Category Archives: Programming

Related to some aspect of programming, software development, related tools, or supporting technologies, related standards, etc.

hello-ai: A Simple Demonstration of Azure OpenAI

Leave a reply

I wrote some code demonstrating how to use Azure OpenAI to support the AI mini-workshop we ran for Virtual Boston Azure. I created versions in Python and C#.

This weekend I create a web front-end for it and deployed as an Azure Static Web App with an Azure Function supporting the refactored C# logic to execute the Azure OpenAI service calls.

The new app is running here: https://hello-ai.doingazure.com

You can find the source code here: https://github.com/codingoutloud/hello-ai

Note that while the additional grounding fails to stop all of the hallucinations, it does help with the most obvious one (so we are making progress) but there’s more to be done.

Workshop: AI Mini-Workshop at Boston Azure

1 Reply

The March 28 Virtual Boston Azure was headlined by Pamela Fox from Microsoft. She explained all about the RAG pattern which is commonly used for building effective applications based on Large Language Models (“LLMs”) and Generative AI (“GenAI”). Pamela shared many superb insights, including lots of depth, while answering a ton of interesting follow-up questions. Was a fantastic talk. Boston Azure has a YouTube channel at youtube.com/bostonazure where you can find recordings of many past events. Pamela Fox’s talk is available there as the 48th video to be posted to the channel.

After Pamela’s talk around 15 people stuck around to participate in our first ever “AI mini-workshop” hands-on experience. The remainder of this post is about that mini-workshop.

The AI mini-workshop was a facilitated hands-on coding experience with the following goals:

1. Demystify Azure OpenAI

As background, OpenAI’s ChatGPT burst onto the scene in November 2022. That led to an explosion of people learning about AI and associated technologies such as “LLMs” which is the common shorthand for Large Language Models.

The vast majority of people interact with LLMs via chat interfaces such as available from OpenAI’s public version of ChatGPT or via Copilot on Microsoft Bing search. There’s also a more integrated programming experience surfaced through GitHub Copilot for use with VS Code and several other popular IDEs.

But what about programming your own solution that uses an LLM? Microsoft has done a great job of providing an enterprise-grade version of the OpenAI LLM as a set of services known as Azure OpenAI.

The first goal of this AI mini-workshop was to demystify this programming experience.

This was accomplished by giving the mini-workshop participants a working C# or Python program that fit on a page. And there are only around 10 lines of meaningful code needed to interact with the AI service. This is NOT that complex.

Creating a production-grade application has additional requirements, but at its core, it is straight-forward to interact with Azure OpenAI service programmatically.

The hoped for “Aha!” moment was this:

Aha #1! I can do this! I can programmatically interact with the Azure OpenAI LLM. It isn’t that mysterious after all.

Aha #2! This is possible without much code! In the Python and C# solutions shared there were only around 10 lines of core code.

2. Understand Some AI Concepts

Part of the mini-workshop exercise was to recognize a hallucination and fix it through some additional grounding using a very simple form of RAG.

The hope here is for some “Aha!” moments:

Aha #3! Here’s a concrete, understandable example of a hallucination!

Aha #4! And here’s a concrete, simple example use of RAG pattern to better ground the AI so that it no longer hallucinates about today’s date! But do note that other hallucinations remain…

3. Wield Great Power

The ability to program a LLM to generate unique content is something that essentially NO DEVELOPER COULD DO, EVER, before the super-powerful LLMs that were developed at costs of hundreds of millions of dollars and democratized by the Microsoft Azure OpenAI services (as well as by OpenAI themselves).

The hands-on AI mini-workshop required either (a) a functional Python 3 environment, or (b) a functional C#/.NET environment – everything else was provided, including sufficient access to the Azure OpenAI LLM service to complete the mini-workshop.

But in the end with very little coding you can get to the 5th Aha! moment which is:

Aha #5! I have at my command capabilities that have not been possible in all of the history of computers. The magic of LLMs available via Azure OpenAI gives me superpowers that we are only in the very beginning of understanding the ways this can be put to use.

The source code for the AI mini-working is available here. Note that the API key has subsequently been rolled (invalidated), but the code works pretty well otherwise. 🙂

My original thinking was to distribute the keys separately (like this). If this was an in-person workshop I would have kept the configuration values separated from the source, but given the added challenge of doing this with an online distributed audience I decided to simplify the mini workshop by included the configuration values directly in the source code. Looking back, I believe it was a good concession for minimizing obstacles to learning. So I’d do it again next time.

Talk: Boston Code Camp 36 – Meet GitHub Copilot, Your AI Coding Assistant!

Leave a reply

23-Mar-2024

Always great to hang out with the greater Boston tech community. Today I attended and contributed a talk to Boston Code Camp 36 (the 36th edition of this event).

I made the trip with Maura (she gave a talk on blockchain). and we met a lot of cool people and had a great time.

I spoke on GitHub Copilot. Much of my talk was demo and discussion – you have to see this in action (or use it) to appreciate what’s happening. I consider this a glimpse into the future – it will surely become then norm to have an AI assistant when programming.

It is fun have one AI 🤖 (GitHub Copilot) help us program another AI 🤖 (Azure OpenAI). 🤖 🤖 🤖 😀 After Copilot Chat was able to explain that Azure OpenAI did not have any notion of “today” we used Copilot to implement a trivial version of RAG to anchor the prompt to the current day.

We saw how the agents like @workspace can explain a body of code and even help us figure out where to implement a new feature (such as the --joke command line param).

Another demo was to get Copilot to write unit tests for me. The demo gods were not helpful 😱 😱 😱 and I ran into an error. I moved on without fixing it since time was short. I diagnosed it later and it turns out I had double-pasted (classic demo failure!) which caused the problem. We did use /tests to create unit tests, which were initially NUnit test, but then we asked Copilot to recast them as xUnit tests, then to more efficiently create test cases using the InlineData attribute to consolidate similar test cases.We didn’t get to run the tests at the end, but hopefully the power of GitHub Copilot in helping to create unit tests came through.

I also had the opportunity to hang out with some smart soon-to-be graduates from my alma mater – University of Massachusetts at Boston (some of them were Rohini Deshmukh, Master’s in Information Technology, Kunal Sahjwani, Master’s in Information Technology, and Shounak Kulkarni, Master’s in Business Analytics). Great to see our profession is in such capable hands from chatting with these very smart and capable technologists, analysts, and future leaders.

Here is the published talk abstract for the talk I delivered – and though much of the session was demos, the PowerPoint deck is attached after the abstract.

Meet GitHub Copilot, Your AI Coding Assistant

Imagine an assistant who anticipates your needs as you code, handling mundane and time-consuming steps, allowing you to focus on more complex challenges (the fun stuff). Allow me to introduce you to GitHub Copilot.

GitHub Copilot is an AI-powered coding assistant that integrates with your developer IDE adding many powerful productivity features. Backed by the same OpenAI Large Language Model (LLM) behind ChatGPT, it has an uncanny ability to suggest code snippets that you were about to type in. But suggesting code snippets is just the beginning.

In this demo-heavy talk, we’ll show usage basics, distinguish scenarios where it excels vs. some it finds challenging, and point out a few common anti-patterns so you can avoid them.

Since it is still early days, big features are still showing up at a fast clip, so we’ll highlight some recent features and some others just emerging. At the end we’ll squeeze in just a bit of prognosticating about what it might mean for the future of software development.

As you’ll learn in more depth during this session, the promise of GitHub Copilot is to help you be more productive – go faster, stay in flow, build even more robust software. We are not fully there but we are on the way. This imperfect tool is still a game changer.

I believe the rise of AI coding assistants is unstoppable at this point – and that’s a good thing. By the end of this session, you might agree. And maybe you’ll join the revolution early.

boston-codecamp-meet-github-copilot-22-mar-2024_pubDownload

Talk: GitHub Copilot is your AI Pair Programming Assistant

Leave a reply

08-Aug-2023

I gave an extended demo of GitHub Copilot at the Boston Azure AI event tonight. Most of the session was a demo, but I did also walk through some slides. Those slides are attached.

I also showed these links or services:

bostonazure-copilot-is-the-developers-ai-assistant-08-aug-2023Download

Talk: Using GitHub Copilot to Code Azure (Boston Azure edition of Global Azure Bootcamp)

Leave a reply

13-May-2023

Veronika Kolesnikova, Jason Haley, and myself jointly hosted the Boston Azure edition of Global Azure Bootcamp. It was a sold out show – excellent turnout (around 50 participants).

I presented a couple of segments, one of which was to inspire use of AI tools. For that I gave a demo of GitHub Copilot, explained how to use the free trial, and was there to support the occasional questions by new users of GitHub Copilot during the bootcamp.

The opening talk was also AI:

My talks were later – GitHub Copilot the rolled into hacking on Azure for the rest of the day. And of course, those who opted to do so used GitHub Copilot to help them do so more efficiently. 😉

Talk: Running #Azure Securely and Compliantly – Granite State Code Camp #GSCC2021 – aka Compliance for Lazy People

Leave a reply

Today I had the opportunity to speak at the Granite State Code Camp (#GSCC2021) in Manchester, NH. This was the first time I’ve given an in-person talk since the start of COVID and it was great to see so many smiling facing (even when partially obscured by a mask!).

Last year my focus was a more in-the-weeds talk called Running Azure Securely – which of these Azure security features are for me?. This year I stepped back a level and focused on Compliance. In the session I discussed security vs. compliance, the shared responsibility model, and touched on a few other features, but spent a good bit of time focused on what I am thinking about as the “Policy stack” where one can gather lots of insight about your workload’s compliance with technology controls indicated by various compliance standards – based on the Azure Policy capabilities, a pillar of governance, and rolled up and available from Azure Security Center Microsoft Defender for Cloud.

Azure Security Center as a brand is no more – it is part of a rebranding to Microsoft Defender for Cloud. I assume this renaming, announced at Ignite, is because it is a feature set that can span beyond Azure – for example, keeping an on on-premises resources and resources in non-Azure clouds like AWS.

The session was interactive (as preferred!) and many thanks to Kevin and Vishwas and the nice lady whose name I didn’t catch who I think worked for the college for help in overcoming technical limitations in the room I was speaking from.

If you want to experience MORE AZURE please check out https://meetup.com/bostonazure (currently operating as part of “Virtual Boston Azure”).

If you are someone who would like to SPEAK at Virtual Boston Azure, please get in touch. (Twitter is a good way to reach me – I am @codingoutloud – or you can address it to @bostonazure.)

Slide deck is attached.

Talk: Running #Azure Securely – Granite State Code Camp #GSCC – Are all these security features for me?

1 Reply

Yesterday I had the opportunity to speak at the Granite State Code Camp (#gscc) in Burlington, MA. As part of my series of talks on Running Azure Securely, my talk today was around defense in depth and was called Running Azure Securely – which of these Azure security features are for me?. The session was interactive, engaging a third-of-a-dozen folks in the audience in a discussion of how to defend various workloads using the (fictitious) page of photos app as a foil.

Slide deck attached.

Also perhaps of interest – a similar talk from the other Burlington – at the recent VT Code Camp – which has a few add’l resources listed: https://blog.codingoutloud.com/2019/09/28/talk-running-azure-securely-are-all-these-security-features-for-me/

Talk: Running Azure DNS Securely

Leave a reply

On 22-Oct-2019 I spoke at Boston Azure about network security and focused on some of the edges of using Azure DNS, and included some DNS subdomain hijacking awareness.

The command

dig CNAME bostonazuredemo.azuresecurely.com +short

will check public DNS records for a CNAME, returning whatever it is mapped to, if anything.

digging-dns-hijacking

In the above screenshot:

  1. nothing returned from dig – this is before any DNS entry was created for the demo subdomain
  2. a cascade of CNAMES are returned from dig – this is after a DNS entry was created for the demo subdomain – and it pointed at an Azure Web App — the cascade here includes my subdomain => an azurewebsites.net subdomain (bostonazuredemo.azurewebsites.net) => a second azurewebsites.net subdomain (waws-prod-dm1-139.sip….) => a cloudapp.net domain => and finally an IP address
  3. a single CNAME is returned from dig – this is after the Azure Web App was deleted (), but the DNS subdomain entry (bostonazuredemo.azuresecurely.com) was left intact – creating a dangling subdomain at risk of being hijacked — anyone who registered bostonazuredemo.azurewebsites.net (and it was open for anyone) would automatically have bostonazuredemo.azuresecurely.com already wired up to it.
  4. a cascade of CNAMES are returned from dig – but different than the first – this is after bostonazuredemo.azurewebsites.net was registered again, by a hacker, and bostonazuredemo.azuresecurely.com was hijacked

 

Some other notes from the session:

Subdomain takeover examples:

 

Talk: Running SQL Azure Securely — SQL Saturday #877 — 14-Sep-2019

1 Reply

Today I had the opportunity to speak at SQL Saturday #877 in Burlington, MA. As part of my series of talks on Running Azure Securely, my talk today was Running Azure SQL Database Securely and applied to Azure SQL DB and Azure SQL DB Managed Instances.

Some Resources Mentioned

The deck

Running Azure SQL DBs Securely – Bill Wilder – SQL Saturday #877 – 14-Sep-2019

Talk description

If you know your way around SQL Server, then you will find Azure SQL Database to be familiar territory. But some aspects are more familiar than others, which is especially true for security-related differences.

In this session we review the key differences around identity management and authentication (including multi-factor authentication), managing server credentials (or, even better, not needing to in some cases), how to audit logins (probably not what you expect), an overview of encryption and data masking options, and the supporting role of Azure Key Vault. We will also touch on compliance and disaster recovery to give the complete picture of powerful features you’ll definitely want to know about to protect your data.

This talk will cover relevant capabilities for both traditional Azure SQL Databases and the newer Azure SQL Managed Instances.

This talk assumes you are already familiar with SQL Server or another enterprise database.

Action Photo

(Credit Taiob Ali @SqlWorldWide)

Event: Boston #Azure / MIT edition of Global Azure Bootcamp

Leave a reply

We had a great event at MIT on Saturday 27-April-2019 — the Boston Azure edition of the Global Azure Bootcamp hosted at MIT. There were lots of great session contributions – making this a true community effort.

ORGANIZERS

Big thank you to local organizers Olimpia (@olimpiaestela), Veronika (@breakpointv16), Gladis, and Maura (@squdgy). We all worked closely with Jason (@haleyjason) who ran the Burlington MA event. And don’t forget those folks at the Global Azure Bootcamp level providing a platform making this possible for a coordinated day of #Global Azure cloudiness (https://global.azurebootcamp.net/).

SPONSORS

The thanks continue with sponsors: MIT Women in Technology, Insight (formerly Blue Metal – https://www.insight.com/en_US/solve/digital-innovation.html), Finomial, and the Global Sponsors (https://global.azurebootcamp.net/sponsors/).

SPEAKERS

And a big thank you to the speakers – all who gave up a chunk of weekend to join us on a Saturday to share their knowledge (in order of appearance):

Attached are my slides:

The above graphic is from here: https://docs.microsoft.com/en-us/azure/event-grid/overview#event-sources

Here are some more links of interest:

  1. Some collected links (some repeated below): https://github.com/codingoutloud/bostonazurebootcamp2019/blob/master/README.md
  2. C# Script is real – not a hoax! 🙂 – https://msdn.microsoft.com/en-us/magazine/mt614271.aspx
  3. Azure Functions support C# Script (.csx files) – but also regular compiled C# (.cs on .NET Core)
  4. Example Azure Function written in regular compiled C#: https://github.com/codingoutloud/opstoolbox (especially https://github.com/codingoutloud/opstoolbox/blob/master/SslCertificateExpirationChecker.cs)
  5. Here are some example uses of the above:
  6. Event Grid:
    1. https://docs.microsoft.com/en-us/azure/event-grid/event-sources
    2. https://docs.microsoft.com/en-us/azure/azure-functions/functions-bindings-event-grid
    3. https://madeofstrings.com/2018/06/29/azure-event-grid-filters-with-logic-apps/
    4. “Slide” I showed is below – it is from here: https://docs.microsoft.com/en-us/azure/event-grid/media/overview/functional-model.png
  7. Combine Azure Logic Apps with Azure Functions – https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-azure-functions#add-function-logic-app
  8. Similar to “follow-along lab” that tied together Subscription changes to an Azure Function using EventGrid
  9. Azure Function in JavaScript that fails 75% of the time. Useful for testing retries and seeing how errors are handled: https://gist.github.com/codingoutloud/151976063b1e9367369f1505f6cca66e
  10. Azure Blockchain Workbench:
    1. https://azure.microsoft.com/en-us/features/blockchain-workbench/
    2. https://docs.microsoft.com/en-us/azure/blockchain/workbench/
    3. https://docs.microsoft.com/en-us/azure/blockchain/workbench/architecture
    4. https://docs.microsoft.com/en-us/azure/blockchain/workbench/use