world where it's like listen, somebody's order written a chunk of PowerShell to do this, just go get it from the gallery, like don't write your own Yeah, okay, to learn from it adapted And this feels very much the same sort of thing of a lot of folks that put a lot of energy into putting all of these templates together for you in advance that you can pick them up and
assemble. It is something that's pretty comprehensive. Yeah, it's also been pretty cool like in the you know, the current state of the world with all the AI stuff coming out, there's like AI templates in there too, so like things like build your own chat GPT plug in and hosted on Azure, or build your own chat GPT like trained on your enterprise data so that you can have people use natural language to ask questions about their healthcare plan, you
know. So it's it's pretty cool to see like the diversity of applications being built in there too. Yeah, look at them all. Yeah, this is not just the plumbing for deploying an app service. Yeah, there's a lot of different pieces here and a lot of different directions you go in. So I mean often when we say go in a ZT you know, that's a lot of go. Yeah, all right, what else do we need
to know? I know by the azure animal schema, and I'm glad to know that it's as much of the animal as I'm gonna need only enough. Yeah, but and then it sounds like biceps the first class citizen, Like that's probably my next step is to go spend some time with bicep. Yeah, bicep is sort of the like what we've seen a lot of folks adopting mud right now. Bicep is kind of um it's it's in like our support for bicep is in like a stable quote unquote stable state. Terraform is a
bit earlier on. It's it's an alpha right now behind a feature flag because we wanted to com We recently introduced these alpha, beta, and stable kind of feature stages for each feature as we rolled them out to communicate to folks like, maybe you don't want to use this in a production scenario today because like the actual user experience of using this feature might change because we're like getting feedback, right so there, we're hoping to get Terraform also that stable state
kind of with more use and more stress testing across applications and stuff. Funny that ties right back to Sea connects comment about changes in Azure and heavy services move from under view. Maybe maybe the other thing has happened in seven years is that Microsoft themselves has gotten very disciplined about Hey, when we say stable, we mean stable, and if you implement this you can expect it to keep working for atty pain Leslie. But when we say beta or you know,
experimental, you should expect this to shift from under you. And so you've at least got fair warning that you might be surprised when the newer version comes along. Yeah, I mean, I think trying to avoid situations where people have unpleasant surprises and their stuff is broken, especially because you can run a CD and CI pipelines as well, like making sure like there's a good contract there and that people can rely on it for business critical scenarios without you
know, unpleasant stuff. Well it's this, you say, the main thing, which is the surprise break? Right? Like that's the one where right, I just I just pushed code, you know, I just accepted a pull request and now I have a string of errors and everybody's like, what just happened? And it's got nothing you do with my pr it's got everything to do with some service change somewhere in the pipeline and we're exploding now and now you have to dismantle all that and check bit by bit to figure out,
like what's the broken bid. Yeah, and that itself is sort of like antithetical to azd's value prop, right, But like we want to keep people focused on the business critical scenarios that they're trying to go after. And so if we're like, you know, causing breaking changes for folks, that is like derailing them from their path from A to B, that's that's bad. Right. So yeah, it's like, hey, you know, I had work to do. Yeah, yeah, exactly. Oh yeah, I
appreciate that. And it also speaks to it's up to us to be smart about reading these things and knowing I only want the stable stuff put in. Maybe it's a few fewer futures and I really really wanted, but I'm going to be surprised far less often if I stick with the stable set and then only experimental. And I absolutely have to because I need that feature desperately. Yeah, we have a couple of things in alpha state right now, terror
Form, our support for Azure Spring apps. And also we recently added resource groups scope to deployments. Previously we only supported such ryption scope, but we wanted to also give people some more flexibility and their infrastructure as code. So yeah, that's a cool idea resource scoping, just because you know, as your environments are getting massive, so me being able to say, having to create a resource group for all of these things, and that's where you play.
Yeah, and we allow you now to like with that feature, like bring an existing resource group to a ZED right right. Previously we always support the case where we were creating resource groups for the user and then putting all their resources in there, but we want to enable scenarios where people might want
to like adopt AZD beyond, just like true day zero scenarios. So right, yeah, yeah, and there in lies the problem with these kinds of tools, like taking an existing app and getting it to work through this is
not a trivial problem. Yeah, yeah, for sure. So I'm reading the I'm scanning the documentation here and there's some information about customizing workflows using command and event hooks and that that really piqued my interest because you know, the more we can hook into these things, that you know, more we can
take advantage of them. I think, how does that work? Yeah, so we have support for pre impost command, and like kind of service life cycle hooks, so things like oh, you want to run a script before your provision or after provision or before deploy or after deploy, like, we
give you kind of that flexibility. I think the reality is was when you're building a tool for all developers, you kind of have to make it sort of malleable, right because everyone's got their own workflow or scripts they want to run ahead of a deployment. So we tried to kind of give that flexibility through the through the hook support. Yeah, very cool. Nice. Another thing I see is make your project a ZED compatible. So a project isn't
compatible with a z D right out of the box. What does that mean so today? Yeah, so today there is some overhead and kind of rolling your own AZD combatible projects, so that there's kind of two paths. One is finding a template and building off of some one's existing work and infrastructure's code, swapping out that source code for your own, modifying it, and then AZD upping it, which will package, provision and deploy the Apple Azure.
Then there's like the option of I actually don't want to start from a template. I want to start from my own I know how to write infrastructure is code. I need to write infrastructure's code. I need to make like add an Azure amble to the project and then azd app it. So there's like
there is some work there. We are working on some features that would allow a developer to not have to do either of those things, where we would maybe infer kind of what the local app stack is and then generate some infrastructure
as code for them. We started some early prototyping on that, but yeah, that's definitely still one of the things that I'd like to get us past, because that's it's not sometimes not trivial, right, Yeah, I mean we've often run into this issue where it's like I want you to parse my existing application to make a template for me, essentially like work with what i've got. Yeah, but that's not a simple problem. People do crazy things.
Who knows what the code the infrastructure looks like? But yeah, I guess that you know today right now, the challenge with an existing brownfield app is to go thumb through the templates and say, like, what do I need? Yeah, it's close to fit these things together, yeah, yeah, and then figure out the rough spots. Yeah, and there are like some templates that are more targeted at the enterprise scenarios. Like there's a reliable dot net web app one which I think is like a true twelve factor app,
and we have like some JavaScript ones. There was one like that shows like a full real estate website with like a payment system and a blog and like a listing and it's wow. Yeah that came out at Builds a couple of weeks ago, and definitely seeing some people like really building large proof of like kind of sample architectures, and also some like pretty basic stuff too,
so kind of across the board. But yeah, you're right, like I think, especially if you've got like a large enterprise brownfield application, like it's it's still a ask, right, Yeah, no question. I mean, and I appreciate someone going to the trouble to build that sort of comprehensive wide
app model as a template. Not that I'll probably use it directly, but it's a great starting point for me to look at it and go, now, how would I build this for my app with each of these pieces sort of knowing how to break them down into the significant segments and what each of them would look like. But yeah, here and this is great when you're starting something new, to just go all right, we've made We've got a
whiteboard scenario here. We kind of know what we want to go. I think this templates closest let's go and you a z D from the very beginning. Yeah, like retrofitting a ZD in new existing project just going to be
more challenging. Yeah, and it like not in not between now and the end of this year, but probably early next year, we'll be focusing kind of more on that, like what I kind of call compose ability, right, or like maybe I start out with a basic app, but then later I decide I need to add more components to it, or you know, swap out my database, or like how do we enable people to do that?
Because that's common, right, Like when you later decide or discover that there's some problem that you need to add infrastructure like that is something that comes up pretty often. But yeah, yeah, starting with the kind of onboarding scenarios first and then kind of the project to grow up stories as well. Absolutely, and Savana, I'm gonna interrupt for one moment this very important message and we're back it's done at Rocks. I'm Richard Campbell, that's Carl Franklin
Yo. Talking to our friend Savannah from Microsoft a bit about AZD which is the Azure Developer CLI, not the PowerShell CLI, not the as Your CLI. They're different, but very much focused on the on the dev challenge, and we right before the break we were talking a bit about like, I'm changing the infrastructure for my app, Like, what's this going to look like? I can't imagine. In fact, I've been talking to a company's dealing
with this where the happily using as your sequel. Now there's parts of the app that are that are widely distributed, more performance sensitive, and you're like, hey, we're talking about using Cosmos for part of this, so I would imagine you'd bring in Cosmo the Cosmos template just to make it part of the deploy And you've really got the You're not you're not going to hang up
as your sequel. That's not going away, but we're moving pieces of the workload over to Cosmos dB and having those deploys run as well, and then making some connectors and things to synchronize data eventually, but I need that performance on the front end. So I've got this platform that'll do it for me, but I got to add it into the equation. Am I thinking the
right way? Yeah? I mean that that's the scenario we like, eventually we do want to support UM, But like, I think the tricky part is there, Like what is the developer experience of like adding or modifying your infrastructure as code or like actually updating it, right, Because like the thing is, like a lot of application developers don't necessarily care about infrastructure as code
if they're uninitiated, right, they care about the flexibility and deployments. They care about, you know, being able to like find two and stuff, but that infrastructure is own piece, especially if they don't understand the value prop of infrastructure as code. It's really just like a means to an end for them. So like we're trying to like figure out the right gestures to expose that in right, it's part of my fast deploy process, right, It's
that I don't want to think about deployment. So I have all of the I learned enough I ac at the time to get the pipeline working, and then it all fell out of my head because now I've got to work on my code and so each time I go back to make changes to that for whatever reason, it's like starting over. Yeah, you know, I don't. I don't think we do. Most of us do with this, and often enough to actually retain it. It's like red Jax in a way,
like you can't hold that stuff in your head. I've never learned redj X. It's just something I go into a validator every single time, right, absolutely, And I feel the same way about you know. I know there's folks out there that work on this stuff all the time because they're they are the specialist for their organization and they're taken care of a dozen projects. But that's not me. All right. I've got my projects, and I'm partly
responsible for some of the IAC stuff. I'm also talking to maybe subsistemins in it, and so I'm kind of picking it up from scratch every time. Yeah, and so you know, everything you can do to make that easier for me, to sort of guide me down the path. That's pretty compelling, certainly for the initial builds. But this, you know, it's adding weight to changing infrastructure. Oh, if we're going to change the infratructure, that also means you have to change the pipeline, Like what does that look
like? What do we got to do? Yeah, And kind of like another feature that we're working on in the next couple months is this like what we are calling like an application scaffolding wizard, So that would be like I know actually things about ashore, I know what services I want. Can azyd allow me to walk through a wizard and say, I want key vall, I want container apps, I want this thing and just spit out infrastructure as
code modules with smart defaults that I can go in and tweak. So that that's kind of like horrific or like related to this effort that my team is working on for our templates that we've authored, which is like actually coming up with a set of BICEP modules that use those smart defaults or like are like we think are a good starting point and we'll be working to get those into the BICEP registry so that folks can have a good foundation to build on.
But like to your point, a lot of the time it's like if you don't write it, i AC all the time you're back in Microsoft Docs trying to lowing BICEP or look at terror form right, and then you need to figure out what are the supported keys and all the values and configurations for each particular service, and like that's I mean, some people are experts in it,
but it's definitely something that folks have to continue to revisit API. Oh no, I've added comments to my own I a c that says, hey, dummy, this is like the fifth time you've been here, you're going to make these mistakes. Do this and this, so you know, way you you have a mandate to keep it high level because otherwise you're creeping towards just being another portal, right with all the wizards and go to fill out this form first and then this form in the net form. It's and there's
nothing wrong with a portal. Yeah, I love I use it all the time. Yeah, And there's some efforts like kind of a sister team to my team. Is this new Azure app spaces Portal that came out at build, which is a more developer friendly portal blade and like so like there are
like there's nothing wrong with portal or CLI. I think when we talk about why would someone come and use one or the other, it's more just like some people just have a preference for it, right, Yeah, your style, Yeah, yeah, yeah, or sometimes there's things you like, there's certain tasks that ares not well suited to CLI, like monitoring dashboards like I'm not going to go and like ship like anything that uses a lot of imagery
is like best suited to a portal for sure too. So you know what else too that the CLI generally doesn't change too much, whereas the portal. You know, you could learn how to do a task one month and come back the next month and the everything's been redefined and redone and everything else. So yeah, I run into that problem because I document a lot of this stuff for a YouTube show, and I get people saying, hey, you know the portal in your video doesn't look like the portal now, yeah,
where is this? Where is that things get moved around? That's that's sort of reality. But I'm feeling really prescient for my comment at the beginning of the show change right, It's like there is still pieces that are changing. It's not like they're taking anything away. It's just like I don't know where to look now. And in some way, the CLI solves that problem because it's done the look at it's the script. It's just when the script breaks, Now what you know, how do you how do you debug it?
How do you you trace it down? It's this is where I think these things get challenging, because it's still very much the same old how far did it get? You know? How am I spinning up messages to show where it fails? Like those kinds of things. We're still doing pretty ridomentary debugging when it comes to uh BICEP and I guess you know, act executing on top of it. Yeah, I mean, I think that's definitely an area
that still needs some some polish. Something that we want to like work on in the next couple months as well, is trying to like when we like the errors that sometimes you see coming from Azure are not very descriptive or or actionable, right, and then you're like, you know, off googling, and so like, how how can we help folks course correct and like get back on track, or like, as are there docs that we should be suggesting people too so they don't have to go and do the Google searching or
whatever, so or being searching if that's your flavor of search. But like, you know, um, I think that that is a good point and definitely something that we have work to do with. Yeah, and it's not just you, like that's a huge array of stuff. Like, Yeah, the problem is that once you know what the problem is, the message makes
total sense. Yeah, but often it is not. Other than saying we are broken, it doesn't say anything to you at the beginning when you when you don't know what it is. Yeah, for sure, I didn't get a chance to spend to really look at asure app spaces steering builds just because there was a lot going on. But it is interesting to think in terms of more and more we're going to have our own corner of Azure for doing
development that then ties into the larger app Azure for deployment. I just wonder what impact that's going to have for a ZD, Like does that make easy these life easier to just deploy into an app space rather than the overall infrastructure.
I mean I think that the So the thing that like I'm most interested in, right is, like if we're using a z D as this like quote unquote more developer friendly way of approaching Azure, I'd love for that same paradigm to like carry into the portal when a developer inevitably ends up there, right, Because even if we keep them in the CLI while they're doing their development, they're going to end up looking at the portal at some point, right, Yeah, And so like one of the things that like I'm focused
on is like can we make the paradigm feel natural and good regardless of where you end up. And then also like we have integrations and editors. We have a vs code extension we haven't experienced in visual studio, Like how can we tie that that thread across all of those different clients? Yeah, yeah, that's and it's appealing to different audiences too, because certainly we get email from folks. It's like I live in studio and that's all I live in
and I don't care about the rest of the stuff. Give me the button to click on. Yeah, and it's and a doct dialogue on the right side that tells me what happened and I am content. Yeah, nothing wrong with that either. Yeah, yeah, I guess. I mean why upside to a CD is you don't have to be a dotnet deloper to be using this, Like this is any kind of developer that's going too is going to appreciate it. Yeah. Yeah, we currently support dot net and or C
sharp, F sharp whatever. And then also Python JavaScript or type script and Java. See there's if you go to that template website, you'll see templates across combinations of all of those. It was adjust the languages that then you've got support for apps services, container apps, static web apps, function apps, Kuberneti services, and there must be more than that by now, and
also Azure Spring apps for for Java devs as well. So like we target all kind of the major compute targets for Azure nice, and that means all different development tools in front of all of that. Like, this is part of the challenge for us that you now have a pivot point between how I construct software and then at the point of which I want to deploy it can
step into AZD and deploy into Azure with that. Yeah, I think that's sort of like the beauty and also the complexity of working on a tool for all developers, right, is that each one of those types, Like even if you just looked at Python, they're like so many different flavors of Python, right, and then if you look at all the languages and you add Kubernetes, you add containers, you add micro service architecture, there's a lot
of different workflows and so like thinking through things like how do we I don't want to like build a tool that just wraps all of those tools, Like how do we play nicely in that developer's ecosystem, their toolchain, whatever they're using. Right, that's something that is a very fun problem to sometimes think about. Oh for sure, Yeah, without being prescriptive. You want to you want to embrace what they're doing, but at the same time, you
don't want to make it too complex that it forces them away. Yeah, and also enforce like best practices type stuff like meet people where they're at, but also sometimes try and nudge them towards the right thing, like don't hard code your seek are using AI in any of this, looking at what they're doing and say you may want to do something else here something. Yeah, we're definitely like exploring that angle in this current state of the world, right,
I think everyone's sort of considering AI. I think I'm team like put AI in things where it makes sense and like is actually doing good stuff. So like one of the things we're looking at is like can we use AI from doing that I infer and applications of local app stack and then generate infrastructure as code. So like kind of investigating that and also investigating non AI powered
approaches to doing that as well. I'm figuring out, you know, which one is actually gonna meet the most folks needs and actually support the variety of developers that we have trying to use a z D. Absolutely. One thing that would be really cool is to get an estimate of the cost of things. You know, when you're wrapping these things up and thinking about them, how much would it cost to do this? You know stack, that'd be really cool. Yeah, for sure. I've heard that ask a couple times,
actually, like several times since starting to work on this project. I've working on a CD for about a year. But I think like that's a recurring theme, is like people want to know how much it costs to like run one of the templates we have or you know, and figure they don't want to like, you know, shoot themselves in the foot, hire a general contractor you want an estimate. Yeah, yeah, right right. Weird. Everyone's cloud fear is like they rack up a four hundred dollar bill and
then they're like, you know, out of luck. So trying to avoid that for sure. I just did a show and run as radio called Azure Sticker Shock. Yeah, talking to aid and Finn about that, and he's you know, he's happened to me, describes exactly that scenario. Well, working in a bigger company too, where suddenly the CFOs on the phone going what are you people doing down there? Oh no, this is a five digit number out of nowhere. Yeah, I had that, fans. Yeah.
Well, and just just knowing that there are cost management tools that you can set baselines on how on what a reasonable spend is so that you get warnings. I think you can do that in Azure anyway like that. That's a yeah, that's a feature. You can, without a doubt have a watchdog and you should be doing that. But that's still post factor right yeah, right, which you're talking about, which I think is wicked cool, is just estimate, doing a basic enumeration based on the deploy and saying this
should cost between this and this a month. The portal already does that, like on a resource by resource basis when you're going to make a sequel server or whatever. Yeah, here's the skew and here's about how much it's going to cost a month. You know, I like that, but yeah, to add them all up, yeah, at the application level, that would
be pretty I think a lot of people would really love that. So even if you just had to take those files and pump it into a into a gadget and then it came back and gave you estimates, right like, it doesn't even have to be part of the bill process so much that it's just like, hey, I've done all this work to describe what I'm going to use, rather than retype it or anything. Can I just upload these files to me and you'll give me an estimate? Woo? Because it is you
know, then I could add it to the pipeline. It's like in the pipeline, we do this thing and then I fire off the estimate and you'll get an email it said, here's the estimate based on the current deploy woo. Hey, if I can shift cares for a second. In the bio, you say you were the product manager for the Pielance Language Server, which powers the editing experience for all these you know, visual studio, code code spaces, visual studio. What is that and why haven't I heard of that?
Oh? Yeah, so I used to work on Python language tooling at Microsoft, and so the Pilance Language Server powers editing experience for Python, and well, for Python. Yeah, in in vs code, visual studio, and some stuff on Azure too. That's why I haven't heard of it. Yeah, you're not a Python person. I'm not a Python guy, but I hear all the cool kids today are doing Python. Python was my first programming language, so I'm a I'm a big fan, especially in scientific in
academia, like it's that's all they use. Yeah. Yeah. My GitHub report at the end of twenty twenty two said I wrote more Python than anything else last year, and it shocked me. I didn't mean to. It was an accident, but you know, I was doing a bunch of datal handling stuff and by golly, Python's awfully good at that. The only thing that made me satter is in the number two was yeavil oh no, and then c sharp came in third. So I did write some c sharp last
year. But what happened to me? Oh man, that's so funny. You know. The piece we've just been sort of quietly walking around, which I think is a big issue I than talking about Keybault is the security aspects just and I would hope in these templates, especially like that they are staying here's where the keys go. This should be locked up. This needs to be validated. Do you need certificates on both sides of this, Like overall when I wear my tinfoil hat on the security side of stuff and run as
radio. We're talking a lot about supply chain breaching, that the black hats are now targeting code deploys as a way to insert malicious code to get access to systems, and that there's a real pressure now for developers to have a
more secure pipeline. Yeah, with all the templates, especially the ones that are coming in on Microsoft, like we're trying to enforce kind of those best practices because I think there's like when you do your Google searching about getting your app on a particular service, it doesn't really upfront say you should use key vault and not hard code your tokens and secrets, or like you should maybe
consider using a v net here or you know, something like that. So we we like definitely like internally think about that kind of stuff and make sure that that's coming in the templates. And then when they're communities submitted templates to the gallery, we are running through them and testing them and reviewing the BICEP code because we don't want to promote a scenario, which we're like, you
probably don't want to be doing that. It's an insecure scenario, right, and so we are thinking about, like right now that process is a bit manual for the gallery we are we are thinking about also adding it a command like AZD validate, which would like help us kind of build some automation or like basically allowed developers to kind of get a sense of whether or not it would be one admitted to the template gallery based on some of the standards we
have internally on our kind of our pipelines when we go and make templates, but also like trying to enforce best practices because it's not really enough that you just get your out to the cloud. It's like, we want you to be set up for success to right, and enough people are just struggling to
make this work. Is like tear away anything I think is not essential to get this up in the first place, right, and so security off and gets ditched, but more and more refining out the trying to retrofit security into that is worse and building to get it into the pipeline at the beginning. This is very what they're calling shift left these days, hitting security as part
of the initial implementation makes a huge difference. But although we are talking two different things here, there's security within the application itself, but also the security of the deployment pipeline because they are now targets of exploitation and a CD as a role to play in both of those. Really yeah, yeah, yeah, for sure. Yeah, it's definitely something like we want to keep like
top of mind. That whole shift left thing is definitely something we talk about a lot internally as well as like figuring out how we can because I think the part to think of or to kind of put in front of an uninitiated developer someone who's new, is like why some of this stuff exists, or like that education component, because at the end of the day, like like you said, some most you want to strip away everything that's not necessary or
because they don't understand the value it adds if it's not just like I did the thing I got my app on Azure, so kind of yeah, I got a running close enough, right, like at least I'm up, yeah, right, And I think the thing is that is a non trivial task sometimes right, yes, and often the moment it's up there now they're using it so retrofitting anything gets hard. Yeah, they're like I'm done now,
Like, yeah, yeah, it serving my audience. But yeah, I think like trying to enforce those best practices kind of throughout the workflow, not just in like the local development scenario, but as people continue to iterate and use AZD commands and like add them to their CI pipelines and stuff, like, we want to be thinking about the security dimension as well. Yeah, getting better at that and just helping us do the right thing because you're trying
to get it in afterwards is becoming more and more difficult. Savannah, what's next for you? What's in your inbox? What's in my inbox? M Yeah, we're working that. I'm working on a bunch of features, specs and stuff for some of that, like inference of local stack generate I C. I've got to talk coming up in July for BS Live Redmond, all
about as your developer. Clim So got a prep for some public more public speaking stuff, but the summer is a little quieter than pre build because we gad az a build and it was in a couple different keynotes and stuff, so just kind of we have a pretty public facing roadmap on our GitHub repo, so kind of play you away at some of those, making sure that we can ship some some new features to help folks get on Azure. Very
cool. That also speaks to folks that want to participat in this that are frustrated with like you can write issues, you can be part of the process. Are you taking prs from mixed ternals? Oh? Yeah one, so so I'll disclaim that the CLI is written and go. So if you're not a Go dav, that's cool. You can write. We would love a contribution to the CLI corp. But we also have a vs code extension which
is written in type scripts. If you're a type scrept person you can do that, or you can write templates in whatever language you'd like and submit them to the gallery. And we would love to have new flavors of app scenario on our template gallery too, So there's like a and also just filing issues questions like helps me shape our product to make it useful for everyone too. So discussions issues. Yeah, that's awesome. Yeah, I look at the
current issue list and it's long four something. Oh yeah, of course that'll change by the time anybody else can go look at it. But it's a lot of these almost feel like check support. You know, I'm having trouble installing it on this, Like is that actually a bug? Or is this a procedural problem? Like, but those are all potential learnings for you. It's like this is too hard and that doesn't work right, and maybe they do find something interesting. The bigger thing here is there's a lot of people
clearly using this and pressing it in places you probably haven't thought of. Yeah, yeah, we're even thinking about stuff like like the micro service scenarios, like what if you don't have all of your app code in the same repo, or maybe you're doing kubernettes and you have ic in one repo manifested, another app code and another. How do we stitch that together? So like there's a you know, we're still WEGA, but there's still a long road
ahead of us to support all the different flavors of apps. So if you have stuff that isn't supported by the CLI today, like wave the Flag, come come say hi, Like we're shaping the product. Yeah for sure, And look at all these different products that they're pressing on it against Aks, Azure functions, Ubuntu, Like this is cool, It's it is a un of issues. Yeah right, All these different countries are common adges saying make it work from my thing. Yeah, it's an exciting problem to have,
for sure. Yeah, yeah, I think you have good problems. It's very exciting for sure. Well, Savannah Astrosky, thanks for being here and thanks for telling us about this great product. And we can't wait to hear what's going on in next next year with this thing. Can't wait. Yeah, thanks for having me, super super fun conversation. Yeah, all right,
we'll see you next time on dot net rocks. Dot net Rocks is brought to you by Franklin's Net and produced by Pop Studios, a full service audio, video and post production facility located physically in New London, Connecticut, and of course in the cloud online at pwop dot com. Visit our website at d O t nt r ocks dot com for RSS feeds, downloads, mobile apps, comments, and access to the full archives going back to show number one, recorded September two thousand and two. And make sure you check
out our sponsors. They keep us in business. Now go write some code. See you next time. You got a tad middle band