Background On some projects we use Jeremy Long’s DependencyCheck tool, via the Azure DevOps task, to scan our code for known vulnerabilities. This tool uses the National Vulnerability Database (NVD) to get its data. This data is downloaded on demand from the NVD site but the DependencyCheck tool. Since the recent API changes on the NVD site, as supported by DependencyCheck 9.0.x, the downloading of the current vulnerability data has slowed from about 3 minutes to around 15 minutes, even with a valid NVD API Key....

The Problem I have been using Packer to generate our Azure DevOps Build agent VHD images for a while now, but when I came to regenerate them this time I hit a problem. As I have documented previously, our process is that we update our fork of the Microsoft repository and then merge the newest changes into our long lived branch that contains our customisations. I then use Packer to generate a new generalised VHD which has all the same features as the Microsoft hosted agents....

In advance of my upcoming Black Marble Webinar on the 18th October entitled ‘Practical DevOps in the Enterprise’, I have written a whitepaper of the same name. You can find the whitepaper on LinkedIn and register for this, and other free Black Marble webinars and in-person events, via the Black Marble website.

The Problem We run our SonarQube instance in a Docker container hosted in an Azure Web App Service. Today, with no notice, it failed. We did the obvious, just tried to restart it and the startup process failed. Looking at the Azure Web App’s Log Stream we could see the following error repeated on each restart attempt 2023-09-27T15:30:00.797Z INFO - Starting multi-container app.. 2023-09-27T15:30:01.024Z INFO - Pulling image: sonarqube:10.1-developer 2023-09-27T15:30:02.100Z INFO - 10....

The Issue If you are using Azure Scale Set based Azure DevOps Agent Pools (VMSS) to provide dynamically scalable agent pools, unlike with self hosted agent pools, there is no capabilities tab for the individual agents. My understanding is that this UX design choice was made as the capabilities of all the agents in a VMSS pool are identical, as they are the same disk image, so why show the same data multiple times....