https://daily-devops.net/ Recent content in Daily DevOps & .NET - Where Code Meets Culture on Daily DevOps & .NET en Thu, 12 Mar 2026 16:08:30 +0000 https://daily-devops.net/posts/error-handling-security-information-disclosure/ https://daily-devops.net/posts/error-handling-security-information-disclosure/ Thu, 12 Mar 2026 17:00:00 +0100 Your exception handler returns detailed stack traces to be “helpful.” Congratulations, you’ve just handed attackers your internal file paths, database technology, and architecture details. This guide shows how to implement error handling that satisfies security audits: comprehensive internal logging paired with generic client responses, correlation IDs for support, and environment-aware middleware. dotnet iso-standards security https://daily-devops.net/posts/disaster-recovery-business-continuity-aks/ https://daily-devops.net/posts/disaster-recovery-business-continuity-aks/ Wed, 11 Mar 2026 17:00:00 +0100 Your cluster will fail. The question is not if, but when, and whether you can recover before customers notice. Most organizations discover their backup strategy does not work during an actual outage, when recovery time matters most and manual heroics cannot save you. If you run Azure Kubernetes Service (AKS) in production, you need a recovery plan that engineers can execute half asleep at 2 AM. We will go through what to back up, how Velero works in day-to-day operations, when Azure Backup for AKS is enough, and how to design realistic failover with measurable Recovery Time Objective (RTO) and Recovery Point Objective (RPO). The goal is simple: repeatable recovery procedures you have already tested, not a document that looks good in Confluence but fails during an incident. azure cloud compliance devops disaster-recovery kubernetes reliability https://daily-devops.net/posts/data-retention-azure-storage-lifecycle/ https://daily-devops.net/posts/data-retention-azure-storage-lifecycle/ Tue, 10 Mar 2026 17:00:00 +0100 “Storage is cheap” — until your data retention strategy becomes evidence in a GDPR lawsuit. After 15+ years in enterprise software, I’ve seen this pattern in project after project: elaborate wiki documentation, a cleanup script nobody runs, and production databases growing exponentially with personal data that should have been deleted years ago. The compliance checkbox is marked, but the actual deletion never happens. When regulators investigate, they don’t want your policy documents. They want execution logs proving deletion actually happened. Azure Storage lifecycle policies, Cosmos DB TTL, and scheduled Functions give you exactly that — automated retention that runs without human intervention, with full audit trails. azure gdpr iso-standards privacy storage https://daily-devops.net/posts/session-management-aspnet-authentication/ https://daily-devops.net/posts/session-management-aspnet-authentication/ Thu, 05 Mar 2026 17:00:00 +0100 That StackOverflow answer suggesting Session.Timeout = Int32.MaxValue for “better UX”? It’s how security becomes checkbox theater. Sessions that never expire, logout buttons that don’t invalidate tokens, cookies transmitted over HTTP—auditors catch these patterns immediately. Here’s how to configure ASP.NET Core authentication that actually works. authentication bestpractices dotnet iso-standards security https://daily-devops.net/posts/container-registry-image-security-aks/ https://daily-devops.net/posts/container-registry-image-security-aks/ Wed, 04 Mar 2026 09:00:00 +0100 Securing Azure Container Registry for AKS needs more than a single control. This guide walks through a production-ready sequence: vulnerability scanning, image signing, RBAC, private endpoints, policy enforcement, and geo-replication. You get practical Terraform, Kubernetes, and pipeline patterns, plus clear trade-offs for real-world operations. azure cloud devops kubernetes security https://daily-devops.net/posts/encryption-transit-azure-frontdoor/ https://daily-devops.net/posts/encryption-transit-azure-frontdoor/ Tue, 03 Mar 2026 17:00:00 +0100 Production systems with HTTP endpoints wide open and TLS 1.0 enabled for backward compatibility that died in 2020 are still everywhere. If auditors haven’t flagged your encryption config yet, they will. This guide shows the fatal configurations that fail security audits and the Azure Front Door patterns that actually pass. azure cloud iso-standards networking security https://daily-devops.net/posts/change-control-github-branch-protection/ https://daily-devops.net/posts/change-control-github-branch-protection/ Thu, 26 Feb 2026 17:00:00 +0100 Process documents don’t impress auditors. “We trust our developers” isn’t a control mechanism. ISO 27001 demands technical enforcement, not organizational promises. This guide shows how GitHub branch protection, CODEOWNERS, and environment protection transform compliance from checkbox theater into system enforced reality with a six week implementation path. devops github governance iso-standards security https://daily-devops.net/posts/multi-aks-cluster-networking-hub-spoke/ https://daily-devops.net/posts/multi-aks-cluster-networking-hub-spoke/ Wed, 25 Feb 2026 18:30:00 +0100 Running more than one AKS cluster changes networking from a setup task into an operating model. This guide covers practical connectivity patterns, hub-spoke routing, cross-cluster DNS, ingress options, and decision criteria that help teams scale safely without adding complexity too early. architecture azure cloud devops kubernetes networking https://daily-devops.net/posts/consent-management-aspnet-identity/ https://daily-devops.net/posts/consent-management-aspnet-identity/ Tue, 24 Feb 2026 17:00:00 +0100 That boolean column you call “consent”? Regulators will laugh at it. ISO 27701 demands granular, auditable, expiring consent, not cookie theater. Here’s the complete .NET implementation with Entity Framework Core, middleware validation, and Azure Functions that survives an audit. authentication dotnet gdpr iso-standards privacy https://daily-devops.net/posts/dependency-management-nuget-security/ https://daily-devops.net/posts/dependency-management-nuget-security/ Thu, 19 Feb 2026 17:00:00 +0100 Every NuGet package is a supplier relationship under ISO 27001. Learn how to implement Central Package Management, automated vulnerability scanning, and package signature verification to transform your .NET dependency management from security liability into auditable compliance control. dependency-management dotnet iso-standards nuget security https://daily-devops.net/posts/observability-logging-aks-cni-overlay/ https://daily-devops.net/posts/observability-logging-aks-cni-overlay/ Wed, 18 Feb 2026 17:00:00 +0100 CNI Overlay masks pod IPs behind node IPs through SNAT, breaking traditional observability. Network logs show nodes, application logs show pods. Without Container Insights, correlation IDs, and distributed tracing, you’re debugging blind. SNAT port exhaustion mimics network failures, and timestamp-based correlation is fragile. The cost of proper monitoring is trivial compared to debugging outbound connectivity at 3 AM without visibility. azure cloud devops kubernetes monitoring observability https://daily-devops.net/posts/network-isolation-azure-vnet/ https://daily-devops.net/posts/network-isolation-azure-vnet/ Tue, 17 Feb 2026 17:00:00 +0100 That SQL Server you deployed last week? Publicly accessible. That Storage Account? Same story. Azure defaults are security theater. ISO 27017 calls this a compliance violation, and your next audit will too. Stop trusting “cloud-native” to mean “secure” and start implementing VNets, Private Endpoints, and NSGs before your data becomes someone else’s problem. azure cloud iso-standards networking security https://daily-devops.net/posts/incident-response-github-actions/ https://daily-devops.net/posts/incident-response-github-actions/ Thu, 12 Feb 2026 17:00:00 +0100 That incident response plan in your Confluence? Nobody reads it. The on-call engineer can’t find it. And when your production API is bleeding at 3 AM, you’ll improvise—badly. ISO 27001 A.16 doesn’t care about your documentation theater. It demands procedures that work. GitHub Actions turns incident response from compliance fiction into executable reality. automation bestpractices codequality devops github-actions security https://daily-devops.net/posts/cost-optimization-resource-governance-aks/ https://daily-devops.net/posts/cost-optimization-resource-governance-aks/ Wed, 11 Feb 2026 17:00:00 +0100 AKS costs are brutally simple: node sizing, pod density, workload sprawl, and reserved capacity. If you don’t have visibility and governance, your cloud bill will punch you in the face—usually when it’s too late to react without pain. I’ve watched teams scramble to cut costs after the invoice lands, breaking production in the process. This guide is for practitioners who want to avoid that mess. No theory, no vendor fluff: just what actually works to keep AKS costs under control without sacrificing reliability. azure cloud devops kubernetes https://daily-devops.net/posts/data-minimization-entity-framework/ https://daily-devops.net/posts/data-minimization-entity-framework/ Tue, 10 Feb 2026 17:00:00 +0100 The classic monolithic User entity—stuffed with birth dates, phone numbers, employment history, and marital status “just in case”—turns into a compliance nightmare the moment someone requests data deletion. You can’t delete without breaking referential integrity. You can’t keep the data without violating GDPR. You can’t anonymize without retaining fields that should never have existed. The solution isn’t complex: separate operational data from personal data, make consent-based fields nullable and purpose-documented, implement soft deletes with query filters, and validate your API boundaries with integration tests that fail when unnecessary fields leak through. Data minimization isn’t regulatory overhead—it’s architectural hygiene that makes your deletion logic straightforward and your audit responses honest. architecture bestpractices codequality dotnet privacy testing https://daily-devops.net/posts/cryptography-dotnet-data-protection/ https://daily-devops.net/posts/cryptography-dotnet-data-protection/ Thu, 05 Feb 2026 17:00:00 +0100 Every developer who has tried simple encryption with XOR and hardcoded keys eventually faces the audit that exposes their house of cards. I’ve watched production systems fail compliance assessments because someone believed base64 encoding was good enough or that compilation obscures secrets. The .NET Data Protection API exists precisely because Microsoft’s cryptography team spent years solving problems most developers don’t know they have. This isn’t about learning yet another library—it’s about understanding why professional implementations outperform clever hacks, and how Azure Key Vault integration transforms theoretical security into auditable compliance. cryptography dotnet iso-standards security https://daily-devops.net/posts/storage-architecture-stateful-workloads-aks/ https://daily-devops.net/posts/storage-architecture-stateful-workloads-aks/ Wed, 04 Feb 2026 17:00:00 +0100 Stateful workloads in Kubernetes require understanding PersistentVolume architecture, Azure storage trade-offs, and backup strategies. This article covers PVC/PV patterns, Azure Disk vs Files performance profiles, Velero backup configurations, and multi-cluster replication patterns based on production experience. azure cloud database disaster-recovery kubernetes operations platform-engineering reliability storage https://daily-devops.net/posts/secrets-management-azure-keyvault/ https://daily-devops.net/posts/secrets-management-azure-keyvault/ Tue, 03 Feb 2026 17:00:00 +0100 Hardcoded secrets aren’t just bad practice—they’re ISO 27017 violations with real consequences: failed audits, denied insurance claims, contractual penalties. That connection string in your appsettings.Production.json? It represents a compliance gap your organization probably doesn’t even know exists. Azure Key Vault with Managed Identity isn’t an optional security enhancement—it’s the minimum viable implementation of standards you already claim to follow. azure cloud dotnet iso-standards security https://daily-devops.net/posts/audit-logging-azure-app-insights/ https://daily-devops.net/posts/audit-logging-azure-app-insights/ Thu, 29 Jan 2026 17:00:00 +0100 Your audit logs probably won’t survive a real security incident. Most implementations log too much, protect too little, and provide zero value when something breaks at 2 AM. Here’s how to fix that with structured logging that actually works. azure bestpractices compliance dotnet iso-standards logging observability security https://daily-devops.net/posts/cluster-upgrades-zero-downtime-aks/ https://daily-devops.net/posts/cluster-upgrades-zero-downtime-aks/ Wed, 28 Jan 2026 17:00:00 +0100 AKS cluster upgrades involve node replacement and pod eviction, which can cause service disruption without proper controls. This article explains cordon and drain mechanics, Pod Disruption Budget configuration, and multi-node-pool rollout strategies with validation-driven automation for reliable zero-downtime upgrades. aks azure cloud devops kubernetes operations reliability https://daily-devops.net/posts/access-control-aspnet-core/ https://daily-devops.net/posts/access-control-aspnet-core/ Tue, 27 Jan 2026 17:00:00 +0100 Your [Authorize] attributes give you a false sense of security. ISO 27001 auditors see right through it. I’ve reviewed dozens of ASP.NET Core apps that authenticate flawlessly — then scatter role strings across business logic, skip audit logs, and wonder why they fail compliance. Here’s the pattern that kills audits, and how to actually fix it. authentication bestpractices dotnet iso-standards security https://daily-devops.net/posts/iso-standards-intro-dotnet-developers/ https://daily-devops.net/posts/iso-standards-intro-dotnet-developers/ Thu, 22 Jan 2026 17:00:00 +0100 Cloud-native .NET development has transformed ISO/IEC 27001, 27017, and 27701 from abstract compliance requirements into concrete daily coding decisions. This guide shows .NET developers how security standards directly map to Azure Key Vault integration, Azure AD authentication, and proper logging—with real code examples demonstrating compliant vs. non-compliant implementations. azure cloud cloudnative compliance dotnet security https://daily-devops.net/posts/pod-identity-access-control-aks/ https://daily-devops.net/posts/pod-identity-access-control-aks/ Wed, 21 Jan 2026 17:00:00 +0100 Traditional AKS authentication relied on service principals and mounted secrets. Workload Identity Federation eliminates credential lifecycle problems, but introduces new failure modes. This article covers the operational realities: where credentials still leak, how RBAC layers compound across Kubernetes and Azure, and validation patterns that prevent identity failures in production. azure cloud devops identity kubernetes rbac security https://daily-devops.net/posts/real-professional-software-engineering-ai-era/ https://daily-devops.net/posts/real-professional-software-engineering-ai-era/ Tue, 20 Jan 2026 17:00:00 +0100 Throughout this series, we’ve established that AI-generated code without understanding creates productivity illusions that collapse in production (Part 1), and that the feedback loop between code and reality—compilation, testing, profiling, production—sharpens thinking in ways AI can’t replicate (Part 2). Now we confront the practical question: What defines professional software engineering when code generation becomes trivial? This final part examines the irreplaceable skillset: understanding execution characteristics (recognizing allocation patterns that cause GC pressure before deployment), asking questions AI can’t formulate (What’s the failure mode when this service is unavailable?), recognizing when plausible AI solutions diverge from correct ones, debugging production failures AI has no execution model to reason about, and evaluating maintainability for code that becomes tomorrow’s burden. We explore why prompt engineering optimizes for speed while architecture optimizes for survival, why “AI productivity” often means faster technical debt accumulation, and why the economic reality favors organizations that measure system reliability over lines of code generated. The feedback loop can’t be automated because closing it requires learning from production failures and applying that knowledge to prevent future ones—the irreplaceable discipline that defines real professionals in 2026 and beyond. ai-code-assistant architecture bestpractices codequality csharp dotnet github-copilot softwareengineering technicaldebt https://daily-devops.net/posts/stossluften-and-software-systems/ https://daily-devops.net/posts/stossluften-and-software-systems/ Fri, 16 Jan 2026 11:30:00 +0100 A Swabian habit teaches a DevOps lesson: open windows fully and often, or invisible decay accumulates. Stoßlüften isn’t about comfort—it’s about forcing systems to prove they’re healthy. Regular restarts, infrastructure-as-code, and reproducibility checks catch the problems that green metrics miss. architecture devops reliability technicaldebt https://daily-devops.net/posts/feedback-loop-ai-cant-replace/ https://daily-devops.net/posts/feedback-loop-ai-cant-replace/ Thu, 15 Jan 2026 17:00:00 +0100 In the first part of this series, we established that AI-generated code without understanding creates an illusion of productivity that collapses under production load. The differentiator isn’t typing speed—it’s the feedback loop where code meets reality and exposes incomplete thinking. But what exactly is this feedback loop, and why can’t AI replicate it? Modern compilers validate logical consistency, catching gaps pure thought leaves unresolved. Profilers expose the 75x performance difference between “seems reasonable” and “actually performs.” Production environments reveal every assumption abstract thinking deferred—scale, concurrency, failure modes. This article explores the mechanisms that transform vague reasoning into concrete understanding: compilation validates logic instantly, testing catches behavioral mismatches, profiling measures what abstract analysis guesses, and production exposes the cost of every deferred decision. Real professionals don’t just write code—they master the iterative discipline of watching it fail, understanding why, and refining their thinking. AI participates in parts of this loop, but it can’t close it. That’s where professionals remain irreplaceable. ai-code-assistant architecture bestpractices codequality csharp dotnet github-copilot softwareengineering technicaldebt https://daily-devops.net/posts/kubernetes-not-platform-strategy/ https://daily-devops.net/posts/kubernetes-not-platform-strategy/ Tue, 13 Jan 2026 17:00:00 +0100 Kubernetes has become an assumed default in many organizations, positioned as a universal platform that absorbs governance, security, observability, and operational responsibility. This narrative is incomplete. Kubernetes is a powerful runtime orchestrator that solves one phase of the software lifecycle. Architectural risk, cost decisions, and operational failure occur elsewhere. A critical examination of where Kubernetes’s responsibility ends, and what remains the architect’s job. architecture cloudnative dotnet kubernetes platform-engineering https://daily-devops.net/posts/kehrwoche-technical-debt/ https://daily-devops.net/posts/kehrwoche-technical-debt/ Fri, 09 Jan 2026 11:00:00 +0100 Kehrwoche—a Swabian cleaning tradition—is scarier than breaking the build on Friday afternoon. At least the build doesn’t remember next Tuesday. Mrs. Schmid from the second floor does, and she remembers well. What does a weekly cleaning schedule in southern Germany have to do with technical debt? More than most software teams want to admit. bestpractices codequality softwareengineering technicaldebt https://daily-devops.net/posts/alphabet-soup-file-formats/ https://daily-devops.net/posts/alphabet-soup-file-formats/ Thu, 08 Jan 2026 17:00:00 +0100 Developers wanted one format. We got twenty. CSV mangles data, XML drowns in tags, JSON forbids comments, YAML punishes spaces. TOML tried fixing it. TAML went minimal. TOON optimized for AI. CCL brought category theory. Result? Five formats per project, three parsers, and debugging why NO became false. AI can’t save us either. Welcome to format hell. bestpractices codequality configuration devops dotnet softwareengineering https://daily-devops.net/posts/code-sharpens-thinking/ https://daily-devops.net/posts/code-sharpens-thinking/ Tue, 06 Jan 2026 17:00:00 +0100 The elephant everyone ignores: AI can generate code faster than you can type. GitHub Copilot autocompletes entire functions. ChatGPT builds APIs from prompts. Typing is dead. So why will real professionals never be replaced? Because “vibe coding”—describe what you want, ship what AI generates—is a productivity illusion that collapses spectacularly in production. When code generation becomes trivial, understanding what that code costs, where it fails, why it breaks under load becomes everything. AI generates syntax. Professionals understand execution, failure modes, operational cost, and production consequences. The differentiator isn’t typing speed—it’s mastering the feedback loop: write code, watch it fail, understand why, refine thinking. This discipline can’t be automated. Prompt engineers generate code. Real professionals ensure it survives contact with reality. ai-code-assistant architecture bestpractices codequality csharp dotnet github-copilot softwareengineering technicaldebt https://daily-devops.net/posts/happy-new-year-2026/ https://daily-devops.net/posts/happy-new-year-2026/ Thu, 01 Jan 2026 14:00:00 +0100 Happy New Year 2026! 🎉 Fix one piece of technical debt this week—not next quarter. .NET 10, analyzers, and tests are ready; discipline is the only missing part. codequality csharp dotnet softwareengineering technicaldebt https://daily-devops.net/posts/dotnet-2025-year-in-review/ https://daily-devops.net/posts/dotnet-2025-year-in-review/ Tue, 30 Dec 2025 17:00:00 +0100 Forget the hype—2025 was when .NET tooling finally stopped pretending complexity doesn’t exist Three tools won by being honest: Aspire exposed topology, TUnit killed flaky tests, Testcontainers made infrastructure real architecture aspire csharp dotnet opensource softwareengineering technicaldebt testing https://daily-devops.net/posts/dotnet-10-cli-devops/ https://daily-devops.net/posts/dotnet-10-cli-devops/ Thu, 25 Dec 2025 17:00:00 +0100 The .NET CLI? Reliable. Boring. You run dotnet build, dotnet test, dotnet publish, done. Real DevOps work happens in Dockerfiles, CI/CD configs, and specialized tools. The CLI does its job but was never built for actual operational workflows. .NET 10 changes this. Four additions that sound minor but fix real problems I’ve hit in production pipelines for years: native container publishing, ephemeral tool execution, better cross-platform packaging, and machine-readable schemas. Not flashy. Not keynote material. But they’re the kind of improvements that save hours every week once you’re running them at scale. Will they replace your current workflow? Depends on what you’re building. Let’s look at what actually changed. bestpractices cli csharp devops dotnet https://daily-devops.net/posts/dotnet-advanced-logging/ https://daily-devops.net/posts/dotnet-advanced-logging/ Tue, 23 Dec 2025 17:00:00 +0100 Let me tell you what I’ve learned over the years from watching teams deploy logging strategies that looked great on paper and failed spectacularly at 3 AM when production burned. It’s not that they didn’t know the theory. They’d read the Azure documentation. They’d seen the structured logging samples. They’d studied distributed tracing. The real problem was different: they knew what to do but had no idea why it mattered until production broke catastrophically. architecture bestpractices cloudnative csharp dotnet observability performance https://daily-devops.net/posts/dotnet-cli-expanding-scope-autocomplete/ https://daily-devops.net/posts/dotnet-cli-expanding-scope-autocomplete/ Thu, 18 Dec 2025 17:00:00 +0100 One command to transform your .NET CLI workflow—tab completion so responsive you’ll wonder how you survived without it Finally, a productivity boost that’s actually worth your time bestpractices cli devops dotnet softwareengineering https://daily-devops.net/posts/dotnet-job-scheduling-7-comparative-review/ https://daily-devops.net/posts/dotnet-job-scheduling-7-comparative-review/ Tue, 16 Dec 2025 17:00:00 +0100 Synthesizing the series into actionable guidance with feature comparisons, suitability ratings, and decision frameworks. Select the scheduler that matches your operational model, infrastructure constraints, and team priorities. architecture csharp dotnet nuget softwareengineering https://daily-devops.net/posts/dotnet-job-scheduling-6-tickerq/ https://daily-devops.net/posts/dotnet-job-scheduling-6-tickerq/ Thu, 11 Dec 2025 17:00:00 +0100 TickerQ represents the next generation of .NET schedulers with compile-time validation, reflection-free execution, and SignalR-powered monitoring. Understand when modern architecture patterns and performance optimizations justify adopting newer frameworks over established alternatives. architecture csharp dotnet nuget softwareengineering https://daily-devops.net/posts/dotnet-power-of-ten-rules/ https://daily-devops.net/posts/dotnet-power-of-ten-rules/ Wed, 10 Dec 2025 16:45:00 +0100 Gerard Holzmann’s Power of Ten rules prevented spacecraft failures and exposed Toyota’s fatal throttle bugs. Four rules transfer directly to C# with superior enforcement. Three become irrelevant thanks to the managed runtime. The verdict: These principles aren’t just valid. They’re finally enforceable without heroic manual effort. bestpractices codequality csharp dotnet softwareengineering https://daily-devops.net/posts/aks-network-policies-zero-trust/ https://daily-devops.net/posts/aks-network-policies-zero-trust/ Wed, 10 Dec 2025 11:45:00 +0100 Network segmentation is a fundamental security control for modern Kubernetes environments. AKS supports multiple networking models such as kubenet, Azure CNI, and overlay CNIs. The networking model matters, but the decisive factor for enforcing isolation and compliance is the consistent application of network policies. This article describes how network policies work in AKS, the available engines, practical examples, and recommended practices for enforcing a zero-trust posture within a cluster. azure cloud kubernetes networking platform-engineering https://daily-devops.net/posts/dotnet-job-scheduling-5-ncronjob/ https://daily-devops.net/posts/dotnet-job-scheduling-5-ncronjob/ Tue, 09 Dec 2025 17:00:00 +0100 NCronJob leverages IHostedService for lightweight scheduling with zero external dependencies. Understand when minimal infrastructure and native ASP.NET Core integration outweigh advanced features for cloud-native architectures. architecture csharp dotnet nuget softwareengineering https://daily-devops.net/posts/dotnet-job-scheduling-4-coravel/ https://daily-devops.net/posts/dotnet-job-scheduling-4-coravel/ Thu, 04 Dec 2025 17:00:00 +0100 Coravel prioritizes developer velocity with fluent APIs, zero infrastructure, and integrated features like queuing and caching. Understand when convenience and rapid iteration trump persistence and clustering for practical application development. architecture csharp dotnet nuget softwareengineering https://daily-devops.net/posts/aks-networking-clash/ https://daily-devops.net/posts/aks-networking-clash/ Wed, 03 Dec 2025 11:45:00 +0100 Selecting the right network model is arguably one of the most critical architectural decisions you will make when deploying a Kubernetes cluster on Azure Kubernetes Service (AKS). This choice ripples through nearly every aspect of your cluster’s lifecycle, influencing how pods communicate, how efficiently you use your IP address space, which Azure services integrate seamlessly with your workloads, and ultimately, how well your infrastructure scales to meet future demands. It affects scalability, security posture, operational cost, performance characteristics, available integration options, and your long-term operational flexibility. azure cloud kubernetes networking platform-engineering https://daily-devops.net/posts/dotnet-job-scheduling-3-quartznet/ https://daily-devops.net/posts/dotnet-job-scheduling-3-quartznet/ Tue, 02 Dec 2025 17:00:00 +0100 Quartz.NET provides advanced scheduling semantics, database-backed clustering, and flexible storage for systems demanding complex workflows. Understand when enterprise features justify operational complexity and how Quartz.NET scales across distributed deployments. architecture csharp dotnet nuget softwareengineering https://daily-devops.net/posts/dotnet-job-scheduling-2-hangfire/ https://daily-devops.net/posts/dotnet-job-scheduling-2-hangfire/ Thu, 27 Nov 2025 17:00:00 +0100 Hangfire combines persistent job storage, automatic retries, and real-time monitoring to simplify background processing. Learn when database-backed reliability matters and how Hangfire scales from single instances to distributed workers. architecture csharp dotnet nuget softwareengineering https://daily-devops.net/posts/dotnet-job-scheduling-1-landscape/ https://daily-devops.net/posts/dotnet-job-scheduling-1-landscape/ Tue, 25 Nov 2025 17:00:00 +0100 Explore the spectrum of .NET job scheduling from lightweight in-memory solutions to enterprise-grade distributed systems. Understand which approach fits your operational model and why background processing architecture matters. architecture csharp dotnet nuget softwareengineering https://daily-devops.net/posts/healthchecks-5-0/ https://daily-devops.net/posts/healthchecks-5-0/ Thu, 20 Nov 2025 23:00:00 +0100 NetEvolve.HealthChecks 5.0 is a decisive expansion—broader coverage scope, less boilerplate. New domain‑specific packages extend monitoring across cloud services, messaging platforms, graph, time‑series, vector and AI backends. In parallel, the former inheritance‑driven shared base library (abstract classes + repetitive DI wiring) was replaced by purpose-built source generators—removing manual registration churn and consolidating intent. Release 5.0 also formalizes full support for .NET 10—aligning with current trimming and analyzer improvements. csharp dotnet netevolve nuget performance https://daily-devops.net/posts/dotnet-10-testing/ https://daily-devops.net/posts/dotnet-10-testing/ Thu, 20 Nov 2025 17:00:00 +0100 .NET 10 replaces VSTest with Microsoft.Testing.Platform, bringing SDK-integrated testing with faster discovery, consistent behavior across environments, and explicit configuration contracts. But it requires .NET 10, breaks old test adapters, and demands CI pipeline discipline. Here’s what actually changes, who should migrate now, and who should wait. csharp devops dotnet github-actions softwareengineering testing https://daily-devops.net/posts/code-metrics-configuration/ https://daily-devops.net/posts/code-metrics-configuration/ Tue, 18 Nov 2025 17:00:00 +0100 Code metrics have become a standard feature in modern development environments, yet their implementation and interpretation often leave much to be desired. While Visual Studio and .NET provide comprehensive code metrics analysis, the way these metrics are configured, presented, and (more critically) acted upon reveals a fundamental disconnect between measurement and meaningful improvement. What code metrics actually measure, how to configure them properly, and (more importantly) why blindly following thresholds without understanding context is, frankly, a recipe for misguided refactoring efforts that waste your team’s time and actively damage your codebase. bestpractices codequality csharp dotnet softwareengineering visualstudio https://daily-devops.net/posts/dotnet-10-released/ https://daily-devops.net/posts/dotnet-10-released/ Thu, 13 Nov 2025 18:00:00 +0100 Microsoft wants you to believe .NET 10 is boring. They’re right — and that’s the best news we’ve had in years. .NET 10 is here, and for once, Microsoft didn’t oversell it. LTS support through 2028, JIT improvements that actually matter, and C# 14 features that won’t rewrite your architecture. Here’s what you need to know before migrating. architecture codequality csharp dotnet microsoft performance https://daily-devops.net/posts/timing-is-the-new-technical-debt/ https://daily-devops.net/posts/timing-is-the-new-technical-debt/ Wed, 12 Nov 2025 18:00:00 +0100 2025 reshapes the .NET ecosystem with faster release cycles and shared responsibility. Discover why migrating to .NET 10 by Q1 2026 — and supporting your dependencies — turns timing into sustainable ROI. architecture bestpractices csharp dotnet performance technicaldebt https://daily-devops.net/posts/dotnet-10-release-cycle-paradox/ https://daily-devops.net/posts/dotnet-10-release-cycle-paradox/ Tue, 11 Nov 2025 16:30:00 +0100 .NET’s yearly rhythm has become a symbol of stability — yet also a source of pressure. The release cycle paradox describes the tension between predictability and exhaustion: a release schedule that keeps the ecosystem healthy, but teams constantly catching up. With .NET 10 on the horizon, developers must learn to navigate this rhythm rather than fight it. architecture bestpractices csharp dotnet softwareengineering https://daily-devops.net/posts/proper-use-of-targetframework-conditions/ https://daily-devops.net/posts/proper-use-of-targetframework-conditions/ Thu, 06 Nov 2025 17:30:00 +0100 String-based TargetFramework conditions fail silently in multi-targeting builds. IsTargetFrameworkCompatible() understands framework semantics and prevents production nightmares. bestpractices csharp dotnet msbuild softwareengineering https://daily-devops.net/posts/modern-defensive-programming/ https://daily-devops.net/posts/modern-defensive-programming/ Mon, 03 Nov 2025 18:00:00 +0200 Modern .NET introduces powerful throw-helper methods such as ArgumentNullException.ThrowIfNull and ArgumentException.ThrowIfNullOrEmpty to simplify defensive programming. However, many projects still target older frameworks where these APIs are missing. This article explores how the NetEvolve.Arguments library delivers a unified, backward-compatible API that brings modern guard clause patterns to every .NET version, ensuring consistent validation, maintainability, and multi-framework compatibility. csharp dotnet netevolve nuget softwareengineering https://daily-devops.net/posts/tests-are-lying/ https://daily-devops.net/posts/tests-are-lying/ Thu, 30 Oct 2025 18:00:00 +0200 It begins like many stories in software: a well-intentioned developer joining a project, determined to do things properly. You arrive at a codebase that has grown organically, perhaps even chaotically. You decide you will bring order. You set up unit testing, you configure continuous integration, you measure code coverage. You write dozens or hundreds of tests. Every public method is touched, every branch is at least executed. The dashboard lights up green. You feel, quite frankly, on top of things. Then one day, production breaks under your watch csharp dotnet nuget technicaldebt testing https://daily-devops.net/posts/nuget-packagedownload-functionality/ https://daily-devops.net/posts/nuget-packagedownload-functionality/ Wed, 29 Oct 2025 18:00:00 +0100 PackageDownload arrived in NuGet 4.8 to solve a niche but genuine problem: downloading packages without adding assembly references. It works. But its version syntax requirements and complete disregard for Central Package Management reveal the messy reality of platform evolution. bestpractices dependency-management dotnet msbuild nuget technicaldebt https://daily-devops.net/posts/netevolve-healthchecks/ https://daily-devops.net/posts/netevolve-healthchecks/ Tue, 28 Oct 2025 18:00:00 +0200 Let’s be honest: health checks are the broccoli of .NET projects. Everyone says they have them, but nobody’s excited to eat their greens. What starts as a humble SELECT 1 in a try/catch quickly explodes into a wild jungle of scripts, copy-pasted connection strings, and endpoints that only half the team remembers. Sure, it works—until it doesn’t. And when it breaks, it’s never at a good time. csharp dotnet netevolve https://daily-devops.net/posts/compositeformat-performance-boost/ https://daily-devops.net/posts/compositeformat-performance-boost/ Thu, 23 Oct 2025 17:00:00 +0200 Every time you call string.Format() with the same format string, .NET parses it again. And again. And again. CompositeFormat changes that: parse once, reuse forever. The result? Up to 30% faster formatting, fewer allocations, and a one-line code change. Here’s why this matters and how to use it. bestpractices csharp dotnet hidden-gems performance softwareengineering https://daily-devops.net/posts/searchvalues-saved-us-from-scaling-hell/ https://daily-devops.net/posts/searchvalues-saved-us-from-scaling-hell/ Mon, 20 Oct 2025 17:30:00 +0100 While you’re busy optimizing database queries and adding cache layers, thousands of string searches per second are quietly eating your CPU budget. The problem isn’t visible in your APM dashboard because it’s distributed across every request. But it’s there. Compounding. Scaling linearly with load. I discovered this the hard way when a log processing API started choking under production traffic. The bottleneck? String validation and sanitization. The fix? A .NET 8 feature that delivered a 5x performance improvement and let us shut down servers instead of adding them. And it’s gotten even better in .NET 9 and 10. bestpractices codequality csharp dotnet hidden-gems performance https://daily-devops.net/posts/clean-code-lip-service-not-a-standard/ https://daily-devops.net/posts/clean-code-lip-service-not-a-standard/ Thu, 16 Oct 2025 13:00:00 +0200 Clean Code is often praised but rarely practiced effectively. This article explores how misunderstood ideals and over-engineering harm .NET systems, how to recognize such failures early, and which C# best practices and official guidelines truly support maintainable software. bestpractices codequality csharp dotnet softwareengineering technicaldebt https://daily-devops.net/posts/constant-expected-attribute/ https://daily-devops.net/posts/constant-expected-attribute/ Tue, 14 Oct 2025 14:30:00 +0200 The ConstantExpectedAttribute, introduced in .NET 7, provides a powerful mechanism to signal compiler expectations about constant values. This enables better performance optimizations, enhanced IDE tooling, and clearer API contracts. Learn how to leverage this attribute to build more efficient and maintainable .NET applications. bestpractices csharp dotnet performance softwareengineering https://daily-devops.net/posts/retiring-legacy-dotnet-projects/ https://daily-devops.net/posts/retiring-legacy-dotnet-projects/ Mon, 13 Oct 2025 11:30:00 +0200 In every mature .NET landscape, legacy projects represent both heritage and hazard. They once powered entire business models — now they silently consume time, budget, and attention. The decision to retire or modernize them isn’t about technology fashion. It’s about sustaining the organization’s capacity for value creation. architecture bestpractices dotnet rcda softwareengineering https://daily-devops.net/posts/tunit-a-pragmatic-evaluation-for-dotnet-teams/ https://daily-devops.net/posts/tunit-a-pragmatic-evaluation-for-dotnet-teams/ Thu, 09 Oct 2025 11:30:00 +0200 TUnit brings compile-time test discovery and native AOT support to .NET testing — but is it ready for enterprise adoption? A pragmatic analysis of performance gains, tooling maturity, and migration timing for teams evaluating alternatives to MSTest, xUnit, and NUnit. architecture bestpractices dotnet performance rcda softwareengineering testing https://daily-devops.net/posts/still-waiting-for-the-final-piece/ https://daily-devops.net/posts/still-waiting-for-the-final-piece/ Mon, 06 Oct 2025 09:00:00 +0200 C# 14 introduces the new ‘Extension Everything’ syntax—an elegant step toward more expressive code, yet one that still can’t quite match VB.NET’s classic ByRef magic. A humorous reflection on what’s almost, but not fully, possible in .NET 10. csharp dotnet extensions hidden-gems vbnet visualstudio https://daily-devops.net/posts/extended-dotnet-sts-support-timeframe/ https://daily-devops.net/posts/extended-dotnet-sts-support-timeframe/ Tue, 30 Sep 2025 11:30:00 +0200 Microsoft has extended .NET STS support from 18 to 24 months. A genuine gift to developers or just catching up with reality? Let’s analyze what this means for your development planning. dotnet microsoft https://daily-devops.net/posts/dotnet10rc1-is-knocking-at-the-door/ https://daily-devops.net/posts/dotnet10rc1-is-knocking-at-the-door/ Wed, 10 Sep 2025 09:00:00 +0200 .NET 10 RC 1 is knocking at the door, marking the first release candidate and offering the .NET community a detailed preview of what’s to come in the next LTS cycle. While not the final release, RC 1 is “go-live” supported and represents the feature-complete platform that will soon become .NET 10 LTS. In this article, I’ll try to give a rough overview of the architectural impact of .NET 10 RC 1, focusing on the latest C# 14 features, under-the-hood performance improvements, and strategic considerations for the upcoming LTS. architecture csharp dotnet https://daily-devops.net/posts/visual-studio-2026/ https://daily-devops.net/posts/visual-studio-2026/ Wed, 10 Sep 2025 01:00:00 +0200 Let’s skip the typical release-cycle enthusiasm for a second: Most IDE updates come and go. New features, some refactoring helpers, a bit of polish, then back to business as usual. Visual Studio 2026 is different. For once, the promise of “AI-native” isn’t just marketing. If Microsoft lands even half of what they’re previewing, it’s going to matter—a lot. csharp dotnet visualstudio https://daily-devops.net/posts/buzzword-driven-development/ https://daily-devops.net/posts/buzzword-driven-development/ Wed, 23 Jul 2025 17:00:00 +0200 Explore why fundamental software quality practices in .NET must never be overlooked for trendy buzzwords, including recommended analyzers and project settings for managing technical debt effectively. ai-code-assistant bestpractices codequality csharp dotnet nuget softwareengineering technicaldebt https://daily-devops.net/posts/instruction-by-design/ https://daily-devops.net/posts/instruction-by-design/ Tue, 15 Jul 2025 10:30:00 +0200 Discover how to transform architectural decision records (ADRs) into actionable, AI-ready guidance for teams and copilots—boosting consistency, onboarding, and automation in your development workflow. ai-code-assistant architecture bestpractices github github-copilot rcda softwareengineering technicaldebt https://daily-devops.net/posts/copilot-without-becoming-its-puppet/ https://daily-devops.net/posts/copilot-without-becoming-its-puppet/ Wed, 14 May 2025 17:30:00 +0200 In a previous article, we laid it out – unfiltered: Copilot turns junior devs into syntax secretaries. Not because it’s evil. But because it removes friction before understanding. It gives you working code before you know what working even means. It creates the illusion of progress, while slowly eroding the very skills that define a software engineer: reasoning, decision-making, and technical ownership. ai-code-assistant bestpractices dotnet github github-copilot testing visualstudio https://daily-devops.net/posts/copilot-turns-junior-devs-into-syntax-secretaries/ https://daily-devops.net/posts/copilot-turns-junior-devs-into-syntax-secretaries/ Tue, 13 May 2025 17:30:00 +0200 The hype around GitHub Copilot (or any other AI code assistant) is deafening. AI-assisted coding. Effortless automation. 10x productivity. But here’s the harsh truth: Copilot isn’t empowering junior developers – it’s deskilling them. ai-code-assistant bestpractices dotnet github github-copilot testing visualstudio https://daily-devops.net/posts/vibe-coding-isnt-wrong-its-unfinished/ https://daily-devops.net/posts/vibe-coding-isnt-wrong-its-unfinished/ Wed, 07 May 2025 12:00:00 +0200 In the world of software development, there’s a recurring tension between discipline and improvisation. Somewhere along that spectrum lies a phenomenon increasingly referred to as Vibe Coding. The term evokes a style of development where engineers follow intuition and momentum rather than formal plans, processes, or design patterns. It’s fast, fluid, and occasionally brilliant. But is it sustainable in a .NET-based enterprise context? bestpractices codequality csharp dotnet softwareengineering technicaldebt testing https://daily-devops.net/posts/understanding-csharp-stringvalues/ https://daily-devops.net/posts/understanding-csharp-stringvalues/ Mon, 30 Dec 2024 16:00:00 +0100 In C#, the StringValues struct belongs to the Microsoft.Extensions.Primitives namespace, which is widely used in modern .NET applications. This struct plays a crucial role in efficiently managing string collections, especially when handling efficiently, particularly in contexts where multiple strings are involved. In this blog post, we’ll explore the purpose, usage, and key features of the StringValues struct in C#. csharp dotnet hidden-gems https://daily-devops.net/posts/managing-errors-warnings-and-configurations/ https://daily-devops.net/posts/managing-errors-warnings-and-configurations/ Mon, 23 Dec 2024 16:00:00 +0100 When we activated static code analysis for the first time in one of my last projects, the overwhelming number of warnings exceeded expectations and highlighted gaps in the code. Without making any changes, the project already had a significant number of warnings. After activating additional analyzers and updating some configurations, this number temporarily increased dramatically. The high number of warnings was initially daunting, but we saw it as an opportunity to significantly improve our code quality. At first glance, it seemed easier to suppress or ignore these warnings. But as I often remind my team, “The code you create is a valuable legacy, so it’s important to build it carefully.” Ignoring warnings today creates obstacles for future developers—and that could very well include you six months down the line. This experience reinforced the importance of managing warnings and errors systematically. Let me share some of the lessons we learned, the strategies we used to tame those 60,000 warnings, and how you can apply these techniques to your own projects. bestpractices codequality csharp dotnet msbuild softwareengineering technicaldebt https://daily-devops.net/posts/tale-of-forgotten-pennies-and-lost-dollars/ https://daily-devops.net/posts/tale-of-forgotten-pennies-and-lost-dollars/ Fri, 22 Nov 2024 16:45:00 +0100 In software development, there’s a silent debt that accrues interest over time, often hidden beneath layers of code and decisions made in haste or ignorance. This debt is aptly termed technical debt. Much like the german proverb, “Wer den Pfennig nicht ehrt, ist den Taler nicht wert”, (or the english equivalent, “A penny saved is a penny earned”) technical debt reminds us that small oversights or compromises in the present can snowball into significant challenges down the road. This article critically examines the parallels between financial principles and technical debt, emphasizing the importance of addressing both direct and indirect debt while understanding its distinction from external risks such as hacking or abuse. bestpractices dependency-management rcda softwareengineering technicaldebt https://daily-devops.net/posts/dependamerge-action/ https://daily-devops.net/posts/dependamerge-action/ Wed, 13 Nov 2024 09:00:00 +0100 In software development, dependencies are inevitable - any project worth its salt relies on various libraries, frameworks, or packages. However, as I found in my own work, managing these dependencies can be an onerous task. Constant updates, new vulnerabilities, and endless manual approvals were draining my time and focus. What if, I thought, these processes could be automated? This thought led to the creation of dependamerge, a GitHub Action designed to free developers from the drudgery of manual dependency maintenance and let us get back to what we do best: building great software. bestpractices dependency-management github github-actions nuget technicaldebt https://daily-devops.net/posts/introducing-nullability-in-legacy-code/ https://daily-devops.net/posts/introducing-nullability-in-legacy-code/ Mon, 07 Oct 2024 17:15:00 +0200 As developers, we’re often tasked with maintaining and modernizing legacy codebases that were written long before some of the best practices of today—such as nullability annotations—were available. While modern C# now supports nullable reference types, enabling us to avoid the dreaded NullReferenceException, introducing this feature to existing, large codebases can be a challenge. In this article, I’ll share my step-by-step approach for introducing nullability into a legacy .NET and C# project. You’ll learn how to apply nullability in a controlled, incremental manner using project-level settings, scoped annotations, and file/method-level directives, all while maintaining the integrity of your legacy codebase. After all, modernizing your code doesn’t have to be an all-or-nothing endeavor—gradual change is key to a successful transition. Let’s get started! bestpractices codequality csharp dotnet softwareengineering https://daily-devops.net/posts/buildinginsidevisualstudio/ https://daily-devops.net/posts/buildinginsidevisualstudio/ Tue, 10 Sep 2024 17:00:00 +0200 In the ever-evolving world of .NET development, managing project configurations effectively is crucial for maintaining a clean and efficient build process. One of the less frequently discussed but highly useful properties is BuildingInsideVisualStudio. This property, when correctly utilized, can streamline your build process and ensure that your project is configured properly depending on the build environment. In this article, we’ll explore the BuildingInsideVisualStudio property with concrete examples and discuss best practices for using it effectively. bestpractices csharp dotnet hidden-gems msbuild visualstudio https://daily-devops.net/posts/reimagining-the-microsoft-certification-exam-ui/ https://daily-devops.net/posts/reimagining-the-microsoft-certification-exam-ui/ Thu, 14 Mar 2024 09:00:00 +0100 Embark on a journey through Microsoft’s redesigned certification exam UI. Discover streamlined navigation, enhanced accessibility, and personalized experiences, revolutionizing the exam-taking experience. azure certification microsoft https://daily-devops.net/posts/manage-nuget-packages-centrally/ https://daily-devops.net/posts/manage-nuget-packages-centrally/ Mon, 17 Apr 2023 08:30:00 +0200 For over 12 years, NuGet package management has been part of the .NET ecosystem with direct integrations to various IDEs, CLIs and build systems. But a feature took 12 years before it appeared and certainly needs some more maintenance until it is mature! bestpractices csharp dependency-management dotnet hidden-gems nuget technicaldebt https://daily-devops.net/posts/illuminate-technical-debt/ https://daily-devops.net/posts/illuminate-technical-debt/ Wed, 12 Apr 2023 17:00:00 +0200 Whatever our role, be it developer, IT professional or architect, we try to avoid technical debt. If this is not possible from the outset, or if we decide to accept this technical debt for a limited period of time, we usually lack the tools to do so. This is where this article may help. azuredevops extensions rcda technicaldebt https://daily-devops.net/posts/when-can-i-finally-renew-my-microsoft-certification/ https://daily-devops.net/posts/when-can-i-finally-renew-my-microsoft-certification/ Tue, 11 Apr 2023 09:00:00 +0200 When can I finally renew my Microsoft certification? - I’m certainly not alone with this or similar questions and the associated uncertainty. Okay, a certain impatience certainly resonates as well. After all, I would also like to schedule it into my daily routine. But how? azure certification microsoft https://daily-devops.net/posts/how-to-prepare-for-microsoft-certification/ https://daily-devops.net/posts/how-to-prepare-for-microsoft-certification/ Fri, 27 Jan 2023 21:00:00 +0100 How do I best prepare for a Microsoft certification? - this or a similar question is asked by everyone who wants to deal with the topics Microsoft, Azure, Microsoft 365, Power Platform or Dynamics 365. In this article, I would like to go into the possibilities that Microsoft offers us for preparation. azure certification microsoft