Development Guidelines for GitHub Copilot

Test-Driven Development (TDD)

ChrisRomp / policy-api.xml

Last active February 6, 2024 18:45

APIM Load Balancing Policy - Round Robin with Azure OpenAI (AOAI)

	<!-- This shows the policy as implemented with references to {{named values}} and fragments -->
	<!-- Named values: https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-properties -->
	<!-- Policy fragments: https://learn.microsoft.com/en-us/azure/api-management/policy-fragments -->

	<policies>
	<inbound>
	<base />
	<!-- This requires enabling the managed identity on APIM, and granting it access to AOAI -->
	<authentication-managed-identity resource="https://cognitiveservices.azure.com" output-token-variable-name="msi-access-token" ignore-error="false" />
	<set-header name="Authorization" exists-action="override">

ChrisRomp / func-asev3.sh

Created June 28, 2023 17:28

Azure ASEv3 Function App

ChrisRomp / Show-Certificate.ps1

Last active April 27, 2023 18:25

Fetches a host's SSL certificate and displays the cert chain info.

	$checkHost = "www.azure.com"

	try {
	# Create a TCP client and connect to the server using the URL and port 443
	$client = New-Object System.Net.Sockets.TcpClient($checkHost, 443)

	# Create an SslStream using the TCP client and set the remote certificate validation callback
	$sslStream = New-Object System.Net.Security.SslStream($client.GetStream(), $false, { $true })

	# Authenticate the client

ChrisRomp / env-create.sh

Last active February 16, 2023 18:38

Azure .env File Generation

	#!/bin/bash
	# requires azure cli client and jq

	# Get account info from Azure CLI
	ACCOUNT=$(az account show)

	# Get tenant name (from user query)
	TENANT_NAME=$(az ad signed-in-user show --query 'userPrincipalName' \| cut -d '@' -f 2 \| sed 's/\"//')

	# Parse tenant ID

ChrisRomp / asb1.http.txt

Last active September 13, 2022 15:17

Azure Service Bus AD Auth

	@tenantId = {{$dotenv TENANTID}}
	@subId = {{$dotenv SUBID}}
	@clientId = {{$dotenv CLIENTID}}
	@clientSecret = {{$dotenv CLIENTSECRET}}
	@sbName = {{$dotenv SBNAME}}
	@sbUrl = https://{{sbName}}.servicebus.windows.net

	###
	# Get OAuth Token
	# @name getToken

ChrisRomp / builds.http.txt

Created September 2, 2022 18:37

ADO Get Build Changes API workaround for 200 item limitation

	@adoUser = {{$dotenv ADO_USER}}
	@adoPat = {{$dotenv ADO_PAT}}
	@adoOrg = YourAdoOrg
	@adoProject = YourAdoProject
	@buildId = 123

	### Get Build Properties
	# @name buildProps
	GET https://{{adoUser}}:{{adoPat}}@dev.azure.com/{{adoOrg}}/{{adoProject}}/_apis/build/builds/{{buildId}}?api-version=7.1-preview.7

ChrisRomp / 01-upload-akv-gpg-keys.ps1

Last active February 14, 2025 19:37

Azure Key Vault GPG Key Management

	# Export and upload GPG keys to Azure Key Vault
	$UserId = "" # GPG email address
	$SecretKeyName = "github-gpg-secret-key"
	$PublicKeyName = "github-gpg-public-key"
	$KeyVaultName = "" # Key Vault Name
	$SecretKeyFile = ".\sk.asc"
	$PublicKeyFile = ".\pk.asc"

	# Send Private Key
	$(gpg --armor --export-secret-keys --with-fingerprint $UserId) \| Out-File $SecretKeyFile

ChrisRomp / azure-pipelines.yml

Created May 24, 2022 18:09

Azure Pipelines - OpenSSL Add ISRG Root X1 Cert

	trigger:
	- main

	pool:
	vmImage: windows-latest

	steps:
	# Get OpenSSL Version
	- powershell: openssl version -a
	displayName: Get OpenSSL Version

ChrisRomp / app.py

Created October 14, 2021 18:02

Example of authenticating to Azure Storage Blob service with AD-delegated SAS key using the machine/service managed identity

	import xml.dom.minidom
	import html
	from datetime import datetime, timedelta

	import requests
	from azure.identity import ClientSecretCredential, ManagedIdentityCredential
	from azure.storage.blob import BlobServiceClient, generate_container_sas, AccountSasPermissions

	from flask import Flask
	app = Flask(__name__)