Skip to content

Instantly share code, notes, and snippets.

View chgeuer's full-sized avatar
Working from Düsseldorf

Dr. Christian Geuer-Pollmann chgeuer

Working from Düsseldorf
View GitHub Profile

Livebook on WSL2

Compile Erlang and Elixir from scratch

Install Linux dependencies

  • autoconf
  • automake
  • build-essential
  • gcc

Entra Domain Discovery

  # {:ex_token_toys, path: "C:\\github\\chgeuer\\ex_token_toys"}
  {:ex_token_toys, github: "chgeuer/ex_token_toys"}, 
  {:kino, "~> 0.12.3"}

Sample integrating Bandit and Req/Finch

  {:finch, "~> 0.17.0"},
  {:req, "~> 0.4.8"},
  {:bandit, "~> 1.1"}

A notebook to use the local MSAL cache to talk to Azure

  {:jason, "~> 1.4"},
  {:jsonrs, "~> 0.3.3"},
  {:req, "~> 0.4.8"},
  {:jose, "~> 1.11"},
  {:jose_utils, "~> 0.4.0"},
  {:explorer, "~> 0.7.2"},
unsafe static byte[] DoublesToBytes(double[] value)
var bytes = new byte[8*value.Length];
fixed (byte* b = bytes)
for (int i = 0; i < value.Length; i++)
var v = value[i];
*((int*)(b + 8*i)) = *(int*)&v;
*((int*)(b + 8*i+4)) = *(((int*)&v) + 1);

Access KeyVault on customer side with a service principal


# ISV side
namespace Downloader
using System;
using System.IO;
using System.IO.Compression;
using System.Net.Http.Json;
using System.Text;
using System.Text.Json.Nodes;
using Azure.Core;
using Azure.Identity; // <PackageReference Include="Azure.Identity" Version="1.9.0" />

Azure access without secrets from GitHub and GitLab using federated identity credentials



  • Federated credentials / workload identity federation allows your CI/CD pipelines in GitHub and GitLab to access your Azure subscription without any secrets stored in the pipeline config.
  • GitHub's azure/login@1 task handles this transparently, but I also explain how it works under the hood. GitLab supplies the necessary token directly to your pipeline run.
  • Both GitHub and GitLab are easy to setup and federate securely with your Azure subscription.
  • BitBucket can't be setup that way, because tokens issued by BitBucket don't have a predicable subject identifier.