Skip to main content

Posts

Chrome forcing all localhost queries to https, breaking various CLIs

I use the Azure CLI and the Force.com CLI pretty regularly, and both of them make use of a little webserver running on localhost, presumably to catch the auth tokens once the SSO process redirects back. I also like to use localhost as a new tab page, to better invoke Chrome's Vimium extension on all new tabs.  On several installs of several dev machines, http://localhost has been regularly redirected to https where it shouldn't be, causing breakage of all the CLIs, since they're not providing TLS certs, and my new tab page as I haven't got a TLS binding set up for the IIS default website.

Today I finally figured out the fix for it, it's explained here, basically Chrome is forcing connections over to TLS due to a HSTS header that it's picked up for localhost.  Deleting the security policy for the localhost domain immediately resolved all the problems I was having!  You can get to the HSTS security policies configuration at chrome://net-internals/#hsts
Recent posts

Docker + ASP.NET MVC "Hello world" - abridged edition

Here's the exact steps to get the ASP.NET MVC sample application running in a Docker container in Windows 10, abridged from the Microsoft tutorial here.  I used a fresh Azure VM to avoid the many weird issues I kept running into with my bizarrely-screwy desktop, because of course it is.
$ip = (New-AzureRmVm -Name dockertest -Credential (Get-Credential) | Get-AzureRmPublicIpAddress); "Remote desktop to: " + $ip.IpAddress; mstsc -v $ip.IpAddress
Next, install chocolatey, then install everything else: choco install visualstudio2017professional visualstudio2017-workload-netweb docker docker-desktop -y Sign out and back in again, run docker desktop as admin, right-click the tray icon and switch to windows containers, let it enable hyper-v and reboot.  Run docker desktop as admin again.
Open Visual Studio, create a new project using the ASP.NET template and let it add all the MVC stuff. Create a publish profile, publishing files to the default location of /bin/Release/Publish …

Get the date each branch in a git repo diverged from master

I'm trying to clean up some long-lived branches in our repo and came across this handy stackoverflow post to get branches by the date of the commit they branched from.

I've modified it slightly to be easier to use for my purposes:
git show-ref | { while read branch; do merge_base=$(git merge-base --all $branch master); date_branched=$(git show -s --format=format:"%cd %an" --date=short $merge_base); echo "$date_branched, $branch"; done } | sort

Powershell jobs

Mostly for my own benefit but maybe someone will find this a helpful and concise reference

Create a job like this
$job = start-job {sleep 60; get-service;}

If you're creating jobs in a loop, add them to an array
$jobs = @()
foreach ($asdf in $qwer) { $jobs += start-job {...} }

Check job status while a job is running with
$job | get-job

Receive the result of that job with
$jobResult = ($job | wait-job | receive-job)

Azure Devops, unit tests and Azure AD Service Authentication

I couldn't think of a title for this one that wasn't ridiculously long so to help future Googlers, here's what we were trying to do:

Authenticate against Azure Key Vaultusing a Service Principalusing Azure AD Service AuthenticationRrom our build serverRunning an Azure Devops build agent
Whew.  Basically we had some integration tests that retrieve a database connection string from an Azure Key Vault, and needed Azure Devops to be able to run those tests on our build server. Which meant it has to authenticate with its own service principal in Azure AD as described in here: https://docs.microsoft.com/en-us/azure/key-vault/service-to-service-authentication#running-the-application-using-a-service-principal

We were using the certificate-based method, to request a token to access the Key Vault, but it wasn't working :(  In case I run into this again, here's the steps we had to go through to sort it out:


Don't get the cert thumbprint from the certificate properties, get …

Making EntityFramework play nice with Azure Key Vault

Make a separate class containing a constructor to pass in the connection string from KV.  Don't modify the constructor in the Whatever.Context.cs file because it'll get regenerated when you update the model and overwrite any changes you make in there.

Get the connection string from the "update model from database" command, but replace " with actual quotes. The connection string in KV should look like this:

metadata=res://*/EntityFramework.DataWarehouse.csdl|res://*/EntityFramework.DataWarehouse.ssdl|res://*/EntityFramework.DataWarehouse.msl;provider=System.Data.SqlClient;provider connection string="data source=databasename.database.windows.net;initial catalog=thedatabase;user id=dbusername;password=passwordgoeshere;MultipleActiveResultSets=True;App=EntityFramework"

Salesforce - bypass running unnecessary unit tests during a deployment

We had to urgently fix a bug in an Apex class written by a previous colleague, which was causing major issues with a customer-facing application on a Friday afternoon (because these things always happen then).  We'd found the bug and updated the code easily enough, but Salesforce's default deployment option of running all local unit tests was failing because of some completely unrelated tests that were failing.

Salesforce's documentation (or at least the parts that I read) doesn't clarify that you aren't actually required to get 75% code coverage across all Apex code in your production org - you only need to get 75% coverage over the code you're deploying.  Here's how to do it and get that emergency fix into production asap.

You'll need the Force.com CLI for this, which you can easily install via chocolatey here.  You can probably do the same with the Salesforce DX CLI, but I'm used to this other one.

Make a dev sandboxIn production Salesforce deploy…