{"@attributes":{"version":"2.0"},"channel":{"title":"Korede's Introspections","link":"https:\/\/kints.netlify.app","description":"Recent content on Korede's Introspections","generator":"Hugo -- gohugo.io","language":"en-us","managingEditor":"korede@persent.io (Korede Bashir)","webMaster":"korede@persent.io (Korede Bashir)","lastBuildDate":"Mon, 27 Mar 2023 20:37:52 +0000","item":[{"title":"Guide to security in NodeJS","link":"https:\/\/kints.netlify.app\/blogs\/guide-to-security-nodejs\/","pubDate":"Mon, 27 Mar 2023 20:37:52 +0000","author":"korede@persent.io (Korede Bashir)","guid":"https:\/\/kints.netlify.app\/blogs\/guide-to-security-nodejs\/","description":"<p><em>Suggested keyword:<\/em> <em>security nodejs<\/em><\/p>\n<p><em>Suggested meta:<\/em> <em>When creating great software, security is the first\nstep of development. This guide will discuss key security concepts when\nbuilding software using Node.js.<\/em><\/p>\n<h2 id=\"introduction\">Introduction<\/h2>\n<img src=\"https:\/\/raw.githubusercontent.com\/bashirk\/bashirk\/static\/svg\/sec_key.jpg\" alt=\"A picture containing multiple keys\" width=\"800\" height=\"400\">\n<p>In this post, you&rsquo;re going to learn about security in Node.js and best\npractices to secure your Node.js apps. Security, in this case, means\nsafeguarding data. To build great software and systems, you have to\nthink about security from the first stage of your development roadmap.\nThis means that security should be at the core of your software\ndevelopment process.\u00a0<\/p>\n<p>This guide will take you through key security concepts to consider when\nbuilding software using Node.js. Let&rsquo;s start by seeing how Node.js\nalready supports security practices.\u00a0<\/p>\n<h3 id=\"security-and-nodejs-a-primer\">Security and Node.js: A Primer<\/h3>\n<p>Most importantly, the strength of the Node.js core lies in the community\naround it. The Node.js community prioritizes security as a key factor in\nthe development of Node.js. This has led to the creation of the Node.js\n<a href=\"https:\/\/github.com\/nodejs\/security-wg\">Security Working\nGroup (SWG)<\/a>, whose\nmission is to improve the security of applications built using Node.js.\nIt does so by bringing vulnerability data from the community to the Node\nSecurity Platform, while also maintaining the vulnerability data on\ndisclosed security vulnerabilities. The SWG also ensures vulnerabilities\nin Node packages are properly documented and, consequently, makes known\nsecurity issues openly reported.\u00a0<\/p>\n<p>However, you should note that SWG is <em>not<\/em> responsible for managing or\nresponding to security reports against Node.js itself. The <a href=\"https:\/\/github.com\/nodejs\/TSC\">Node.js\nTSC<\/a> owns that\nresponsibility.\u00a0<\/p>\n<h2 id=\"relevant-libraries-or-frameworks-in-nodejs\">Relevant Libraries or Frameworks in Node.js<\/h2>\n<p>Node.js has several modules that improve the efficiency of software\napplications. Accordingly, properly integrating these modules will\nimprove the security of your Node.js applications. In addition, these\nmodules are free to add, and they improve the overall efficiency of\nNode.js apps while tightening up loose ends. I&rsquo;m going to go over a few\nof these libraries and frameworks.\u00a0<\/p>\n<h3 id=\"1-expressjs\">1. Express.js<\/h3>\n<p>The first on the list is\n<a href=\"https:\/\/expressjs.com\/\">Express<\/a>, which is a Node.js\nframework that you can use when you need to easily handle verb actions\nlike GET, POST, and DELETE requests in Node.js. It handles each of these\nrequests with different paths known as routes. Express.js uses the\nNode.js middleware idea to deliver middleware modules that solve\nspecific and key problems in Node.js like security.\u00a0<\/p>\n<p>Next on the list is Helmet.\u00a0\u00a0\u00a0<\/p>\n<h3 id=\"2-helmetjs\">2. Helmet.js<\/h3>\n<p><a href=\"https:\/\/helmetjs.github.io\/\">Helmet<\/a> is an Express\nmiddleware, and it helps in setting various HTTP response headers for\nsecuring GET and POST requests in Node.js apps. It&rsquo;s used as an HTTP\nHeaders Security module. It delivers middleware functions that set HTTP\nheaders.\u00a0<\/p>\n<p>These HTTP headers include the following:\u00a0<\/p>\n<ul>\n<li>\n<p><strong>helmet.contentSecurityPolicy()<\/strong> sets the Content-Security-Policy header, which helps mitigate cross-site scripting attacks (XSS).<\/p>\n<\/li>\n<li>\n<p><strong>helmet.xssFilter()<\/strong> disables browsers' buggy cross-site scripting filter by setting the X-XSS-Protection header to 0.<\/p>\n<\/li>\n<\/ul>\n<p>You can go through <a href=\"https:\/\/helmetjs.github.io\/\">this list<\/a> to see all the HTTP headers you can set up in your Node.js application using Helmet.\u00a0<\/p>\n<p>Next, we&rsquo;ll go through the Node.js module for securing passwords,\nBcrypt.\u00a0<\/p>\n<h3 id=\"3-bcrypt\">3. Bcrypt<\/h3>\n<p><a href=\"https:\/\/www.npmjs.com\/package\/bcrypt\">Bcrypt<\/a> is a\npassword security module offered by Node.js. The Bcrypt library protects\nusers from attacks like brute forcing. This is made possible through a\nhashing method called salting. To clarify, salting is a technique that\ninvolves the act of adding random strings to passwords before the actual\nhashing takes place.\u00a0<\/p>\n<p>In order to do that, &ldquo;the Bcrypt library uses a <strong>.genSalt()<\/strong> method\nto generate a salt and hash,&rdquo; according to the Bcrypt documentation.\u00a0<\/p>\n<p>With separate functions for both salt and hash, you can generate a\npassword hash, and then a salt, like below.\u00a0<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-js\" data-lang=\"js\"><span style=\"color:#a6e22e\">bcrypt<\/span>.<span style=\"color:#a6e22e\">genSalt<\/span>(<span style=\"color:#a6e22e\">saltRounds<\/span>, <span style=\"color:#66d9ef\">function<\/span>(<span style=\"color:#a6e22e\">err<\/span>, <span style=\"color:#a6e22e\">salt<\/span>) {\n  <span style=\"color:#a6e22e\">bcrypt<\/span>.<span style=\"color:#a6e22e\">hash<\/span>(<span style=\"color:#a6e22e\">PlainPassword<\/span>, <span style=\"color:#a6e22e\">salt<\/span>, <span style=\"color:#66d9ef\">function<\/span>(<span style=\"color:#a6e22e\">err<\/span>, <span style=\"color:#a6e22e\">hash<\/span>) {\n    <span style=\"color:#75715e\">\/\/ Store password hash in database\n<\/span><span style=\"color:#75715e\"><\/span>  });\n});\n<\/code><\/pre><\/div><p>And with separate function calls, you can auto-generate both a salt and\na hash, like below.\u00a0<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-js\" data-lang=\"js\"><span style=\"color:#a6e22e\">bcrypt<\/span>.<span style=\"color:#a6e22e\">hash<\/span>(<span style=\"color:#a6e22e\">PlainPassword<\/span>, <span style=\"color:#a6e22e\">saltRounds<\/span>, <span style=\"color:#66d9ef\">function<\/span>(<span style=\"color:#a6e22e\">err<\/span>, <span style=\"color:#a6e22e\">hash<\/span>) {\n  <span style=\"color:#75715e\">\/\/ Store password hash in database\n<\/span><span style=\"color:#75715e\"><\/span>});\n<\/code><\/pre><\/div><p>Passwords can be checked for correctness by using the block of code\nbelow. The function returns <strong>true<\/strong> when the hashed password matches\nthe plain password.\u00a0<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-js\" data-lang=\"js\"><span style=\"color:#75715e\">\/\/ Load hash from your password DB.\n<\/span><span style=\"color:#75715e\"><\/span><span style=\"color:#a6e22e\">bcrypt<\/span>.<span style=\"color:#a6e22e\">compare<\/span>(<span style=\"color:#a6e22e\">PlainPassword<\/span>, <span style=\"color:#a6e22e\">hash<\/span>, <span style=\"color:#66d9ef\">function<\/span>(<span style=\"color:#a6e22e\">err<\/span>, <span style=\"color:#a6e22e\">result<\/span>) {\n  <span style=\"color:#75715e\">\/\/ result == true\n<\/span><span style=\"color:#75715e\"><\/span>});\n<\/code><\/pre><\/div><img src=\"https:\/\/raw.githubusercontent.com\/bashirk\/bashirk\/static\/svg\/pad_key.jpg\" alt=\"grayscale photo of padlock on metal fence\" width=\"300\" height=\"400\">\n<h3 id=\"4-validatorjs\">4. Validator.js<\/h3>\n<p>Next on the list is Validator, which is an input validation module. It\nenforces the need for user inputs to be what they&rsquo;re required to be. In\nthe same vein, it ensures input correctness. <a href=\"https:\/\/www.npmjs.com\/package\/validator\">This\nlist<\/a> includes all\nthe validators you can configure with the Validator package.\u00a0<\/p>\n<h3 id=\"5-eslint-plugin\">5. ESLint Plugin<\/h3>\n<p>Another way to improve your Node.js app&rsquo;s security is to integrate\nESLint, which is a linting security plugin that helps to identify\nvulnerable Node.js code during development. Vulnerable code\nimplementations include unsafe regular expressions, an &lsquo;await&rsquo; keyword\ninside <em>for<\/em> loops, and so on.\u00a0<\/p>\n<p>You can get more details on how to use this plugin to write less\nvulnerable code\n<a href=\"https:\/\/www.npmjs.com\/package\/eslint-plugin-security\">here<\/a>.\u00a0<\/p>\n<h2 id=\"security-best-practices\">Security Best Practices<\/h2>\n<p>Regardless of what applications you&rsquo;re building with Node.js, you\nshould carry out key security procedures at the first stage of\ndevelopment. So, to keep your Node.js application secure and free of\nvulnerabilities, it&rsquo;s important to implement essential security best\npractices while building out your Node.js app. We&rsquo;ll go through a\ncouple of those in this section.\u00a0<\/p>\n<h3 id=\"always-audit-node-modules\">Always Audit Node Modules<\/h3>\n<p>Firstly, it&rsquo;s imperative to always audit each node module you use in\nyour project for vulnerability checks. Auditing helps to confirm which\npackage is available for an upgrade. When you audit packages, you&rsquo;re\nalso confirming the security of the package.\u00a0<\/p>\n<p>Consequently, in order to audit packages\/modules and check for\nvulnerable dependencies, you can use tools like Snyk, Node Security\nProject (NSP), or run npm-audit to track down and patch\nvulnerabilities.\u00a0<\/p>\n<p><img src=\"https:\/\/raw.githubusercontent.com\/bashirk\/bashirk\/static\/svg\/audit_node.png\" alt=\"Graphical user interface, text, application Description automatically\ngenerated\" width=\"800\" height=\"170\"><\/p>\n<h3 id=\"always-use-rate-limiting\">Always Use Rate Limiting<\/h3>\n<p>Secondly, attacks like brute forcing are a common security threat to\nNode.js apps, and login routes are the most targeted for this form of\nattack. Rate limiting helps to limit the impact of brute force attacks.\nThe Node.js\n<a href=\"https:\/\/www.npmjs.com\/package\/ratelimiter\">ratelimiter<\/a>\npackage helps in the integration of rate limiting into your Node.js\napps. With the ratelimiter module, you can limit middleware\nimplementation against the ID of a user.\u00a0<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-js\" data-lang=\"js\"><span style=\"color:#66d9ef\">var<\/span> <span style=\"color:#a6e22e\">id<\/span> <span style=\"color:#f92672\">=<\/span> <span style=\"color:#a6e22e\">req<\/span>.<span style=\"color:#a6e22e\">user<\/span>.<span style=\"color:#ae81ff\">_<\/span><span style=\"color:#a6e22e\">id<\/span>;\n<span style=\"color:#66d9ef\">var<\/span> <span style=\"color:#a6e22e\">limit<\/span> <span style=\"color:#f92672\">=<\/span> <span style=\"color:#66d9ef\">new<\/span> <span style=\"color:#a6e22e\">Limiter<\/span>({ <span style=\"color:#a6e22e\">id<\/span><span style=\"color:#f92672\">:<\/span> <span style=\"color:#a6e22e\">id<\/span>, <span style=\"color:#a6e22e\">db<\/span><span style=\"color:#f92672\">:<\/span> <span style=\"color:#a6e22e\">db<\/span> });\n<span style=\"color:#a6e22e\">limit<\/span>.<span style=\"color:#a6e22e\">get<\/span>(<span style=\"color:#66d9ef\">function<\/span>(<span style=\"color:#a6e22e\">err<\/span>, <span style=\"color:#a6e22e\">limit<\/span>){\n  <span style=\"color:#66d9ef\">if<\/span> (<span style=\"color:#a6e22e\">err<\/span>) <span style=\"color:#66d9ef\">return<\/span> <span style=\"color:#a6e22e\">next<\/span>(<span style=\"color:#a6e22e\">err<\/span>);\n  <span style=\"color:#a6e22e\">res<\/span>.<span style=\"color:#a6e22e\">set<\/span>(<span style=\"color:#e6db74\">&#39;X-RateLimit-Limit&#39;<\/span>, <span style=\"color:#a6e22e\">limit<\/span>.<span style=\"color:#a6e22e\">total<\/span>);\n  <span style=\"color:#a6e22e\">res<\/span>.<span style=\"color:#a6e22e\">set<\/span>(<span style=\"color:#e6db74\">&#39;X-RateLimit-Remaining&#39;<\/span>, <span style=\"color:#a6e22e\">limit<\/span>.<span style=\"color:#a6e22e\">remaining<\/span> <span style=\"color:#f92672\">-<\/span> <span style=\"color:#ae81ff\">1<\/span>);\n  <span style=\"color:#a6e22e\">res<\/span>.<span style=\"color:#a6e22e\">set<\/span>(<span style=\"color:#e6db74\">&#39;X-RateLimit-Reset&#39;<\/span>, <span style=\"color:#a6e22e\">limit<\/span>.<span style=\"color:#a6e22e\">reset<\/span>);\n\n  <span style=\"color:#75715e\">\/\/ looks good\n<\/span><span style=\"color:#75715e\"><\/span>  <span style=\"color:#a6e22e\">debug<\/span>(<span style=\"color:#e6db74\">&#39;remaining %s\/%s %s&#39;<\/span>, <span style=\"color:#a6e22e\">limit<\/span>.<span style=\"color:#a6e22e\">remaining<\/span> <span style=\"color:#f92672\">-<\/span> <span style=\"color:#ae81ff\">1<\/span>, <span style=\"color:#a6e22e\">limit<\/span>.<span style=\"color:#a6e22e\">total<\/span>, <span style=\"color:#a6e22e\">id<\/span>);\n  <span style=\"color:#66d9ef\">if<\/span> (<span style=\"color:#a6e22e\">limit<\/span>.<span style=\"color:#a6e22e\">remaining<\/span>) <span style=\"color:#66d9ef\">return<\/span> <span style=\"color:#a6e22e\">next<\/span>();\n\n  <span style=\"color:#75715e\">\/\/ does not look good\n<\/span><span style=\"color:#75715e\"><\/span>  <span style=\"color:#66d9ef\">var<\/span> <span style=\"color:#a6e22e\">delta<\/span> <span style=\"color:#f92672\">=<\/span> (<span style=\"color:#a6e22e\">limit<\/span>.<span style=\"color:#a6e22e\">reset<\/span> <span style=\"color:#f92672\">*<\/span> <span style=\"color:#ae81ff\">1000<\/span>) <span style=\"color:#f92672\">-<\/span> Date.<span style=\"color:#a6e22e\">now<\/span>() <span style=\"color:#f92672\">|<\/span> <span style=\"color:#ae81ff\">0<\/span>;\n  <span style=\"color:#66d9ef\">var<\/span> <span style=\"color:#a6e22e\">after<\/span> <span style=\"color:#f92672\">=<\/span> <span style=\"color:#a6e22e\">limit<\/span>.<span style=\"color:#a6e22e\">reset<\/span> <span style=\"color:#f92672\">-<\/span> (Date.<span style=\"color:#a6e22e\">now<\/span>() <span style=\"color:#f92672\">\/<\/span> <span style=\"color:#ae81ff\">1000<\/span>) <span style=\"color:#f92672\">|<\/span> <span style=\"color:#ae81ff\">0<\/span>;\n  <span style=\"color:#a6e22e\">res<\/span>.<span style=\"color:#a6e22e\">set<\/span>(<span style=\"color:#e6db74\">&#39;Retry-After&#39;<\/span>, <span style=\"color:#a6e22e\">after<\/span>);\n  <span style=\"color:#a6e22e\">res<\/span>.<span style=\"color:#a6e22e\">send<\/span>(<span style=\"color:#ae81ff\">429<\/span>, <span style=\"color:#e6db74\">&#39;Rate limit exceeded, retry in &#39;<\/span> <span style=\"color:#f92672\">+<\/span> <span style=\"color:#a6e22e\">ms<\/span>(<span style=\"color:#a6e22e\">delta<\/span>, { <span style=\"color:#66d9ef\">long<\/span><span style=\"color:#f92672\">:<\/span> <span style=\"color:#66d9ef\">true<\/span> }));\n});\n<\/code><\/pre><\/div><p>The Express Brute\n<a href=\"https:\/\/libraries.io\/npm\/express-brute\">package<\/a> also\ndoes rate limiting to mitigate brute forcing and denial of service (DoS)\nattacks.\u00a0<\/p>\n<h3 id=\"use-tlsssl-for-data-transmission\">Use TLS\/SSL for Data Transmission<\/h3>\n<p>Thirdly, data confidentiality is important when transmitting data from\none layer to the other, to prevent sniffing from potential attackers.\nOne common way to secure the transport of data through encryption is to\nuse transport layer security (TLS) and secure sockets layer (SSL). To\nclarify, SSL encrypts the client-server connection end to end, and TLS\nsecures password data and sensitive information like credit card\ndetails.\u00a0<\/p>\n<h3 id=\"escape-outputs\">Escape Outputs<\/h3>\n<p>Furthermore, in order to avoid injection attacks like cross-site\nscripting (XSS), output escaping plays a key role. XSS will be explained\nlater in this post. To escape outputs in your code, you can make use of\nthe <a href=\"https:\/\/github.com\/ESAPI\/node-esapi\">Node ES API\nlibrary<\/a> or the\n<a href=\"https:\/\/github.com\/component\/escape-html\">Escape HTML\nlibrary<\/a> to\nescape all JavaScript and HTML code that users get access to.\u00a0<\/p>\n<h3 id=\"log-and-monitor-your-apps\">Log and Monitor Your Apps<\/h3>\n<p>Finally, loads on servers can cause DoS, which may lead to app downtime.\nIt&rsquo;s therefore important to monitor incoming and outgoing traffic into\nthe servers, and you can always be alerted when servers are under\nextreme load. And if your servers are crashing not because of extreme\nloads, but due to security attacks, it&rsquo;s imperative to use logs\nproperly to understand how and when the security attack happened. The\n<a href=\"https:\/\/www.npmjs.com\/package\/bunyan\">Bunyan<\/a> Node.js\nmodule helps in the efficient logging of your Node.js services. The\n<a href=\"https:\/\/www.npmjs.com\/package\/toobusy-js\">TooBusy<\/a>\nNode.js module is an essential tool for monitoring Node.js apps.\u00a0<\/p>\n<p>The <a href=\"https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/Nodejs_Security_Cheat_Sheet.html#nodejs-security-cheat-sheet\">OWASP Node.js Security Cheat\nSheet<\/a>\nincludes a comprehensive list of security best practices. Understanding\nsecurity attacks and key ways to mitigate these attacks is a key\nsecurity embrace&mdash;and this is what the next section entails.\u00a0<\/p>\n<h2 id=\"most-common-nodejs-security-attacks\">Most Common Node.js Security Attacks<\/h2>\n<p>There are several Node.js security attacks, but we&rsquo;ll review the common\nones in detail in this section.\u00a0<\/p>\n<h3 id=\"sql-injection\">SQL Injection<\/h3>\n<p><a href=\"https:\/\/www.stackhawk.com\/blog\/what-is-sql-injection\/\">SQL\ninjection<\/a>\ninvolves the insertion of an SQL query through input data from the user\nto the application. These attacks make use of areas in applications that\nask for user inputs. The attacker carrying out the SQL injection attack\nwill be able to gain access to the database of the application after a\nsuccessful attack. You can read more on SQL injection on StackHawk.\u00a0<\/p>\n<p>To prevent an injection attack, input validation is key, and the\nValidator package mentioned above helps with proper input validation.\nThe Validator module has allowlist and blocklist validation methods that\nare about explicitly declaring what you want to be authorized in your\ninput validation process and blocking out everything else.\u00a0<\/p>\n<h3 id=\"cross-site-scripting-xss\">Cross-Site Scripting (XSS)<\/h3>\n<p><a href=\"https:\/\/www.stackhawk.com\/blog\/what-is-cross-site-scripting-xss\/\">XSS<\/a>\ninvolves the injection of client-side scripts into websites. With XSS,\nattackers are able to manipulate web applications with the aim of\nsending malicious code to the users of the web app. XSS attacks have the\nobjective of either stealing users' data or taking control of the web\napplication.\u00a0<\/p>\n<p><img src=\"https:\/\/raw.githubusercontent.com\/bashirk\/bashirk\/static\/svg\/xss.png\" alt=\"Graphical user interface, application Description automatically\ngenerated\" width=\"800\" height=\"170\"><\/p>\n<p>To <a href=\"https:\/\/www.stackhawk.com\/blog\/nodejs-xss-guide-examples-and-prevention\/\">prevent an XSS\nattack<\/a>,\nyou&rsquo;ll need to use secure HTTP headers according to the requirements of\nyour project. Helmet, mentioned above, delivers middleware functions\nthat set secure HTTP headers.\u00a0<\/p>\n<h3 id=\"command-injection\">Command Injection<\/h3>\n<p>Command injection involves the injection of input that alters valid and\nlegal commands in vulnerable applications in order to execute illegal\ncommands against the operating system. This attack is mostly against the\nsystem shell. The input injection can come from any source that the user\ncan modify, such as forms. This attack targets the system shell.\u00a0<\/p>\n<p>Again, <a href=\"https:\/\/www.stackhawk.com\/blog\/nodejs-command-injection-examples-and-prevention\/\">to prevent an injection\nattack<\/a>,\ninput validation is key.\u00a0<\/p>\n<h3 id=\"cross-site-resource-forgery-csrf\">Cross-Site Resource Forgery (CSRF)<\/h3>\n<p><a href=\"https:\/\/www.stackhawk.com\/blog\/node-js-csrf-protection-guide-examples-and-how-to-enable-it\/\">CSRF<\/a>\nis a form of session hijacking where a user is forced to run malicious\nactions on an application that they&rsquo;re currently authenticated to. In a\nCSRF attack, attackers hijack the sessions of real users, thereby\nbypassing security rules for non-users.\u00a0<\/p>\n<p>To prevent CSRF attacks, you need to implement tokens that will be\ngenerated on the server side. The\n<a href=\"https:\/\/www.npmjs.com\/package\/csurf\">csurf<\/a> Node.js\npackage helps in the generation of valid CSRF tokens.\n<a href=\"https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/Cryptographic_Storage_Cheat_Sheet.html#rule---use-cryptographically-secure-pseudo-random-number-generators-csprng\">OWASP<\/a>\nhas also provided best practices for generating tokens.\u00a0<\/p>\n<h3 id=\"path-traversal\">Path Traversal<\/h3>\n<p><a href=\"https:\/\/www.stackhawk.com\/blog\/node-js-path-traversal-guide-examples-and-prevention\/\">Path\ntraversal<\/a>\ninvolves the act of accessing directories in a file server illegally due\nto weak security validation. In this kind of attack, an attacker is able\nto access server files by the injection of malicious user inputs into\nthe web application. This attack feeds upon vulnerable implementations\nof access control settings.<\/p>\n<p>To prevent an attack of this form, allowlisting plays a key role. Input\nvalidation plays a vital role, too.\u00a0<\/p>\n<h2 id=\"conclusion\">Conclusion<\/h2>\n<p>In this guide, you learned about security essentials in Node.js, the\npackages and libraries available to mitigate vulnerability attacks, and\nbest practices to tighten up security in your Node.js app. Certainly,\nsecurity should be a priority during development and enmeshed in every\nfacet of your next Node.js app.\u00a0<\/p>\n"},{"title":"How to Add a Static IP to an AWS EC2 Instance","link":"https:\/\/kints.netlify.app\/blogs\/how-to-add-a-static-ip-to-an-aws-ec2-instance\/","pubDate":"Sun, 19 Feb 2023 20:37:52 +0000","author":"korede@persent.io (Korede Bashir)","guid":"https:\/\/kints.netlify.app\/blogs\/how-to-add-a-static-ip-to-an-aws-ec2-instance\/","description":"<h2 id=\"introduction\">Introduction<\/h2>\n<p>AWS Elastic Compute Cloud (EC2) is a popular option for cloud computing services. It offers virtual servers (or instances) as well as security, networking, and storage options. EC2 can launch as many or as few virtual servers as you need, depending on your projects.<\/p>\n<p>Using EC2 offers multiple benefits, including the ability to run your applications in the cloud and to create virtual machines (VMs) with whatever configurations you might need. The infrastructure is scalable, with over 500 instances, and EC2 supports developing macOS and machine learning applications.<\/p>\n<p>EC2 works with static (aka elastic) IP addresses. Whenever a resource on a network is assigned an IP address, that IP address is either dynamic\u2014meaning it\u2019s assigned by the network it\u2019s connected to and changes periodically\u2014or static, meaning it never changes. An elastic IP address in EC2 is public, so it\u2019s reachable from the internet. Because it\u2019s set to your AWS account, an elastic IP address can be remapped to another instance as needed in case of bugs or other issues. A custom IP address can also be added to your account rather than use one from AWS.<\/p>\n<blockquote>\n<p>Elastic IP addresses are provided via a Dynamic Host Configuration Protocol (DHCP). These IP addresses are persistent, meaning they will not change when the VM is restarted or shut down.<\/p>\n<\/blockquote>\n<p>In this tutorial, I&rsquo;ll walk you through how to configure an elastic IP address with an AWS EC2 instance.<\/p>\n<h2 id=\"prerequisites\">Prerequisites<\/h2>\n<p>This article doesn&rsquo;t have many prerequisites, it is a tutorial which will assume you already have an AWS EC2 instance provisioned already, that is ready to be associated with an elastic IP address. In case you do not already have an AWS EC2 instance running, please create one before proceeding with the rest of this guide.<\/p>\n<p>Let&rsquo;s dive right in!<\/p>\n<h2 id=\"step-1-choosing-elastic-ip\">Step 1: Choosing Elastic IP<\/h2>\n<p>From the AWS console, navigate to EC2 by clicking <strong>Compute<\/strong>. This should take you straight to your EC2 dashboard.<\/p>\n<img src=\"https:\/\/imgur.com\/AcyqPMa.png\" alt=\"Navigate to dashboard\" width=\"850\" height=\"680\">\n<p>On your dashboard, click on <strong>Elastic IPs<\/strong> under <strong>Network &amp; Security<\/strong>.<\/p>\n<img src=\"https:\/\/i.imgur.com\/Dkj9fZf.png\" alt=\"Elastic IPs\" width=\"850\" height=\"380\">\n<h2 id=\"step-2-creating-new-ip\">Step 2: Creating New IP<\/h2>\n<p>Click on <strong>Allocate Elastic IP address<\/strong> to create a new static IP address.<\/p>\n<img src=\"https:\/\/i.imgur.com\/RZHubN1.png\" alt=\"Allocate IP\" width=\"850\" height=\"600\">\n<p>Proceed by clicking <strong>Allocate<\/strong>.<\/p>\n<p><img src=\"https:\/\/i.imgur.com\/tOHiIeq.png\" alt=\"IP options\"><\/p>\n<img src=\"https:\/\/i.imgur.com\/7fTbBsv.png\" alt=\"Click to proceed\" width=\"870\" height=\"400\">\n<h2 id=\"step-3-assigning-ip-to-ec2-instance\">Step 3: Assigning IP to EC2 Instance<\/h2>\n<p>Once the allocation request is successful, assign the static IP to your EC2 instance.<\/p>\n<p>On the elastic IP view, select the IP you just allocated and click the <strong>Actions<\/strong> dropdown.<\/p>\n<p><img src=\"https:\/\/i.imgur.com\/lAH3ayu.png\" alt=\"Actions menu\"><\/p>\n<p>Select the <strong>View details<\/strong> button to reveal the info page on the elastic IP.<\/p>\n<p><img src=\"https:\/\/i.imgur.com\/qmj3cHd.png\" alt=\"Elastic IP details\"><\/p>\n<p>On this page, click the <strong>Associate Elastic IP address<\/strong> button.<\/p>\n<img src=\"https:\/\/i.imgur.com\/G7dxeV5.jpg\" alt=\"Associate IP address\" width=\"870\" height=\"400\">\n<h2 id=\"step-4-associating-ip-to-instance\">Step 4: Associating IP to Instance<\/h2>\n<p>Search for your instance ID from the <strong>Instance<\/strong> field.<\/p>\n<img src=\"https:\/\/i.imgur.com\/Qk9mmxw.jpg\" alt=\"Locate instance ID\" width=\"870\" height=\"400\">\n<p>Select the instance ID and scroll down to click the <strong>Associate<\/strong> button.<\/p>\n<img src=\"https:\/\/i.imgur.com\/qHKIKA8.jpg\" alt=\"Associate IP\" width=\"870\" height=\"400\">\n<h2 id=\"step-5-checking-the-instance-view\">Step 5: Checking The Instance View<\/h2>\n<p>Your elastic IP address has now been associated with your EC2 instance. Head to your instance view by clicking on your instance ID. The address of your static IP is now displayed on the view.<\/p>\n<img src=\"https:\/\/i.imgur.com\/O1pU17c.jpg\" alt=\"IP associated successfully\" width=\"870\" height=\"400\">\n<h2 id=\"step-6-connecting-to-the-instance\">Step 6: Connecting to The Instance<\/h2>\n<p>Connect to your EC2 instance with the newly associated static IP. On your instance view, click <strong>Connect<\/strong>. A view with connection details can now be seen. If you\u2019re using a Linux or Mac system, open up your terminal.<\/p>\n<img src=\"https:\/\/i.imgur.com\/0Ev8QuC.jpg\" alt=\"Instance summary\" width=\"870\" height=\"400\">\n<p>Select <em>SSH<\/em> on the connect view. This tutorial connects via SSH through PowerShell.<\/p>\n<img src=\"https:\/\/i.imgur.com\/mEA9rqh.jpg\" alt=\"Connect to instance\" width=\"870\" height=\"400\">\n<p>Set permissions on private key if you haven\u2019t already by pasting one of the below commands in your terminal or CLI:<\/p>\n<p><strong>Option A: Linux<\/strong><\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-bash\" data-lang=\"bash\">chmod <span style=\"color:#ae81ff\">400<\/span> vpckey.pem\n<\/code><\/pre><\/div><p><strong><em>set permission on Linux for an EC2 instance private key<\/em><\/strong>\n<img src=\"https:\/\/i.imgur.com\/X57vVuQ.jpg\" alt=\"Set permissions on Linux for private key\" width=\"870\" height=\"400\"><\/p>\n<p><strong>Option B: Windows (PowerShell)<\/strong><\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-powershell\" data-lang=\"powershell\">ICACLS <span style=\"color:#e6db74\">&#34;vpckey.pem&#34;<\/span> \/grant<span style=\"color:#960050;background-color:#1e0010\">:<\/span>r <span style=\"color:#e6db74\">&#34;bashirk:(F)&#34;<\/span> \/C\n<\/code><\/pre><\/div><p><strong><em>set permission on Windows for an EC2 instance private key<\/em><\/strong>\n<img src=\"https:\/\/i.imgur.com\/nw5GwTC.jpg\" alt=\"Set permissions on Windows for private key\" width=\"870\" height=\"400\"><\/p>\n<p>You can copy-paste the second command shown on your instance description to connect to your remote instance:<\/p>\n<img src=\"https:\/\/i.imgur.com\/ZykYflI.jpg\" alt=\"Connect to EC2 instance\" width=\"870\" height=\"400\">\n<p>Enter <em>Yes<\/em> to proceed.<\/p>\n<img src=\"https:\/\/i.imgur.com\/zDkmiG0.jpg\" alt=\"CLI connected to instance\" width=\"870\" height=\"400\">\n<p>The instance is now connected, as shown below, this was validated by confirming the present working directory with the command <code>pwd<\/code>. Please proceed with building whatever solution you want to deploy on your EC2 instance.<\/p>\n<img src=\"https:\/\/i.imgur.com\/GsV1pvf.jpg\" alt=\"Connected EC2 instance\" width=\"870\" height=\"400\">\n<h2 id=\"limits-on-elastic-ips\">Limits on Elastic IPs<\/h2>\n<p>According to this AWS documentation on service quotas, \u201cYour AWS account has default quotas, formerly referred to as limits, for each AWS service.\u201d\nThe important thing to understand is that static IPs on EC2 instances have a limit of five IPs per region per account, so you can\u2019t allocate more than five static IPs in the same AWS region. If you already have up to five elastic IPs, you can either delete one or select a new AWS region before allocating a new IP.<\/p>\n<p>If you need to confirm your elastic IP address limit, head over to your EC2 dashboard. Select <strong>Limits<\/strong> from the left pane and type in <em>IP<\/em> in the search box. You should immediately see the <strong>EC2-VPC Elastic IPs<\/strong> limit. Click on it for more details about the limit quota.<\/p>\n<p>Remember, the good thing about elastic IPs is they don\u2019t change or expire, unless they are disassociated from an instance and released.<\/p>\n<p>Request an increase to your quota from the <a href=\"https:\/\/console.aws.amazon.com\/servicequotas\/\">Service Quotas Console<\/a> if the need arises.<\/p>\n<h2 id=\"conclusion\">Conclusion<\/h2>\n<p>In this tutorial, you learned how to set up an elastic IP address and connect it remotely with your AWS EC2 instance. As you saw, this is a simple process that gives you more control over your EC2 instance and allows you to choose your own IP address for as long as you need it.<\/p>\n<p>If you have any questions, feel free to reach out to me on <a href=\"https:\/\/linkedin.com\/in\/bashir-korede\">LinkedIn<\/a><\/p>\n"},{"title":"2023: Top SRE Tools","link":"https:\/\/kints.netlify.app\/blogs\/sre-tools\/","pubDate":"Sun, 29 Jan 2023 20:37:52 +0000","author":"korede@persent.io (Korede Bashir)","guid":"https:\/\/kints.netlify.app\/blogs\/sre-tools\/","description":"<h2 id=\"introduction\">Introduction<\/h2>\n<table>\n<thead>\n<tr>\n<th style=\"text-align:center\"><img src=\"https:\/\/i.imgur.com\/DBKb5Go.jpg\" alt=\"Site Reliability Engineering image\"><\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td style=\"text-align:center\"><em>Source: UnSplash<\/em><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>When choosing new tools for your <em>Site Reliability Engineering<\/em> needs, there are several factors you will need to consider, which will define your IT operations. In this article, I tell you about the most popular and sought-out tools that Site Reliability Engineers (SREs) need to have in their toolkits to keep up to date with SRE best practices.<\/p>\n<p><img src=\"https:\/\/i.imgur.com\/gxAwCYK.jpg\" alt=\"SRE tools, courtesy of IndiaMart\"><\/p>\n<h3 id=\"what-are-sre-tools\">What Are SRE Tools?<\/h3>\n<table>\n<thead>\n<tr>\n<th style=\"text-align:center\"><img src=\"https:\/\/i.imgur.com\/gxAwCYK.jpg\" alt=\"SRE Tools\"><\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td style=\"text-align:center\"><em>Source: <a href=\"https:\/\/m.indiamart.com\/proddetail\/best-devops-training-institute-courses-21555527533.html\">IndiaMart<\/a><\/em><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>SRE tools help to ensure there is a much-needed bridge between the existing gaps in system design, development, and operational execution by providing IT teams with the ability to assess and comprehend new insights on platform reliability.<\/p>\n<h3 id=\"why-you-need-to-choose-the-right-sre-tools\">Why You Need To Choose The Right SRE Tools<\/h3>\n<p>Choosing the right SRE tools is as important as anything when planning out system and infrastructure design. The tools you choose and use at any given time essentially depend on where your team is at in its SRE journey.<\/p>\n<p>When selecting SRE tools for your team, there are a couple of factors to consider. If your team is at the initial phases of its SRE journey, you will tend to use more specialized operations tools, as opposed to the set of SRE tools more mature organizations will use. There is a need for your team to experiment and adapt the right tools as it continues on its journey to seek new, efficient ways to bring more reliability to actions carried out by the team.<\/p>\n<h2 id=\"factors-to-consider-when-choosing-sre-tools\">Factors To Consider When Choosing SRE Tools<\/h2>\n<p>Every team and organization has its own outlined ways of defining infrastructures and platforms. Depending on the SRE practices your organization implements, and how your organization builds its architectures, there is always the need for the SRE tools you will be working with to be standardized. Below are some important factors to consider when standardizing SRE tools.<\/p>\n<h3 id=\"cost\">Cost<\/h3>\n<p>SRE is expensive, no doubt. This brings forth the need to adopt only SRE practices that will benefit your business. The structure of many formal frameworks, including SRE, is staggering in its demands for costs as well as human resources.<\/p>\n<p>Increasing demand leads many organizations to implement newly-defined structures and fit them into IT operations when it makes business sense and has a considerable amount of impact. This sort of case results in a large cost disadvantage for SRE teams.<\/p>\n<p>Additionally, since SRE only works for certain software applications, noting that teams aren&rsquo;t running commits daily - teams in organizations like healthcare or finance verticals. Paying for SRE tools and not making use of the tools is one thing, and paying for tools and under-utilizing them is another. All of these need to be put into perspective.<\/p>\n<h3 id=\"good-integration-with-existing-tools\">Good Integration With Existing Tools<\/h3>\n<p>Aside from the cost, the level of potential integration the tool you are considering has about another tool you are considering is also important. All systems used in an organization are never going to be the same. There is an increasing number of integrations between tools, but there is also a large variety of languages, platforms, encryption types, and more that are being utilized by systems, and communication between these entities is important. The communication your intended tool has with another intended tool will allow these various tools to share data seamlessly.<\/p>\n<p>Consider a <em>Software-as-a-Service (SaaS)<\/em> architecture that is focused on delivering high-level support facilities with easily scalable infrastructure. This kind of architecture will always rely on tools that are primarily designated for cloud-native applications. Examples of tools used by this architecture would be <strong>Docker<\/strong> and <strong>Kubernetes<\/strong>. Docker uses operating-system-level virtualizations to deliver softwares in containers, while Kubernetes is a container orchestrator that automates the process around scaling, managing, updating, and removing containers. Kubernetes integrates well with Docker because it relies on a container runtime to orchestrate.<\/p>\n<h3 id=\"community-or-1st-party-support\">Community or 1st Party Support?<\/h3>\n<p>Another factor to consider is the level of support being garnered by the tool. Any tool being considered for your SRE practice needs to have a high level of support. If the tool is open source, then there has to be a great community of maintainers around the tool, and in the case of a non-Free and Open Source Software, the 1st party support of the SRE tool needs to be 1st class. This factor is beyond cost limitations as many free SRE tools can provide an equal level of functionality compared to some paid tools. Though some others offer less functionality compared to their paid competitors.<\/p>\n<h3 id=\"outputs---visualizations-and-reporting\">Outputs - visualizations and reporting?<\/h3>\n<p>Clear and great visibility of your system reporting is a great first step to the improved stability of your infrastructure. Having an eagle\u2019s eye view of your system makes preemptive solving of problems possible. Getting the right data at the right time with associated context will always make troubleshooting stuff easier, which is a game-changer for those who want better system stability. Apart from offering the needed insight into your team&rsquo;s SRE data, dashboarding tools have great and appealing visual representations of data, and it is always great to work with dashboarding tools that provide great visual representations.<\/p>\n<p>Dashboarding tools like <strong>Grafana<\/strong> help SREs in figuring out issues much more effectively by visualizing all the necessary data points on a single screen. These tools offer precise information about the system&rsquo;s health by providing adequate graphical representations of system data.<\/p>\n<blockquote>\n<p>\u201cGrafana provides an integrated solution to metrics and logs for composing observability characteristics in the form of graphical representation.\u201d<\/p>\n<\/blockquote>\n<h3 id=\"reliabilitystability---especially-important-for-monitoring-and-alerting\">Reliability\/Stability - especially important for monitoring and alerting<\/h3>\n<p>As long as your organization is following SRE practices, you must ensure that your SRE tools are reliable and stable at all times. SRE tools that are not stable might damage the health condition of your systems or break the systems. Monitoring is a good case to evaluate reliability and stability, which is required to ascertain that a system is behaving as expected. So also is alerting, which is required to get real-time updates on systems at specific times. Monitoring and alerting tools that are being evaluated the need to identify performance errors and help maintain service availability with the utmost efficiency, as SRE teams will always need to see what\u2019s going on in their systems. Teams need to ensure that their systems are meeting specific goals, and understanding what happens when a change is made to the system before a customer\/user does is key. The more reason SRE tools need to be reliable and stable, monitoring and alerting tools most importantly.<\/p>\n<h3 id=\"how-automated-is-the-tool---the-more-work-the-tool-handles-the-less-cognitive-load-on-sres\">How Automated Is The Tool? - the more work the tool handles, the less cognitive load on SREs<\/h3>\n<p>Before settling down on a tool for use, it is important to understand the amount of work the tool can handle in your workload. You\u2019ll need to evaluate the API offerings of the tool for extensibility if the tool seems limited. <em>APIs are a set of functions and procedures in software development that allows for adequate communication between various components<\/em>. Without APIs, additional complex steps will always be required to use an SRE tool across large corporates or startups, which can make the tool very difficult to use. Aside from the amount of work the SRE tool can carry out, it is also important to know how well the tool is automated, as this will allow you and the team to do more with less at all times.<\/p>\n<h3 id=\"potential-for-customization-to-suit-organizational-needs\">Potential For Customization To Suit Organizational Needs<\/h3>\n<p>A number of the SRE tools you will be making use of will be limited. So it makes sense to want to make customizations to the tools to suit your needs. An SRE tool that doesn&rsquo;t allow for customizations will not be extensible, thereby limiting your usage of the tool.<\/p>\n<p>Customizable tools should also have proper documentation and tutorials that will help make sure your team understands the basic functionalities of the tool. To extend the capabilities of some tools, you might need access to public or private API offerings for such tools, but also ensure you can get the necessary access whenever you need it.<\/p>\n<h2 id=\"what-a-model-sre-tool-stack-might-look-like-for-large-corporate-enterprises--high-growth-startups\">What A Model SRE Tool Stack Might Look Like; For Large Corporate Enterprises &amp; High Growth Startups<\/h2>\n<p>Service delivery and data management processes differ according to company size, but due to SRE practices being followed by companies, large corporates, and high-growth startups now use mostly the same SRE tool stack. The following is a typical tool stack for companies;<\/p>\n<h3 id=\"source-code-control\">Source Code Control<\/h3>\n<p>Software source code control is an essential part of SRE. Without proper code management and integration, building efficient systems will not be possible, as the transport of code has to be tracked end to end, this will ensure code defects are detected early. Source code control tools make this possible.<\/p>\n<p>The notable source code control tool for large corporates and high-growth startups is <strong>Git<\/strong>, which is an open-source version control system.<\/p>\n<h3 id=\"configuration-management\">Configuration Management<\/h3>\n<p>Configuration management is the process of maintaining and establishing the consistency of a software product by tracking and controlling all changes made to the product. Configuration management tools ensure software products are in a desired and consistent state.<\/p>\n<p>The notable configuration management tools for use are <strong>Chef<\/strong> (used by <em>Meta<\/em>) and <strong>Ansible<\/strong>. Chef helps in streamlining configuration management tasks across cloud platforms to automatically provision new machines, while Ansible also helps in enabling an <em>infrastructure-as-code (IaC)<\/em> architecture, aside from its configuration management offering.<\/p>\n<h3 id=\"data-storage\">Data Storage<\/h3>\n<p>Data is a key factor in every business operation. And real-time data processing and management help in quality decision-making. There is also the need to have data stored with a tool that can ensure easy access to the data and the correct integrity of the data being stored.<\/p>\n<p>The notable data storage tools for use are <em>NoSQL databases<\/em> that store data in raw key\/value pairs but not tabular relations used by SQL databases, this is because of the need to process data in instantaneous time and provide room for horizontal scaling when needed. Examples of these NoSQL databases are; <strong>RocksDB<\/strong>, <strong>DynamoDB<\/strong>, <strong>CosmosDB<\/strong>, <strong>MongoDB<\/strong>.<\/p>\n<h3 id=\"continuous-integration--continuous-delivery-cicd\">Continuous Integration \/ Continuous Delivery (CI\/CD)<\/h3>\n<p>Continuous integration is a process whereby code for specific software functionalities is integrated via the automated testing of every change affected on the source code. Continuous delivery follows continuous integration by delivering the tested codebase through automated deployments to a production environment.<\/p>\n<p>The notable CI\/CD tools for use are <strong>Jenkins<\/strong> and <strong>CircleCI<\/strong>.<\/p>\n<p>Jenkins is an open-source automation server that enables teams to reliably build, test, and deploy their software. CircleCI also automates the software development and delivery process across an organization&rsquo;s cloud and infrastructures.<\/p>\n<p>\u200d<\/p>\n<h3 id=\"observability\">Observability<\/h3>\n<p>Observability is a major factor in maintaining system health. SREs are embedded with the task to build queries across alert systems to check whether all functionalities are running as expected. This also helps when there&rsquo;s the need to generate alerts in case of a defect in system behavior. Tools for observability vary, this includes tools for <em>Log Aggregation, Application Performance Monitoring, Metrics Collection, Distributed Tracing.<\/em><\/p>\n<p>The notable observability tools for use, across observability areas, include the following;<\/p>\n<h4 id=\"log-aggregation\">Log Aggregation<\/h4>\n<p><strong>Sentry<\/strong> is a log aggregation tool that collects system data from various endpoints and directly enhances the performances of the source code.<\/p>\n<p><strong>Fluentd<\/strong> is a data collector built for a unified logging layer across architectures.<\/p>\n<h4 id=\"application-performance-monitoring-tools\">Application Performance Monitoring Tools<\/h4>\n<p><strong>DynaTrace<\/strong> has observability, security features, intelligent solutions, and automation features built-in in a single platform that helps developers monitor the performance of the system effectively<\/p>\n<p><strong>AppDynamics<\/strong> is an observability platform that provides real-time data insights for system performance and helps in driving business growth and productivity<\/p>\n<h4 id=\"metrics-collection\">Metrics Collection<\/h4>\n<p><strong>Prometheus<\/strong> is an open-source monitoring tool that provides a dimensional (time-series) data model of all system performance characteristics<\/p>\n<p><strong>InfluxDB<\/strong> helps the development team in building and monitoring time-stamped data series across the infrastructure.<\/p>\n<h4 id=\"distributed-tracing\">Distributed Tracing<\/h4>\n<p><strong>OpenTelemetry<\/strong> is an open-source observability framework for monitoring cloud-native software applications with telemetry data.<\/p>\n<h3 id=\"dashboarding\">Dashboarding<\/h3>\n<p>Dashboarding helps in figuring out issues much more effectively by visualizing all the necessary data points on a single screen. These tools offer precise information about the system&rsquo;s health by providing adequate graphical representations of system data.<\/p>\n<p><strong>Grafana<\/strong> provides an integrated solution to metrics and logs for composing observability characteristics in the form of graphical representations.<\/p>\n<h3 id=\"containers-and-orchestrators\">Containers and Orchestrators<\/h3>\n<p>Containers are portable operating-system-level virtualizations. They execute their capabilities by gathering all the necessary configuration files and executables needed by microservices and orchestration tools.<\/p>\n<p>The notable tools around Containers and Orchestrators for use are <strong>Docker<\/strong> which is used for operating system-level virtualizations to deliver softwares in containers, and <strong>Kubernetes<\/strong> which is a container orchestrator that automates the process around scaling, managing, updating, and removing containers. Kubernetes integrates well with Docker because it relies on a container runtime to orchestrate.\n\u200d<\/p>\n<h3 id=\"alerting-system\">Alerting System<\/h3>\n<p>Alert systems rank highest amongst all the observability tools because they direct all incoming system alerts to the requisite internal services.<\/p>\n<h2 id=\"conclusion\">Conclusion<\/h2>\n<p>This blog post was compiled to cover the factors to put into consideration when mapping out SRE tools for use. If you\u2019re just planning to adopt SRE practices in your organization, train your team on SRE tools, or just follow SRE best practices, this guide showed you the top tools to consider for the job, and how each of the factors outlined above is an important step to take when planning to work with SRE tools.<\/p>\n"},{"title":"Gentle introduction to Remote Procedure Calls (RPCs) in the Cosmos ecosystem","link":"https:\/\/kints.netlify.app\/blogs\/gentle-introduction-to-rpcs-in-the-cosmos-ecosystem\/","pubDate":"Mon, 09 Jan 2023 20:37:52 +0000","author":"korede@persent.io (Korede Bashir)","guid":"https:\/\/kints.netlify.app\/blogs\/gentle-introduction-to-rpcs-in-the-cosmos-ecosystem\/","description":"<h2 id=\"introduction\">Introduction<\/h2>\n<p>Remote procedure calls (RPCs) are the ability of one program to call a\nsubroutine or function that is located in another program and has been\ngiven an address. At a high level, this means that we can make a request\nto another computer (e.g., a different process on the same computer or a\nprocess on another computer) to execute some code and get back a\nresponse as output. When building distributed applications, one of the\nmost challenging problems is how to propagate information among\ndifferent nodes in a fast and reliable way. In this article, you will be\nintroduced to RPCs in the Cosmos ecosystem.<\/p>\n<h3 id=\"why-are-remote-procedure-calls-important\">Why are remote procedure calls important?<\/h3>\n<p>There are several importance of RPCs; let&rsquo;s take a look at a few of\nthem:<\/p>\n<ul>\n<li>\n<p>Remote procedure calls require minimal effort whenever there's a need for another development of the code.<\/p>\n<\/li>\n<li>\n<p>RPC omits many of the protocol layers to improve performance.<\/p>\n<\/li>\n<li>\n<p>RPCs support models that are thread-oriented.<\/p>\n<\/li>\n<li>\n<p>RPCs are also used in both local and distributed environments.<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"rpcs-in-the-cosmos-ecosystem\">RPCs in the Cosmos Ecosystem<\/h2>\n<p>RPCs are a fundamental building block of any distributed system. The\nability to call a subroutine that is located in another program that has\nbeen given an address is a crucial feature of distributed computing. In\nthe Cosmos ecosystem, RPCs are used to propagate information among\ndifferent nodes, which could be on the same computer or on other\ncomputers. The Cosmos SDK provides you with an Application Blockchain\nInterface (ABCI)\n<a href=\"https:\/\/docs.cosmos.network\/main\/core\/baseapp.html\">boilerplate<\/a>,\nan RPC-compliant implementation, which provides all the basic\nfunctionalities you can use to create application layers. The ABCI\ninterface connects state machines with consensus engines to form\nfunctional nodes.<\/p>\n<h3 id=\"defining-an-rpc-in-the-cosmos-network\">Defining an RPC in the Cosmos Network<\/h3>\n<p>An RPC definition in Cosmos is in the form of a\n<a href=\"https:\/\/docs.cosmos.network\/main\/building-modules\/messages-and-queries.html#queries\">query<\/a>,\nwhich is the request made by end-users to the response node. The query\nis JSON-RPC compliant {Request, Response} pair, and it consists of the\nfunction the user wants to execute and the input parameters. Optionally,\nthe RPC may have a return value.<\/p>\n<p>To understand how RPCs work in the Cosmos network, let&rsquo;s look at an\nexample. Imagine that you own a company and you want to transfer money\nfrom one of your accounts to another. This is done by making a request\nto your bank. The bank receives your request, verifies it, and then\nexecutes the transfer. In the same manner, an RPC is a request made by\nan end user to a response node, which then verifies the request and\nexecutes the function.<\/p>\n<h2 id=\"querying-the-cosmos-network-with-the-grpc\">Querying the Cosmos Network with the gRPC<\/h2>\n<p>One of the most common use cases for RPCs is making queries to the\nnetwork. You might want to query the network because you want to find\nout what the current state of a particular action is, or you might want\nto find out the addresses of peers that can help you propagate a given\naction. For instance, you may want to query the network to find out who\nissued a given token or find out who is currently responsible for a\ngiven token (i.e., the token&rsquo;s issuer). The gRPC provides you with a\nlanguage-agnostic way to make all these queries to the network; in fact,\nyou can even use it to query other distributed systems, such as\nKubernetes, that support the gRPC protocol. Typical query objects can be\nof the form:<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-ts\" data-lang=\"ts\"><span style=\"color:#66d9ef\">type<\/span> <span style=\"color:#a6e22e\">QueryNameForRequestInCamelCase<\/span> <span style=\"color:#a6e22e\">struct<\/span> {\n  \n  <span style=\"color:#a6e22e\">VarId<\/span> <span style=\"color:#a6e22e\">datatype<\/span>\n\n<span style=\"color:#75715e\">\/\/ Insert your request variables and data types\n<\/span><span style=\"color:#75715e\"><\/span>}\n<span style=\"color:#66d9ef\">type<\/span> <span style=\"color:#a6e22e\">QueryNameForResponseInCamelCase<\/span> <span style=\"color:#a6e22e\">struct<\/span> {\n  \n  <span style=\"color:#a6e22e\">VarResponse<\/span> <span style=\"color:#a6e22e\">datatype<\/span>\n\n<span style=\"color:#75715e\">\/\/ Insert your response variables and data types\n<\/span><span style=\"color:#75715e\"><\/span>}\n<\/code><\/pre><\/div><h3 id=\"synchronous--asynchronous-rpcs\">Synchronous &amp; Asynchronous RPCs<\/h3>\n<p>RPCs in the Cosmos ecosystem come in two flavors: synchronous and\nasynchronous. While both flavors perform the same remote procedure call,\ntheir underlying implementations are very different. Synchronous RPCs\nare always blocking remote procedure calls: your program stops running\nwhile the remote procedure call is being executed. Asynchronous RPCs, on\nthe other hand, return a future object that represents the remote\nprocedure call; the program will continue executing while the future\nobject is awaiting the result of the remote procedure call. Asynchronous\nRPCs are, therefore, useful in scenarios where you want to continue\nexecuting your program while the remote procedure call is being executed\nin the background. On the flip side, asynchronous RPCs are also useful\nwhen you want to make sure that your program does not block and does not\naffect other remote procedure calls on the network.<\/p>\n<h3 id=\"remote-procedure-calls-with-network-persistence\">Remote procedure calls with network persistence<\/h3>\n<p>One of the most useful features of the Cosmos SDK is the ability to make\nRPCs with network persistence. Network persistence in the Cosmos network\nmeans that the Cosmos SDK attempts to resend an RPC to the network if it\nfails. The Cosmos SDK will first execute the remote procedure call, and\nif the remote procedure call succeeds, it will return the result of the\nremote procedure call. If the remote procedure call fails, the Cosmos\nSDK retries the call based on a set of secondary conditions that the\nCosmos SDK will check before retrying the remote procedure call. If any\nof the conditions are met, the Cosmos SDK will retry the remote\nprocedure call; if all conditions fail, the Cosmos SDK then exits with\nan error. \u00a0<\/p>\n<h2 id=\"summary\">Summary<\/h2>\n<p>RPCs are a fundamental building block of any distributed system. In the\nCosmos ecosystem, RPCs are used to propagate information among different\nnodes, and they come in two flavors: synchronous and asynchronous.\nSynchronous RPCs are always blocking remote procedure calls: your\nprogram stops running while the remote procedure call is being executed.\nAsynchronous RPCs, on the other hand, return a future object that\nrepresents the remote procedure call: your program will continue\nexecuting while the future object is awaiting the result of the remote\nprocedure call. In this article, we reviewed what RPCs are, and how to\ndefine RPCs in the Cosmos network.<\/p>\n"},{"title":"Getting Started Building Docker Images with Gradle","link":"https:\/\/kints.netlify.app\/blogs\/building-docker-images-with-gradle\/","pubDate":"Thu, 11 Aug 2022 20:37:52 +0000","author":"korede@persent.io (Korede Bashir)","guid":"https:\/\/kints.netlify.app\/blogs\/building-docker-images-with-gradle\/","description":"<h2 id=\"introduction\">Introduction<\/h2>\n<p>It is no news that Gradle is the most popular build tool for Java Virtual Machine (JVM) projects\non GitHub, you can check out the performance benchmarks for Gradle\n<a href=\"https:\/\/blog.gradle.org\/gradle-vs-bazel-jvm\">here<\/a>. In this guide, you will learn about how to build a Docker Image with Gradle. As a gentle reminder, your projects can always be organized into subprojects to structure your software project into useful modules, you would understand what this is like as you progress through the guide. Now, let me get you started with this step-by-step guide.<\/p>\n<h2 id=\"what-youll-build\">WHAT YOU&rsquo;LL BUILD<\/h2>\n<p>To reiterate, you&rsquo;ll be building a Docker image with the Gradle Build Tool. In case you&rsquo;re wondering what Docker or a Docker image is, Docker is <em>a set of platform-as-a-service offerings that use OS-level virtualization for software delivery<\/em>, while a Docker image is a read-only file that includes instructions for creating a Docker container. Want to know more? You should definitely check this <a href=\"https:\/\/docker.com\/resources\/what-container\">article<\/a> out.<\/p>\n<h2 id=\"what-youll-need\">WHAT YOU&rsquo;LL NEED<\/h2>\n<p>Going forward, you&rsquo;ll need some set of resources to successfully build a Docker image for your project, and the following resources that have been itemized below are exactly all what you need to get started;<\/p>\n<h3 id=\"resources\">Resources:<\/h3>\n<ul>\n<li><a href=\"https:\/\/gradle.org\/install\">Gradle distro<\/a><\/li>\n<li>The open source <a href=\"https:\/\/github.com\/bmuschko\/gradle-docker-plugin\">gradle-docker-plugin<\/a><\/li>\n<li>An Integrated Development Environment (IDE) \u2013 example; <a href=\"https:\/\/jetbrains.com\/idea\/download\">the IntelliJ IDEA<\/a><\/li>\n<li>Your application<\/li>\n<\/ul>\n<p>So before getting our hands dirty, it is worthy to note that the <a href=\"https:\/\/github.com\/bmuschko\/gradle-docker-plugin\">gradle-docker-plugin<\/a> we would be using has support for Java and Spring boot applications, and there are three plugins available for use\n\u2013 the <a href=\"https:\/\/bmuschko.github.io\/gradle-docker-plugin\/#usage\">Remote API Plugin<\/a>, the <a href=\"https:\/\/bmuschko.github.io\/gradle-docker-plugin\/#usage_2\">Java Application Plugin<\/a>, and the <a href=\"https:\/\/bmuschko.github.io\/gradle-docker-plugin\/#usage_3\">Spring Boot Application Plugin<\/a>. For the purpose of this guide, we\u2019ll be making use of the <a href=\"https:\/\/bmuschko.github.io\/gradle-docker-plugin\/#usage\">Remote API Plugin<\/a>. All of these plugins are available on the <a href=\"https:\/\/plugins.gradle.org\/search?term=com.bmuschko.docker\">Gradle Plugin Portal<\/a>.<\/p>\n<h2 id=\"create-a-project-folder\">CREATE A PROJECT FOLDER<\/h2>\n<p>There are a number of ways that <em><em>Gradle<\/em><\/em> can come in handy for your JVM project, but the most common way is the <em>build automation process<\/em>, which would be the key thing we would be doing \u2013 outlining build tasks for Gradle to process using a Domain Specific Language (DSL), we would be using the <em>Groovy DSL<\/em> in this guide. And in order to get on with outlining build tasks, you have to decide which project it is you\u2019re running a build process for. If you do not have a project to run a build process for, you can create a new project by starting off with\ncreating a new folder. This new folder would house the whole of the new project.<\/p>\n<p>To do this, head over to your desired directory, create a new folder for your project and switch to the new\nfolder.<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-sh\" data-lang=\"sh\">mkdir projectname\ncd projectname\n<\/code><\/pre><\/div><p>Note: There are comprehensive <a href=\"https:\/\/gradle.org\/guides\">guides<\/a> on the Gradle website that will walk you through how to build applications using Gradle. You can keep following along if you\u2019re working with a Java application, otherwise, jump over to the <em>APPLY THE PLUGIN<\/em> <a href=\"#apply-plugin\">section<\/a>.<\/p>\n<h2 id=\"run-the-init-task\">RUN THE INIT TASK<\/h2>\n<p>Now that we have a root folder setup for the project, it is now time to wave our first magic wand, the <code>gradle init<\/code> command. Now don&rsquo;t fret, what this command does is automatically initialize and create the necessary <em>Gradle<\/em> files needed to build the new project. With Gradle,\nyou have the opportunity and flexibility of stating the exact things you want Gradle to do for you by using some keywords to state instructions \u2013 these instructions are called <code>tasks<\/code>.<\/p>\n<p>Gradle is shipped with a built-in task, called <code>init<\/code> which initializes a new Gradle project. This is what Gradle does every time we tell it <code>init<\/code>. Right there, inside your new project folder (within a\nterminal console), run the <code>gradle init<\/code> command. After doing this, Gradle would prompt you to select the project type to generate, enter <em>2<\/em> for application. Next, Gradle asks for the language to implement the project in, enter <em>3<\/em> for Java. Next, choose a build script DSL, select <em>1<\/em> - as we would be using Groovy for this guide. Hit <em>Enter<\/em> for the rest of the prompts to\nmake use of the default values of the prompts.<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-sh\" data-lang=\"sh\">gradle init\n<\/code><\/pre><\/div><!-- \/\/IMAGE: Output for gradle init\n&gt;Below is how the new project structure should look like\n\/\/IMAGE: New structure for the `projectname` project\n-->\n<h2 id=\"review-the-project-files\">REVIEW THE PROJECT FILES<\/h2>\n<p>Before proceeding, it is essential to know what the above files and folders do. And in order to understand this, kindly proceed to this guide on the [official Gradle website](<a href=\"https:\/\/docs.gradle.org\/current\/samples\/sample_building_java_applications_multi_project.ht\">https:\/\/docs.gradle.org\/current\/samples\/sample_building_java_applications_multi_project.ht<\/a>\nml#review_the_project_files).<\/p>\n<p>The parts of these project files that are essential to building a Docker image are the build scripts \u2013 the <em>build.gradle<\/em> files. These build scripts are where you outline your own instructions (tasks) for Gradle, and the main build script to work with here is the <code>build.gradle(.kts)<\/code> build file in <code>buildSrc<\/code> \u2013 this is where our list of tasks would go into, it is also where we would be adding the open source <code>gradle-docker-plugin<\/code> we would be working with.<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-groovy\" data-lang=\"groovy\"><span style=\"color:#75715e\">\/\/buildSrc\/build.gradle\n<\/span><span style=\"color:#75715e\"><\/span>plugins <span style=\"color:#f92672\">{<\/span>\nid <span style=\"color:#e6db74\">&#39;war&#39;<\/span>\nid <span style=\"color:#e6db74\">&#39;groovy-gradle-plugin&#39;<\/span>\n<span style=\"color:#f92672\">}<\/span>\nversion <span style=\"color:#f92672\">=<\/span> <span style=\"color:#e6db74\">&#39;1.0&#39;<\/span>\nsourceCompatibility <span style=\"color:#f92672\">=<\/span> <span style=\"color:#ae81ff\">1.7<\/span>\nrepositories <span style=\"color:#f92672\">{<\/span>\ngradlePluginPortal<span style=\"color:#f92672\">()<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<\/code><\/pre><\/div><h2 id=\"run-the-tests\">RUN THE TESTS<\/h2>\n<p>In case you\u2019ve written any unit tests for your project files (or want to run the Gradle-generated tests, you can skip to the next step if this doesn\u2019t interest you), the command to run to get an analysis of your test is <code>.\/gradlew check<\/code>. Run this command within a subproject or the subprojects you\u2019d like to test. Test reports would be generated to the <code>{subproject}\/buid\/reports<\/code> folder within that specific subproject you have run the <code>.\/gradlew check<\/code> command.<\/p>\n<h2 id=\"run-the-application\">RUN THE APPLICATION<\/h2>\n<p>You can check out the new project by running it via the <code>.\/gradlew run<\/code> command, which basically instructs Gradle to run the <code>mainClass<\/code> property of your project.<\/p>\n<!-- \/\/IMAGE: Application output -->\n<h2 id=\"bundle-the-application\">BUNDLE THE APPLICATION<\/h2>\n<p>It is now time to generate an archive file that we would be building into a Docker image, the basic command to do this is the <code>.\/gradlew build<\/code> command which builds and compiles the whole project and generates both an <code>app.tar<\/code> and an <code>app.zip<\/code> file inside the <code>app\/build\/distributions<\/code> folder.<\/p>\n<!-- \/\/IMAGE: Build output -->\n<h2 id=\"publish-a-build-scan\">PUBLISH A BUILD SCAN<\/h2>\n<p>There is an optional flag that can be appended to the above command, the <code>--scan<\/code> flag. With this flag, you get the opportunity to get more analysis about the build process of your project. So running <code>.\/gradlew build --scan<\/code> would generate a URL at the end of the build processes, this URL is a link to the remote location of the details of your build process \u2013 hence, the build scan.<\/p>\n<h2 id=\"apply-plugin\">APPLY THE PLUGIN<\/h2>\n<p>Now that we have a build of our project, the very next step is to apply the <code>gradle-docker-plugin<\/code> to the content of our project. To do this, create a new file titled <strong>docker.gradle<\/strong> inside the <em>gradle<\/em> folder within your project (this <em>gradle<\/em> folder houses the <em>wrapper<\/em> folder\nfor gradle-wrappers). Paste the following code inside <strong>gradle\/docker.gradle<\/strong>.<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-groovy\" data-lang=\"groovy\"><span style=\"color:#75715e\">\/\/gradle\/docker.gradle\n<\/span><span style=\"color:#75715e\"><\/span>buildscript <span style=\"color:#f92672\">{<\/span>\n<span style=\"color:#75715e\">\/\/Access to the plugin portal\n<\/span><span style=\"color:#75715e\"><\/span>repositories <span style=\"color:#f92672\">{<\/span>\ngradlePluginPortal<span style=\"color:#f92672\">()<\/span>\n<span style=\"color:#f92672\">}<\/span>\n\n<span style=\"color:#75715e\">\/\/Plugin addition that helps Gradle interacting with Docker\n<\/span><span style=\"color:#75715e\"><\/span>dependencies <span style=\"color:#f92672\">{<\/span>\nclasspath <span style=\"color:#e6db74\">&#39;com.bmuschko:gradle-docker-plugin:6.7.0&#39;<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<span style=\"color:#f92672\">}<\/span>\napply plugin: com<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">bmuschko<\/span><span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">gradle<\/span><span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">docker<\/span><span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">DockerRemoteApiPlugin<\/span>\n<\/code><\/pre><\/div><p>Then go inside <code>buildSrc\/build.gradle<\/code>, and paste in the script below<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-groovy\" data-lang=\"groovy\"><span style=\"color:#75715e\">\/\/buildSrc\/build.gradle\n<\/span><span style=\"color:#75715e\">\/\/other scripts\n<\/span><span style=\"color:#75715e\"><\/span>apply from: <span style=\"color:#e6db74\">&#39;gradle\/docker.gradle&#39;<\/span>\n<\/code><\/pre><\/div><p>In order to make use of <code>gradle-docker-plugin<\/code>, you must add Gradle\u2019s Plugin Portal as a repository inside the <code>repositories<\/code> block, this will grant you access to all community plugins in the Gradle\u2019s plugin portal \u2013 including the <code>gradle-docker-plugin<\/code>. As you can observe, in order to use a plugin, you are required to declare this needed plugin as a dependency in the <code>dependencies {}<\/code> script block.<\/p>\n<h2 id=\"configure-the-plugin\">CONFIGURE THE PLUGIN<\/h2>\n<p>In order to use Docker effectively with the plugin, it is important to provide the credentials needed to host the image we\u2019ll be publishing to the <em>Docker Hub registry<\/em>. These credentials can be provided as project properties within the <code>gradle.properties<\/code> file in the home directory\nfor your current user, alternatively, the credentials can be provided as environment variables.<\/p>\n<p>To do this, modify the <em>gradle\/docker.gradle<\/em> file to reflect the script below<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-groovy\" data-lang=\"groovy\">buildscript <span style=\"color:#f92672\">{<\/span>\n<span style=\"color:#75715e\">\/\/repositories {\u2026}\n<\/span><span style=\"color:#75715e\">\/\/dependencies {\u2026}\n<\/span><span style=\"color:#75715e\"><\/span>docker <span style=\"color:#f92672\">{<\/span>\nnewProject <span style=\"color:#f92672\">{<\/span>\n\nmaintainer <span style=\"color:#f92672\">=<\/span> <span style=\"color:#e6db74\">&#39;YOUR_NAME &amp;quot;YOUR_EMAIL&amp;quot;&#39;<\/span>\n<span style=\"color:#f92672\">}<\/span>\nregistryCredentials <span style=\"color:#f92672\">{<\/span>\nusername <span style=\"color:#f92672\">=<\/span> getCredential<span style=\"color:#f92672\">(<\/span><span style=\"color:#e6db74\">&#39;DOCKER_USERNAME&#39;<\/span><span style=\"color:#f92672\">,<\/span> <span style=\"color:#e6db74\">&#39;docker.username&#39;<\/span><span style=\"color:#f92672\">)<\/span>\npassword <span style=\"color:#f92672\">=<\/span> getCredential<span style=\"color:#f92672\">(<\/span><span style=\"color:#e6db74\">&#39;DOCKER_PASSWORD&#39;<\/span><span style=\"color:#f92672\">,<\/span> <span style=\"color:#e6db74\">&#39;docker.password&#39;<\/span><span style=\"color:#f92672\">)<\/span>\nemail <span style=\"color:#f92672\">=<\/span> getCredential<span style=\"color:#f92672\">(<\/span><span style=\"color:#e6db74\">&#39;DOCKER_EMAIL&#39;<\/span><span style=\"color:#f92672\">,<\/span> <span style=\"color:#e6db74\">&#39;docker.email&#39;<\/span><span style=\"color:#f92672\">)<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<span style=\"color:#75715e\">\/\/apply plugin:[\u2026]\n<\/span><span style=\"color:#75715e\"><\/span>String <span style=\"color:#a6e22e\">getCredential<\/span><span style=\"color:#f92672\">(<\/span>String envVar<span style=\"color:#f92672\">,<\/span> String sysProp<span style=\"color:#f92672\">)<\/span> <span style=\"color:#f92672\">{<\/span>\nSystem<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">getenv<\/span><span style=\"color:#f92672\">(<\/span>envVar<span style=\"color:#f92672\">)<\/span> <span style=\"color:#f92672\">?:<\/span> project<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">findProperty<\/span><span style=\"color:#f92672\">(<\/span>sysProp<span style=\"color:#f92672\">)<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<\/code><\/pre><\/div><p>The plugin has been added to the project, and Docker has been configured, what next? I hear you ask, well, it is time to outline the specifics of what tasks we need Gradle to perform. For building our Docker image, we need to run the following tasks listed below sequentially.<\/p>\n<ul>\n<li>Create a Dockerfile<\/li>\n<li>Build an image using the Dockerfile<\/li>\n<li>Push the image to a Docker registry<\/li>\n<\/ul>\n<h2 id=\"create-a-dockerfile\">CREATE A DOCKERFILE<\/h2>\n<p>So, we\u2019ll be kicking off by creating a Dockerfile \u2013 which is essentially generating a Dockerfile using of the methods provided by the <code>Dockerfile<\/code> task, this task is also helpful in populating the Dockerfile. To do this, modify the <em>gradle\/docker.gradle<\/em> file to reflect the script below<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-groovy\" data-lang=\"groovy\">buildscript <span style=\"color:#f92672\">{<\/span>\n<span style=\"color:#75715e\">\/\/repositories {\u2026}\n<\/span><span style=\"color:#75715e\">\/\/dependencies {\u2026}\n<\/span><span style=\"color:#75715e\">\/\/docker {\u2026}\n<\/span><span style=\"color:#75715e\"><\/span>\n<span style=\"color:#f92672\">import<\/span> com.bmuschko.gradle.docker.tasks.image.Dockerfile\n\ntask <span style=\"color:#a6e22e\">dockerCreateDockerfile<\/span><span style=\"color:#f92672\">(<\/span>type: Dockerfile<span style=\"color:#f92672\">)<\/span> <span style=\"color:#f92672\">{<\/span>\ngroup <span style=\"color:#f92672\">=<\/span> <span style=\"color:#e6db74\">&#39;Docker&#39;<\/span>\ndestFile <span style=\"color:#f92672\">=<\/span> project<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">file<\/span><span style=\"color:#f92672\">(<\/span><span style=\"color:#e6db74\">&#39;build\/docker\/Dockerfile&#39;<\/span><span style=\"color:#f92672\">)<\/span>\nfrom <span style=\"color:#e6db74\">&#39;dockerfile\/java:openjdk-7-jre&#39;<\/span>\nmaintainer <span style=\"color:#e6db74\">&#39;YOUR_NAME &amp;quot;YOUR_EMAIL&amp;quot;&#39;<\/span>\ncopyFile war<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">archiveName<\/span><span style=\"color:#f92672\">,<\/span> <span style=\"color:#e6db74\">&#39;\/app\/projectname.war&#39;<\/span>\nentryPoint <span style=\"color:#e6db74\">&#39;java&#39;<\/span>\ndefaultCommand <span style=\"color:#e6db74\">&#39;-jar&#39;<\/span><span style=\"color:#f92672\">,<\/span> <span style=\"color:#e6db74\">&#39;\/app\/projectname.war&#39;<\/span>\nexposePort <span style=\"color:#ae81ff\">5701<\/span>\nrunCommand <span style=\"color:#e6db74\">&#39;apk --update --no-cache add curl&#39;<\/span>\n<span style=\"color:#f92672\">}<\/span>\ntask <span style=\"color:#a6e22e\">dockerSyncBuildContext<\/span><span style=\"color:#f92672\">(<\/span>type: Sync<span style=\"color:#f92672\">)<\/span> <span style=\"color:#f92672\">{<\/span>\ndependsOn assemble\nfrom tar<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">archivePath<\/span>\ninto dockerCreateDockerfile<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">destFile<\/span><span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">parentFile<\/span>\n<span style=\"color:#f92672\">}<\/span>\ndockerCreateDockerfile<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">dependsOn<\/span> dockerSyncBuildContext\n<span style=\"color:#75715e\">\/\/apply plugin:[\u2026]\n<\/span><span style=\"color:#75715e\">\/\/String getCredential(\u2026) {\u2026}\n<\/span><span style=\"color:#75715e\"><\/span><span style=\"color:#f92672\">}<\/span>\n<\/code><\/pre><\/div><p>By running the above task, the <code>dockerCreateDockerfile<\/code> method will produce Dockerfile instructions in the <code>build\/docker\/Dockerfile<\/code> file similar to the ones listed as statements within the <code>dockerCreateDockerfile<\/code> method. These instructions tell Docker to do the following; to copy the built WAR file when creating the Docker image, then the application\u2019s main class should be automatically executed with the <code>java<\/code> command -when starting the image inside of a\nDocker container. And once the application is up and running, the container should expose the application\u2019s functionality through the open port <em>5701<\/em>.<\/p>\n<h2 id=\"build-an-image-using-the-dockerfile\">BUILD AN IMAGE USING THE DOCKERFILE<\/h2>\n<p>Now it is time to build an image using the Dockerfile we created. Before proceeding, ensure your Docker environment is up and running, and your environment variables (or project settings) have been modified to reflect your Docker credentials. Moving on, we will be using the <code>DockerBuildImage<\/code> task to take care of all the implementation details necessary to build a Docker image. To do this, modify the <em>gradle\/docker.gradle<\/em> file to reflect the script below<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-groovy\" data-lang=\"groovy\">buildscript <span style=\"color:#f92672\">{<\/span>\n<span style=\"color:#75715e\">\/\/repositories {\u2026}\n<\/span><span style=\"color:#75715e\">\/\/dependencies {\u2026}\n<\/span><span style=\"color:#75715e\">\/\/docker {\u2026}\n<\/span><span style=\"color:#75715e\"><\/span>\n<span style=\"color:#75715e\">\/\/import com.bmuschko.gradle.docker.tasks.image.Dockerfile\n<\/span><span style=\"color:#75715e\"><\/span><span style=\"color:#f92672\">import<\/span> com.bmuschko.gradle.docker.tasks.image.DockerBuildImage\n<span style=\"color:#75715e\">\/\/task dockerCreateDockerfile(type: Dockerfile) {\u2026}\n<\/span><span style=\"color:#75715e\">\/\/task dockerSyncBuildContext(type: Sync) {\u2026}\n<\/span><span style=\"color:#75715e\">\/\/dockerCreateDockerfile.dependsOn dockerSyncBuildContext\n<\/span><span style=\"color:#75715e\"><\/span>task <span style=\"color:#a6e22e\">dockerBuildImage<\/span><span style=\"color:#f92672\">(<\/span>type: DockerBuildImage<span style=\"color:#f92672\">)<\/span> <span style=\"color:#f92672\">{<\/span>\ngroup <span style=\"color:#f92672\">=<\/span> <span style=\"color:#e6db74\">&#39;Docker&#39;<\/span>\ndependsOn dockerCreateDockerfile\ninputDir <span style=\"color:#f92672\">=<\/span> dockerCreateDockerfile<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">destFile<\/span><span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">parentFile<\/span>\ntag <span style=\"color:#f92672\">=<\/span> <span style=\"color:#f92672\">&amp;<\/span>quot<span style=\"color:#f92672\">;<\/span>bashirk<span style=\"color:#e6db74\">\/projectname:$war.version&amp;quot;\n<\/span><span style=\"color:#e6db74\">}\n<\/span><span style=\"color:#e6db74\">\/\/apply plugin:[\u2026]\n<\/span><span style=\"color:#e6db74\">\/<\/span><span style=\"color:#f92672\">\/<\/span>String getCredential<span style=\"color:#f92672\">(<\/span><span style=\"color:#960050;background-color:#1e0010\">\u2026<\/span><span style=\"color:#f92672\">)<\/span> <span style=\"color:#f92672\">{<\/span><span style=\"color:#960050;background-color:#1e0010\">\u2026<\/span><span style=\"color:#f92672\">}<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<\/code><\/pre><\/div><p>As you might have observed, the <code>DockerBuildImage<\/code> task takes care of the building of the image, you only need to point the <code>DockerBuildImage<\/code> task to the location of the Dockerfile and the War file \u2013 and, yes, provide a tag. This tag lists a target Docker repository for your project, and also the version number of your project. You might also want to ensure you have built the correct Docker image for your project, to do this you only need to run the command <code>docker images<\/code> which would show you a list of the images you have built that are ready for deployment.<\/p>\n<!-- \/\/IMAGE: docker images\n\n\/\/IMAGE: docker run\n\/\/IMAGE: docker container ls -->\n<h2 id=\"publish-the-docker-image\">PUBLISH THE DOCKER IMAGE<\/h2>\n<p>We have built the Docker image, and it is high time we publish the image we have built to a public Docker Hub registry. A Docker Hub is basically a resource repository for published Docker images, public or private. To have your image published to a public Docker\nHub registry, modify the <em>gradle\/docker.gradle<\/em> file as follows<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-groovy\" data-lang=\"groovy\">buildscript <span style=\"color:#f92672\">{<\/span>\n<span style=\"color:#75715e\">\/\/repositories {\u2026}\n<\/span><span style=\"color:#75715e\">\/\/dependencies {\u2026}\n<\/span><span style=\"color:#75715e\">\/\/docker {\u2026}\n<\/span><span style=\"color:#75715e\"><\/span>\n<span style=\"color:#75715e\">\/\/import com.bmuschko.gradle.docker.tasks.image.Dockerfile\n<\/span><span style=\"color:#75715e\">\/\/import com.bmuschko.gradle.docker.tasks.image.DockerBuildImage\n<\/span><span style=\"color:#75715e\"><\/span><span style=\"color:#f92672\">import<\/span> com.bmuschko.gradle.docker.tasks.image.DockerPushImage\n\n<span style=\"color:#75715e\">\/\/task dockerCreateDockerfile(type: Dockerfile) {\u2026}\n<\/span><span style=\"color:#75715e\">\/\/task dockerSyncBuildContext(type: Sync) {\u2026}\n<\/span><span style=\"color:#75715e\">\/\/dockerCreateDockerfile.dependsOn dockerSyncBuildContext\n<\/span><span style=\"color:#75715e\">\/\/task dockerBuildImage(type: DockerBuildImage) {\u2026}\n<\/span><span style=\"color:#75715e\"><\/span>task <span style=\"color:#a6e22e\">dockerPushImage<\/span><span style=\"color:#f92672\">(<\/span>type: DockerPushImage<span style=\"color:#f92672\">)<\/span> <span style=\"color:#f92672\">{<\/span>\ngroup <span style=\"color:#f92672\">=<\/span> <span style=\"color:#e6db74\">&#39;Docker&#39;<\/span>\ndependsOn dockerBuildImage\nconventionMapping<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">imageName<\/span> <span style=\"color:#f92672\">=<\/span> <span style=\"color:#f92672\">{<\/span> dockerBuildImage<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">getTag<\/span><span style=\"color:#f92672\">()<\/span> <span style=\"color:#f92672\">}<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<span style=\"color:#75715e\">\/\/apply plugin:[\u2026]\n<\/span><span style=\"color:#75715e\"><\/span>\n<span style=\"color:#75715e\">\/\/String getCredential(\u2026) {\u2026}\n<\/span><span style=\"color:#75715e\"><\/span><span style=\"color:#f92672\">}<\/span>\n<\/code><\/pre><\/div><p>Congratulations! You just published a Docker image built with Gradle to a Docker Hub registry.<\/p>\n<p>At this point, you should have a <em><em>gradle\/docker.gradle<\/em><\/em> file like this below<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-groovy\" data-lang=\"groovy\">buildscript <span style=\"color:#f92672\">{<\/span>\n<span style=\"color:#75715e\">\/\/Access to the plugin portal\n<\/span><span style=\"color:#75715e\"><\/span>repositories <span style=\"color:#f92672\">{<\/span>\ngradlePluginPortal<span style=\"color:#f92672\">()<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<span style=\"color:#75715e\">\/\/Plugin addition that helps Gradle interacting with Docker\n<\/span><span style=\"color:#75715e\"><\/span>dependencies <span style=\"color:#f92672\">{<\/span>\nclasspath <span style=\"color:#e6db74\">&#39;com.bmuschko:gradle-docker-plugin:6.7.0&#39;<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<span style=\"color:#75715e\">\/\/Docker configuration\n<\/span><span style=\"color:#75715e\"><\/span>docker <span style=\"color:#f92672\">{<\/span>\n\nnewProject <span style=\"color:#f92672\">{<\/span>\n\nmaintainer <span style=\"color:#f92672\">=<\/span> <span style=\"color:#e6db74\">&#39;Korede Bashir &amp;quot;bashirkorede@gmail.com&amp;quot;&#39;<\/span>\n<span style=\"color:#f92672\">}<\/span>\nregistryCredentials <span style=\"color:#f92672\">{<\/span>\nusername <span style=\"color:#f92672\">=<\/span> getCredential<span style=\"color:#f92672\">(<\/span><span style=\"color:#e6db74\">&#39;DOCKER_USERNAME&#39;<\/span><span style=\"color:#f92672\">,<\/span> <span style=\"color:#e6db74\">&#39;docker.username&#39;<\/span><span style=\"color:#f92672\">)<\/span>\npassword <span style=\"color:#f92672\">=<\/span> getCredential<span style=\"color:#f92672\">(<\/span><span style=\"color:#e6db74\">&#39;DOCKER_PASSWORD&#39;<\/span><span style=\"color:#f92672\">,<\/span> <span style=\"color:#e6db74\">&#39;docker.password&#39;<\/span><span style=\"color:#f92672\">)<\/span>\nemail <span style=\"color:#f92672\">=<\/span> getCredential<span style=\"color:#f92672\">(<\/span><span style=\"color:#e6db74\">&#39;DOCKER_EMAIL&#39;<\/span><span style=\"color:#f92672\">,<\/span> <span style=\"color:#e6db74\">&#39;docker.email&#39;<\/span><span style=\"color:#f92672\">)<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<span style=\"color:#75715e\">\/\/Imports for the necessary task actions\n<\/span><span style=\"color:#75715e\"><\/span><span style=\"color:#f92672\">import<\/span> com.bmuschko.gradle.docker.tasks.image.Dockerfile\n<span style=\"color:#f92672\">import<\/span> com.bmuschko.gradle.docker.tasks.image.DockerBuildImage\n<span style=\"color:#f92672\">import<\/span> com.bmuschko.gradle.docker.tasks.image.DockerPushImage\n<span style=\"color:#75715e\">\/\/Task to create Dockerfile\n<\/span><span style=\"color:#75715e\"><\/span>task <span style=\"color:#a6e22e\">dockerCreateDockerfile<\/span><span style=\"color:#f92672\">(<\/span>type: Dockerfile<span style=\"color:#f92672\">)<\/span> <span style=\"color:#f92672\">{<\/span>\n\ngroup <span style=\"color:#f92672\">=<\/span> <span style=\"color:#e6db74\">&#39;Docker&#39;<\/span>\ndestFile <span style=\"color:#f92672\">=<\/span> project<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">file<\/span><span style=\"color:#f92672\">(<\/span><span style=\"color:#e6db74\">&#39;build\/docker\/Dockerfile&#39;<\/span><span style=\"color:#f92672\">)<\/span>\nfrom <span style=\"color:#960050;background-color:#1e0010\">\u2018<\/span>dockerfile<span style=\"color:#e6db74\">\/java:openjdk-7-jre\u2019\n<\/span><span style=\"color:#e6db74\">maintainer \u2018Korede Bashir &amp;quot;bashirkorede@gmail.com&amp;quot;&#39;\n<\/span><span style=\"color:#e6db74\">copyFile war.archiveName, &#39;\/<\/span>app<span style=\"color:#e6db74\">\/projectname.war\n<\/span><span style=\"color:#e6db74\">entryPoint &#39;java&#39;\n<\/span><span style=\"color:#e6db74\">defaultCommand &#39;-jar&#39;, &#39;\/<\/span>app<span style=\"color:#e6db74\">\/projectname.war\n<\/span><span style=\"color:#e6db74\">exposePort 5701\n<\/span><span style=\"color:#e6db74\">runCommand &#39;apk --update --no-cache add curl&#39;\n<\/span><span style=\"color:#e6db74\">}\n<\/span><span style=\"color:#e6db74\">task dockerSyncBuildContext(type: Sync) {\n<\/span><span style=\"color:#e6db74\">dependsOn assemble\n<\/span><span style=\"color:#e6db74\">from java.archivePath\n<\/span><span style=\"color:#e6db74\">into dockerCreateDockerfile.destFile.parentFile\n<\/span><span style=\"color:#e6db74\">}\n<\/span><span style=\"color:#e6db74\">dockerCreateDockerfile.dependsOn dockerSyncBuildContext\n<\/span><span style=\"color:#e6db74\">\/\/Task to build image\n<\/span><span style=\"color:#e6db74\">task dockerBuildImage(type: DockerBuildImage) {\n<\/span><span style=\"color:#e6db74\">group = &#39;Docker&#39;\n<\/span><span style=\"color:#e6db74\">dependsOn dockerCreateDockerfile\n<\/span><span style=\"color:#e6db74\">inputDir = dockerCreateDockerfile.destFile.parentFile\n<\/span><span style=\"color:#e6db74\">tag = &amp;quot;bashirk\/<\/span>projectname:$war<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">version<\/span><span style=\"color:#f92672\">&amp;<\/span>quot<span style=\"color:#f92672\">;<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<span style=\"color:#75715e\">\/\/Task to publish image\n<\/span><span style=\"color:#75715e\"><\/span>task <span style=\"color:#a6e22e\">dockerPushImage<\/span><span style=\"color:#f92672\">(<\/span>type: DockerPushImage<span style=\"color:#f92672\">)<\/span> <span style=\"color:#f92672\">{<\/span>\ngroup <span style=\"color:#f92672\">=<\/span> <span style=\"color:#e6db74\">&#39;Docker&#39;<\/span>\ndependsOn dockerBuildImage\nconventionMapping<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">imageName<\/span> <span style=\"color:#f92672\">=<\/span> <span style=\"color:#f92672\">{<\/span> dockerBuildImage<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">getTag<\/span><span style=\"color:#f92672\">()<\/span> <span style=\"color:#f92672\">}<\/span>\n<span style=\"color:#f92672\">}<\/span>\napply plugin: com<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">bmuschko<\/span><span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">gradle<\/span><span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">docker<\/span><span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">DockerRemoteApiPlugin<\/span>\nString <span style=\"color:#a6e22e\">getCredential<\/span><span style=\"color:#f92672\">(<\/span>String envVar<span style=\"color:#f92672\">,<\/span> String sysProp<span style=\"color:#f92672\">)<\/span> <span style=\"color:#f92672\">{<\/span>\nSystem<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">getenv<\/span><span style=\"color:#f92672\">(<\/span>envVar<span style=\"color:#f92672\">)<\/span> <span style=\"color:#f92672\">?:<\/span> project<span style=\"color:#f92672\">.<\/span><span style=\"color:#a6e22e\">findProperty<\/span><span style=\"color:#f92672\">(<\/span>sysProp<span style=\"color:#f92672\">)<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<span style=\"color:#f92672\">}<\/span>\n<\/code><\/pre><\/div><!-- \/\/IMAGE: Published image on Docker Hub -->\n<h2 id=\"summary\">SUMMARY<\/h2>\n<p>In this guide you learnt how to initialize and build a new project with Gradle, and also learnt to build this new project into a Docker image, and published the Docker image to a public registry.<\/p>\n<p>Now let\u2019s do a recap (TL;DR); the <em>gradle\/docker.gradle<\/em> file will create the Dockerfile, produce the Docker image with the latest changes in the <code>TAR<\/code> file and push this image to a Docker Hub registry; in doing this, we walked through some steps, which includes how to:<\/p>\n<ul>\n<li>Use <code>gradle init<\/code> to initialize a new Java application<\/li>\n<li>Modularize a project into subprojects<\/li>\n<li>Run tests and generate test reports<\/li>\n<li>Build and bundle the application<\/li>\n<li>Apply the plugin for creating Docker images<\/li>\n<li>Configure the plugin<\/li>\n<li>Create a Dockerfile<\/li>\n<li>Build a Docker image<\/li>\n<li>Publish a Docker image<\/li>\n<\/ul>\n<h2 id=\"next-steps\">NEXT STEPS<\/h2>\n<p>It might interest you to learn more details about the Gradle build tool as well as the plugin used with Gradle to generate and build the Docker image in this guide, do check out the following resources:<\/p>\n<ul>\n<li><a href=\"https:\/\/bmuschko.github.io\/gradle-docker-plugin\">The Gradle Docker Plugin documentaion<\/a>.<\/li>\n<li><a href=\"https:\/\/docs.gradle.org\/current\/userguide\/building_java_projects.html\">Building Java and JVM projects<\/a>.<\/li>\n<li>The Java application plugin <a href=\"https:\/\/docs.gradle.org\/current\/userguide\/application_plugin.html\">documentation<\/a>.<\/li>\n<\/ul>\n"},{"title":"How I Passed the Azure Developer Associate Certification Exam","link":"https:\/\/kints.netlify.app\/blogs\/how-i-passed-the-azure-developer-associate-certification-exam\/","pubDate":"Fri, 13 May 2022 22:37:52 +0000","author":"korede@persent.io (Korede Bashir)","guid":"https:\/\/kints.netlify.app\/blogs\/how-i-passed-the-azure-developer-associate-certification-exam\/","description":"<p><em><strong>If you are looking at writing your Azure Developer Associate exam, and gaining the Azure Developer Certification, then this guide right here should come in really handy.<\/strong><\/em>\n<img src=\"https:\/\/dev-to-uploads.s3.amazonaws.com\/i\/87dezmpj1xlfpwnh5jj4.png\" alt=\"Alt Text\"><\/p>\n<h2 id=\"getting-started\">Getting Started<\/h2>\n<p>In this guide, I will be telling you how I studied for, and passed, my <em>Azure Developer Associate certification<\/em> exam - and how you can too. As a part of this telling on how I passed the exam, you will be learning what to expect in the exam, and how my experience can help you pass the exam at your first go.<\/p>\n<p>Going forward, I would like to give you a quick run-through of the <strong>Microsoft certification<\/strong> program, as this took me quite some time before I figured out how the certification works. And as such, I would like to save you the time and stress by telling you all about the Microsoft Azure certification program in just about a minute.<\/p>\n<p>As an addition, I published a blog post on <a href=\"https:\/\/dev.to\/bashirk\/the-proven-way-to-become-a-cloud-engineer-in-2020-3ic3\">The Proven Way to Become a Cloud Engineer<\/a> which also explains, in great details, the Microsoft Azure role-based certification.<\/p>\n<p><img src=\"https:\/\/dev-to-uploads.s3.amazonaws.com\/i\/rs3qfq05bnyild1x2gvp.png\" alt=\"Alt Text\"><\/p>\n<p>The role-based Azure certifications and also the new role-based Azure certifications are a new and good way to become an expert in Microsoft Azure. Any of these role-based certifications' paths map to your job role in your organization and it overly depends on how many years of experience you have.<\/p>\n<p>In previous times, the Microsoft certification program used to have the <em><strong>MCSE<\/strong><\/em> and <em><strong>MCSA<\/strong><\/em> kind of certifications. In order to get your <em>MCSE<\/em> certification, there are some predefined set of exams you need to pass, but this really isn&rsquo;t the best experience for professionals.<\/p>\n<p>Right now, if you are an expert in Azure administration and your job role is to develop and deploy solutions on Microsoft Azure and hybrid environments, then the certification path for you is to get your Azure Developer Associate certification path.<\/p>\n<p>By taking this exam (<em>Microsoft Azure Developer Associate Exam<\/em>), you get a step closer to being a certified <strong>Azure DevOps Expert<\/strong>, which is an expert-level certification in Microsoft Azure. Because after passing your exam, you only need to pass the AZ-400 exam to get the expert certification - Azure DevOps Expert.<\/p>\n<p><img src=\"https:\/\/dev-to-uploads.s3.amazonaws.com\/i\/yl6o12qdwyxeegvxbd2o.png\" alt=\"Alt Text\"><\/p>\n<blockquote>\n<p>According to the <a href=\"https:\/\/docs.microsoft.com\/en-us\/learn\/certifications\/azure-developer\">Azure Developer certification page<\/a>: <em><strong>Azure Developers partner with cloud solution architects, cloud DBAs, cloud administrators, and clients to implement solutions.<\/strong><\/em><\/p>\n<\/blockquote>\n<h2 id=\"exam-structure\">Exam Structure<\/h2>\n<p>Now let&rsquo;s talk about how this important certification has its exam contents organized;<\/p>\n<p>The Azure Developer Associate Exam covers everything you can ever think of when it comes to monitoring and optimizing Azure solutions, implementing Azure security, and developing solutions on top of Azure. Frankly, there are a couple of things you need to know and understand, before going for the Azure Developer Associate Exam.<\/p>\n<p>For the Azure Developer exam, Microsoft expects you to have a minimum of <em>two<\/em> years of experience developing solutions on Azure, while also consuming most of the services Azure offers. Ideally, you should have <strong>practical experience<\/strong> in at least, one or two of the four skill areas that this certification exam covers:<\/p>\n<ul>\n<li>Develop Azure compute solutions (<em>25-30%<\/em>)<\/li>\n<li>Develop for Azure storage (<em>10-15%<\/em>)<\/li>\n<li>Implement Azure security (<em>15-20%<\/em>)<\/li>\n<li>Monitor, troubleshoot, and optimize Azure solutions (<em>10-15%<\/em>)<\/li>\n<li>Connect to and consume Azure services and third-party services (<em>25-30%<\/em>)<\/li>\n<\/ul>\n<h2 id=\"exam-format\">Exam Format<\/h2>\n<p>When you take the Azure Developer Associate Exam, you should be expecting to have <em><strong>three<\/strong><\/em> types of questions. This, below, is the format as at the time of putting this content together.<\/p>\n<p>The first question format is the <strong>lab format<\/strong>, which starts with a business case. Where you are provided with a real-world scenario and you sure have to read through the long business scenario, after reading through the scenario, you get a couple of questions. You can go back and forth, as long as you are still within the business case section. Once you finish these questions related to the business case section, you cannot go back anymore. So you have to go back and forth to review the questions, before proceeding.<\/p>\n<p>Next up, you will get a couple more questions asking you about a business scenario and asking you if a specific solution can help solve the stated business scenario or not. This type of questions carry a YES or NO, where you get to select either to provide an answer. As an example, you might get a question telling you that <em><strong>a company needs to deploy a .Net application, for processing pictures, to an AKS cluster, the pictures must pass quality checks before they hit storage<\/strong><\/em>.<\/p>\n<p>And then the exam engine asks you something like; <em><strong>the application gets uploaded using a dockerfile with commands for quality tests. Would this satisfy the business need?<\/strong><\/em> (YES or NO).<\/p>\n<blockquote>\n<blockquote>\n<p>Spoiler; that wasn&rsquo;t a real exam question.<\/p>\n<\/blockquote>\n<\/blockquote>\n<p>And finally, you get the normal questions (<em>this question format contains the most exam questions<\/em>). This is where you will have a question and you would be given four answers where you have to choose one correct answer from the list of answers. In some cases, you would have to drag and drop options to provide a solution to a question. For these questions, you will be asked to choose, say 3 out of 5 possible actions and then re-list them in the correct order. As a sample case, you will be asked <em><strong>how a developer would deploy a function app using helm<\/strong><\/em>. You would be given like 6 possible actions, three of them are correct, and you have to list them in the correct order. In this case, you might choose (<em><strong>Setup Azure Kubernetes Service with az aks create<\/strong><\/em>) then (<em><strong>prepare function for deployment<\/strong><\/em>) then (<em><strong>perform a deployment with helm deploy<\/strong><\/em>).<\/p>\n<blockquote>\n<p><strong>Note:<\/strong> The labs, the questions format with the fewer questions, carry more points than the ones with more questions.<\/p>\n<\/blockquote>\n<p>My advise here would be to focus on understanding the very steps needed to implement services, checkout the exam objective for pointers.<\/p>\n<p>For my preparation, I focused on the <strong>Develop Azure compute solutions<\/strong> and <strong>Connect to and consume Azure services and third-party services<\/strong> objectives, as these are where my strength - with Azure Developer services - really lies, these objectives include similar questions to the questions around <em>Azure Functions<\/em> and <em>Helm<\/em>. Focusing on these two objectives also made me understand both the <em><strong>Develop for Azure Storage<\/strong><\/em> and <em><strong>Implement Azure security<\/strong><\/em> objectives to a reasonable extent.<\/p>\n<h2 id=\"final-advise\">Final Advise<\/h2>\n<p>Focus on the weighted objectives (<em>objectives with the higher percentage ratio<\/em>), they carry your keys to success. You might also want to fully understand <em><strong>Azure Functions<\/strong><\/em>, <em><strong>AKS<\/strong><\/em>, <em><strong>Azure Table Storage<\/strong><\/em>, <em><strong>developing function apps with blob triggers<\/strong><\/em> (comes in really handy).<\/p>\n<p>As a study plan, I made use of two <em>Pluralsight free weekends<\/em>, that&rsquo;s about 6 days - to binge most of these topics, inorder to refresh my knowledge on subject areas around those objectives.<\/p>\n<p>The <em>Microsoft Azure Developer Associate Exam<\/em> does not require you to be an expert in the DevOps services within Azure, but rather requires you to know how some of these DevOps tools work and when to use what - given a business scenario.<\/p>\n<p>You should also focus on what roles (<strong>RBACs<\/strong>) are required to accomplish specific tasks in Azure as you might have questions asking about what roles are needed to accomplish specific tasks in Azure.<\/p>\n<h2 id=\"conclusion\">Conclusion<\/h2>\n<p>Your best friend in this exam is your practical experience! And the <em><a href=\"https:\/\/microsoft.com\/learn\">Microsoft Learn<\/a><\/em> platform would give you just that! I used this a whole lot. You should check out the Microsoft Learn contents for the Azure Developer Associate Exam <a href=\"https:\/\/docs.microsoft.com\/en-gb\/learn\/certifications\/azure-developer\">here<\/a>.<\/p>\n<p>I do wish you the very best of luck in your Microsoft Azure Developer Associate Exam certification journey. Please do leave a comment if you find this content helpful, and share, to help others find this resource and better prepare them for the exam.<\/p>\n<blockquote>\n<p>DISCLAIMER: I wrote this exam TWICE, failed the first time (and passed the second time with a score of 840!).<\/p>\n<\/blockquote>\n<p>You can <a href=\"https:\/\/www.youracclaim.com\/badges\/adb8931d-fe23-4849-adba-85564b177d36\/public_url\">click on this link to view my badge on Acclaim.<\/a><\/p>\n"},{"title":"Manipulating GitHub Wiki Data With Azure Functions","link":"https:\/\/kints.netlify.app\/blogs\/manipulating-github-wiki-data-with-azure-functions\/","pubDate":"Thu, 14 Apr 2022 20:37:52 +0000","author":"korede@persent.io (Korede Bashir)","guid":"https:\/\/kints.netlify.app\/blogs\/manipulating-github-wiki-data-with-azure-functions\/","description":"<p><img src=\"https:\/\/github.com\/bashirk\/azure_webapp_node\/raw\/assets\/azurefunc.png\" alt=\"Azure Functions\">\n<em>Image: Daily Host News' blog<\/em><\/p>\n<blockquote>\n<p><em>This article is part of <a href=\"https:\/\/aka.ms\/ServerlessSeptember2020\">#ServerlessSeptember<\/a>. You&rsquo;ll find other helpful articles, detailed tutorials, and videos in this all-things-Serverless content collection. New articles from community members and cloud advocates are published every week from Monday to Thursday through September.<\/em><\/p>\n<\/blockquote>\n<blockquote>\n<p><em>Find out more about how Microsoft Azure enables your Serverless functions at <a href=\"https:\/\/docs.microsoft.com\/azure\/azure-functions\/?WT.mc_id=servsept20-devto-cxaall\">https:\/\/docs.microsoft.com\/azure\/azure-functions\/<\/a>.<\/em><\/p>\n<\/blockquote>\n<p>In this article, I will be walking you through how to create and setup a webhook on GitHub, connect the webhook with a newly created API via an Azure Function code which would enable the API to listen to GitHub Wiki update events (<a href=\"https:\/\/developer.github.com\/v3\/activity\/events\/types\/#gollumevent\">Gollum events<\/a>, in this case).<\/p>\n<p>You would also learn how to update their function code to parse information from the GitHub webhook payload, and hence display the results from the payload.<\/p>\n<h2 id=\"getting-started\"><strong>Getting Started<\/strong><\/h2>\n<p>Our first step here would be to deploy a function app, to do this you need to check off some basic requirements needed to get your function in the cloud, which are listed below.<\/p>\n<h3 id=\"requirements\"><strong>Requirements<\/strong><\/h3>\n<p>\u2022 Basic knowledge of <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/functions\/\">Azure Functions<\/a>\n\u2022 Basic knowledge of JavaScript\n\u2022 An <a href=\"https:\/\/aka.ms\/azure4students\">Azure Subscription<\/a>\n\u2022 A <a href=\"https:\/\/github.com\">GitHub<\/a> account<\/p>\n<p>After getting the requirements stated above, sign in to the <a href=\"https:\/\/portal.azure.com\">Azure Portal<\/a> and create a new resource, as shown below.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/master\/Screenshot%202020-01-27%20at%205.34.36%20PM.png\" alt=\"Create a resource\">\n<em>Click on the + icon to create a resource<\/em><\/p>\n<p>In the following blade, click on the <strong>Compute<\/strong> option to reveal the <strong>Function App<\/strong> resource we would be using to deploy our function.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/master\/Screenshot%202020-01-27%20at%205.35.59%20PM.png\" alt=\"Function App\">\n<em>The Azure Functions resource<\/em><\/p>\n<p>In the next blade, you&rsquo;ll be required to provide how you want your Function App to be provisioned; just as below;<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/master\/Screenshot%202020-01-27%20at%205.39.43%20PM.png\" alt=\"Function App Name\">\n<em>Enter a unique appname, this is also the Function App&rsquo;s URL<\/em><\/p>\n<blockquote>\n<p>Click on <strong>Create new<\/strong> to create a new resource group. I didn&rsquo;t create a resource group, because I do have a resource group already - which houses all the functions I&rsquo;ve ever created on my Azure subscription.<\/p>\n<\/blockquote>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/master\/Screenshot%202020-01-27%20at%205.40.01%20PM.png\" alt=\"Azure Functions\">\n<em>Storage and Plan type<\/em><\/p>\n<blockquote>\n<p>Select Node.js as runtime, as we would be working with JavaScript. Then hit <strong>Hosting<\/strong> to move to the next blade<\/p>\n<\/blockquote>\n<p>On this next blade, <em>since we&rsquo;re not really working with storage in this tutorial<\/em>, a storage account would automatically be created for you with the consumption plan I mentioned in the first part. Leave everything as is here, then click <strong>Review + create<\/strong>. But, do ensure the Windows OS option is selected. Very Important!<\/p>\n<p>The following blade would be the option to review all the information you have provided Azure to provision your Function App instance. Review thoroughly, before hitting <strong>Create<\/strong>. Mine looks like this, below;<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/master\/Screenshot%202020-01-27%20at%205.40.42%20PM.png\" alt=\"Review\">\n<em>Review of my Function App instance<\/em><\/p>\n<p>When you&rsquo;re done with reviewal, and after creating the Function App instance - you can monitor the progress of your Function App deployment from notifications (that &ldquo;bell&rdquo; icon). When the resource deployment is complete, click <strong>Go to resource<\/strong> to reveal the newly created Function App instance.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/master\/Screenshot%202020-01-27%20at%205.47.18%20PM.png\" alt=\"Azure resource\">\n<em>Go to your deployed resource<\/em><\/p>\n<p>While on the overview page of your Function App (remember that this instance can hold multiple functions - JavaScript functions, &lsquo;cause of our runtime), click on the <strong>+<\/strong> icon on the left pane to add a new function to your Function App.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/master\/Screenshot%202020-01-27%20at%205.47.48%20PM.png\" alt=\"Azure Functions New\">\n<em>Click on the + icon<\/em><\/p>\n<p>On the following screen, click the <strong>In-portal<\/strong> development environment option before hitting <strong>Continue<\/strong>.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/master\/Screenshot%202020-01-27%20at%205.48.22%20PM.png\" alt=\"Azure Functions New\">\n<em>Select In-portal, then continue<\/em><\/p>\n<blockquote>\n<blockquote>\n<p>NOTE: There are various Azure Functions templates which all serve different purposes. In this Serverless guide, just the <strong>Webhook + API<\/strong> template (which also includes the <strong>HTTPTrigger<\/strong> template) would be covered.<\/p>\n<\/blockquote>\n<\/blockquote>\n<p>\u2022 Going forward, select the <strong>Webhook + API<\/strong> option, then click <strong>Create<\/strong>.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/master\/Screenshot%202020-01-27%20at%205.48.30%20PM.png\" alt=\"Azure Functions New\">\n<em>Select Webhook + API<\/em><\/p>\n<p>The next screen that comes up after clicking <strong>Create<\/strong> is an overview of your newly created function, with an in-portal development environment for editing and compiling your code.<\/p>\n<p>As a start, we would be testing this code out - before going forward with reconstructing the function code to suit the project we would be creating in this article.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/master\/Screenshot%202020-01-27%20at%205.52.06%20PM.png\" alt=\"Azure Functions New\">\n<em>An overview of the newly created function<\/em><\/p>\n<p>And to begin with, click on the <strong>Get function URL<\/strong> button to reveal the URL for your HTTP-triggered function code (yeah, we just deployed a code snippet in the cloud). This URL includes an authentication key for accessing the content of the deployed block of code which has been included in the copied URL. Paste this URL in a new tab on your browser to access the content of your function code.<\/p>\n<p>When the URL page loads up, the first screen you are greeted with is an exception with a message, as shown below. A comprehensive detail on the error can be found in your <em>logs<\/em> from your in-portal environment. To clear the error message, pass in a parameter - as shown below.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/master\/Screenshot%202020-01-27%20at%206.03.18%20PM.png\" alt=\"First Demo\">\n<em>Add a name=any random letters&amp; parameter, as shown, to clear the error message<\/em><\/p>\n<blockquote>\n<p>NOTE: The <em>&amp;<\/em> operator before the <em>code<\/em> parameter helps in passing multiple parameters to an API<\/p>\n<\/blockquote>\n<p>After passing in the <strong>name<\/strong> parameter, you should be greeted with a page similar to the one below!<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/master\/Screenshot%202020-01-27%20at%206.03.28%20PM.png\" alt=\"Second Demo\">\n<em>Hello World! You just successfully deployed a function<\/em><\/p>\n<blockquote>\n<blockquote>\n<p>To reveal the bindings for your created function, click on the <strong>View files<\/strong> panel - on the right side of the portal. Then click the <em>function.json<\/em> file to reveal the input (trigger) and output bindings - these are denoted with <em>in<\/em> and <em>out<\/em>.<\/p>\n<\/blockquote>\n<\/blockquote>\n<blockquote>\n<blockquote>\n<p>There&rsquo;s also a <strong>Test<\/strong> option on the right pane, where you can include and compile code to test for edge cases in your function. BTW,<\/p>\n<\/blockquote>\n<\/blockquote>\n<h2 id=\"what-do-these-function-bindings-do\">What Do These Function Bindings Do?<\/h2>\n<p>The code snippet below should be the same as the code in your <em>function.json<\/em> file. And the description of what this code does is stated below this snippet.<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-json\" data-lang=\"json\">\n{\n    <span style=\"color:#960050;background-color:#1e0010\">...<\/span>\n    <span style=\"color:#f92672\">&#34;bindings&#34;<\/span>: [\n\n    <span style=\"color:#960050;background-color:#1e0010\">\/\/binding<\/span> <span style=\"color:#960050;background-color:#1e0010\">for<\/span> <span style=\"color:#960050;background-color:#1e0010\">input\/trigger<\/span> <span style=\"color:#960050;background-color:#1e0010\">starts<\/span> <span style=\"color:#960050;background-color:#1e0010\">here<\/span>\n        {\n            <span style=\"color:#f92672\">&#34;authLevel&#34;<\/span>: <span style=\"color:#e6db74\">&#34;function&#34;<\/span>,\n            <span style=\"color:#f92672\">&#34;type&#34;<\/span>: <span style=\"color:#e6db74\">&#34;httpTrigger&#34;<\/span>,\n            <span style=\"color:#f92672\">&#34;direction&#34;<\/span>: <span style=\"color:#e6db74\">&#34;in&#34;<\/span>,\n            <span style=\"color:#f92672\">&#34;name&#34;<\/span>: <span style=\"color:#e6db74\">&#34;req&#34;<\/span>\n        },\n\n    <span style=\"color:#960050;background-color:#1e0010\">\/\/binding<\/span> <span style=\"color:#960050;background-color:#1e0010\">for<\/span> <span style=\"color:#960050;background-color:#1e0010\">output<\/span> <span style=\"color:#960050;background-color:#1e0010\">starts<\/span> <span style=\"color:#960050;background-color:#1e0010\">here<\/span>\n        {\n            <span style=\"color:#f92672\">&#34;type&#34;<\/span>: <span style=\"color:#e6db74\">&#34;http&#34;<\/span>,\n            <span style=\"color:#f92672\">&#34;direction&#34;<\/span>: <span style=\"color:#e6db74\">&#34;out&#34;<\/span>,\n            <span style=\"color:#f92672\">&#34;name&#34;<\/span>: <span style=\"color:#e6db74\">&#34;res&#34;<\/span>\n        }\n    ]\n    <span style=\"color:#960050;background-color:#1e0010\">...<\/span>\n}\n\n<\/code><\/pre><\/div><p>As can be seen, the code is in JSON format which is written in key\/value (<strong>&ldquo;key&rdquo;: &ldquo;value&rdquo;<\/strong>) pairs - this should give you a proper sense of how the description of the code snippet above would go.<\/p>\n<p>The first key from the input trigger binding is <strong>authLevel<\/strong> which describes the security (authentication) level for your function, there are only three values (or levels, in this context) that can be passed to this key, which are; the <em>function<\/em>, <em>anonymous<\/em>, and, <em>admin<\/em> levels.<\/p>\n<p>\u2022 The <em>anonymous<\/em> level means that a function does not require a security (authentication) code to execute or provide responses to requests.<\/p>\n<p>\u2022 The <em>function<\/em> level - used in our trigger - means that a function does require a security (authentication) code to execute or provide responses to requests. The trigger binding default value.<\/p>\n<p>\u2022 The <em>admin<\/em> level - used in our trigger - means that a function does require a master security (authentication) code to execute or provide responses to requests, which means that only a user with administrative access (with the master code) to the Function App that hosts the function can execute the said function.<\/p>\n<p>Moving on, the second key from the input binding is <strong>type<\/strong>, which indicates the kind of event that the function would be handling - in our case, HTTP-triggered events - hence, the <em>httpTrigger<\/em> value.<\/p>\n<p>The third key from this same input binding is <strong>direction<\/strong> which denotes the kind of binding in the first bindings block, in this case <em>in<\/em> for input.<\/p>\n<p>The last key from the input binding is the <strong>name<\/strong> key, which accepts the variable name used in the function code, for the request (input) or response (output) bodies, as value.<\/p>\n<p>Now, the output binding has three default keys; <strong>type<\/strong>, <strong>direction<\/strong>, and <strong>name<\/strong>; which define the response provided by your function. More key\/value pairs can definitely be added to suit your function definition.<\/p>\n<p>The first key from the output trigger binding is <strong>type<\/strong> which indicates the kind of value that the function would be processing - in this case, http,  since we would be sending responses to a webhook or the web.<\/p>\n<p>The second key from this same output binding is <strong>direction<\/strong> which denotes the kind of binding in the second bindings block, in this case <em>out<\/em> for output.<\/p>\n<p>The last key, also, from the output binding is the <strong>name<\/strong> key, which also accepts the variable name used in the function code, for the request (input) or response (output) bodies, as value.<\/p>\n<h2 id=\"next-up\"><strong>Next Up<\/strong><\/h2>\n<p>We would be creating and setting up a webhook on GitHub, connect this webhook with our newly created API (we would be making changes to the function code) to listen to Wiki update events (<a href=\"https:\/\/developer.github.com\/v3\/activity\/events\/types\/#gollumevent\">Gollum events<\/a>).<\/p>\n<p>As a reminder, webhooks offer a lightweight mechanism for apps to be notified by another service when something of interest happens via an HTTP endpoint. A webhook can be used to trigger an Azure function, and then analyze the message, to determine what exactly has happened and how best to respond to the event.<\/p>\n<p>What you want to do at this point is to sign in to your GitHub account and create a new repository.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%206.50.00%20PM.png\" alt=\"Create a repo\">\n<em>Create a new repository<\/em><\/p>\n<p>Create a new public repository by clicking the <strong>New<\/strong> button and provide a meaningful name, something like <em>AzureWebhookTest<\/em>.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%206.51.00%20PM.png\" alt=\"Create a Wiki\">\n<em>Wiki creation page<\/em><\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%206.51.26%20PM.png\" alt=\"Create a Wiki\">\n<em>Add basic texts, and save<\/em><\/p>\n<p>Next, select the <strong>Wiki<\/strong> and <em>Create the first page<\/em>, add some basic texts before clicking <strong>Save page<\/strong>.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%206.52.54%20PM.png\" alt=\"Create a Webhook\">\n<em>Add a webhook<\/em><\/p>\n<p>Next up, set up a webhook by going back to the <strong>Settings<\/strong> tab, select <strong>Webhooks<\/strong> then <strong>Add a webhook<\/strong>. You&rsquo;d need to set a payload to the URL for your function, similar to this below:<\/p>\n<p>https:\/\/<your-functionapp-name>.azurewebsites.net\/api\/HttpTrigger1?code=<your-authentication-key><\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%206.54.42%20PM.png\" alt=\"Set a configuration\">\n<em>Webhook configurations<\/em><\/p>\n<p>There&rsquo;s a section that says; <em>Which events would you like to trigger this webhook?<\/em> do select the option labeled <strong>Let me select individual events<\/strong>. Do also change Content type to <em>application\/json<\/em><\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%206.55.35%20PM.png\" alt=\"Set a configuration\">\n<em>More webhook configurations<\/em><\/p>\n<p>Be certain to select the Wiki checkbox. No other check boxes should be selected. Also at the bottom of the Webhooks page, ensure <em>Active<\/em> is checked and select <em>Add webhook<\/em>.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%206.58.36%20PM.png\" alt=\"Verify Webhook\"><\/p>\n<p>You can now verify that everything is going according to plan, when the <em>Webhooks<\/em> page is displayed.<\/p>\n<blockquote>\n<p>Webhooks are basically HTTP callbacks that are triggered by specific events, and are always defined by users. An HTTP request is made to the URL configured for the webhook, by the source site, when an event occurs.<\/p>\n<\/blockquote>\n<blockquote>\n<p>Setting up a webhook is a two-way process. a) You can specify how you want your webhook to behave through GitHub and what events it should listen to. b) You can also set up your function in Azure Functions to receive and manage the payload received from the webhook.<\/p>\n<\/blockquote>\n<h2 id=\"testing-the-project\"><strong>Testing the Project<\/strong><\/h2>\n<p>To test out the newly created Webhooks project, go back to the Wiki tab from your repository, select the created page, edit and input some texts - say, <em>Hello World<\/em>.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%207.03.24%20PM.png\" alt=\"Test Webhook\"><\/p>\n<p>Click the <em>Save Page<\/em> button to save this edit. Now to add a payload to the URL for your function app&rsquo;s function, goto <em>Settings<\/em>, and select <em>Edit<\/em>. Then scroll down to the\u00a0<em>Recent Deliveries<\/em>\u00a0section.<\/p>\n<p>Select the latest delivery entry by clicking on the options <em>&hellip;<\/em> button. After expansion, you should see the\u00a0Header\u00a0information, which includes the\u00a0Event Type, similar to this below:<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-json\" data-lang=\"json\">\n<span style=\"color:#960050;background-color:#1e0010\">Request<\/span> <span style=\"color:#960050;background-color:#1e0010\">URL:<\/span> <span style=\"color:#960050;background-color:#1e0010\">https:\/\/introfunc.azurewebsites.net\/api\/HttpTrigger<\/span><span style=\"color:#ae81ff\">1<\/span><span style=\"color:#960050;background-color:#1e0010\">?code=aUjXIpqdJ<\/span><span style=\"color:#ae81ff\">0<\/span><span style=\"color:#960050;background-color:#1e0010\">ZHPQuB<\/span><span style=\"color:#ae81ff\">0<\/span><span style=\"color:#960050;background-color:#1e0010\">SzFegxGJu<\/span><span style=\"color:#ae81ff\">0<\/span><span style=\"color:#960050;background-color:#1e0010\">nAXmsQBnmkCpJ<\/span><span style=\"color:#ae81ff\">6<\/span><span style=\"color:#960050;background-color:#1e0010\">RYxleRaoxJ<\/span><span style=\"color:#ae81ff\">8<\/span><span style=\"color:#960050;background-color:#1e0010\">cQ%<\/span><span style=\"color:#ae81ff\">3<\/span><span style=\"color:#960050;background-color:#1e0010\">D%<\/span><span style=\"color:#ae81ff\">3<\/span><span style=\"color:#960050;background-color:#1e0010\">D<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">Request<\/span> <span style=\"color:#960050;background-color:#1e0010\">method:<\/span> <span style=\"color:#960050;background-color:#1e0010\">POST<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">content-type:<\/span> <span style=\"color:#960050;background-color:#1e0010\">application\/json<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">Expect:<\/span> \n<span style=\"color:#960050;background-color:#1e0010\">User-Agent:<\/span> <span style=\"color:#960050;background-color:#1e0010\">GitHub-Hookshot\/<\/span><span style=\"color:#ae81ff\">16496<\/span><span style=\"color:#960050;background-color:#1e0010\">cb<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">X-GitHub-Delivery:<\/span> <span style=\"color:#ae81ff\">9<\/span><span style=\"color:#960050;background-color:#1e0010\">ed<\/span><span style=\"color:#ae81ff\">46280-6<\/span><span style=\"color:#960050;background-color:#1e0010\">ab<\/span><span style=\"color:#ae81ff\">3<\/span><span style=\"color:#ae81ff\">-11e9<\/span><span style=\"color:#ae81ff\">-8<\/span><span style=\"color:#960050;background-color:#1e0010\">a<\/span><span style=\"color:#ae81ff\">19<\/span><span style=\"color:#960050;background-color:#1e0010\">-f<\/span><span style=\"color:#ae81ff\">1<\/span><span style=\"color:#960050;background-color:#1e0010\">a<\/span><span style=\"color:#ae81ff\">14922<\/span><span style=\"color:#960050;background-color:#1e0010\">a<\/span><span style=\"color:#ae81ff\">239<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">X-GitHub-Event:<\/span> <span style=\"color:#960050;background-color:#1e0010\">gollum<\/span>\n\n<\/code><\/pre><\/div><blockquote>\n<p>Webhooks require a couple of configuration options before you can use them. We&rsquo;ll go through each of these settings next.<\/p>\n<\/blockquote>\n<blockquote>\n<p><strong>Note:<\/strong>\n<em>Payload URL<\/em>\nThe payload URL is the URL of the server that will receive the webhook POST requests. Each event type has a specific payload format. That payload contains information about the event that triggered the webhook.<\/p>\n<\/blockquote>\n<blockquote>\n<p><em>Content Type<\/em>\nWebhooks can be delivered using two different content types:\na)The application\/json content type delivers the JSON payload directly as the body of the POST request.\na) The application\/x-www-form-urlencoded content type sends the JSON payload as a form parameter, called payload.<\/p>\n<\/blockquote>\n<p>You&rsquo;ll also see that the payload contains information indicating that your wiki page was edited. The payload contains pages, repository, and sender sections.<\/p>\n<h2 id=\"wrapping-up\"><strong>Wrapping Up<\/strong><\/h2>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%207.13.27%20PM.png\" alt=\"Final Test Webhook\"><\/p>\n<p>Now you&rsquo;ll see a response message generated by your Azure function app. This response message should be same as this: <em>Please pass a name on the query string or in the request body.<\/em><\/p>\n<p>Finally, let us update our function to parse information from the payload, and return the output.<\/p>\n<p>To do this, navigate to the <strong>index.js<\/strong> of your function app, then replace the current <em>if&hellip;else<\/em> block in the function body with the following code.<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-javascript\" data-lang=\"javascript\">\n<span style=\"color:#66d9ef\">if<\/span> (<span style=\"color:#a6e22e\">req<\/span>.<span style=\"color:#a6e22e\">body<\/span>.<span style=\"color:#a6e22e\">pages<\/span>[<span style=\"color:#ae81ff\">0<\/span>].<span style=\"color:#a6e22e\">title<\/span>){\n    <span style=\"color:#a6e22e\">context<\/span>.<span style=\"color:#a6e22e\">res<\/span> <span style=\"color:#f92672\">=<\/span> {\n        <span style=\"color:#a6e22e\">body<\/span><span style=\"color:#f92672\">:<\/span> <span style=\"color:#e6db74\">&#34;The current page is &#34;<\/span> <span style=\"color:#f92672\">+<\/span> <span style=\"color:#a6e22e\">req<\/span>.<span style=\"color:#a6e22e\">body<\/span>.<span style=\"color:#a6e22e\">pages<\/span>[<span style=\"color:#ae81ff\">0<\/span>].<span style=\"color:#a6e22e\">title<\/span> <span style=\"color:#f92672\">+<\/span> <span style=\"color:#e6db74\">&#34;, The action taken is &#34;<\/span> <span style=\"color:#f92672\">+<\/span> <span style=\"color:#a6e22e\">req<\/span>.<span style=\"color:#a6e22e\">body<\/span>.<span style=\"color:#a6e22e\">pages<\/span>[<span style=\"color:#ae81ff\">0<\/span>].<span style=\"color:#a6e22e\">action<\/span> <span style=\"color:#f92672\">+<\/span> <span style=\"color:#e6db74\">&#34;, and the event type for the action is &#34;<\/span> <span style=\"color:#f92672\">+<\/span> <span style=\"color:#a6e22e\">req<\/span>.<span style=\"color:#a6e22e\">headers<\/span>[<span style=\"color:#e6db74\">&#39;x-github-event&#39;<\/span>]\n    };\n}\n\n<span style=\"color:#66d9ef\">else<\/span> {\n    <span style=\"color:#a6e22e\">context<\/span>.<span style=\"color:#a6e22e\">res<\/span> <span style=\"color:#f92672\">=<\/span> {\n        <span style=\"color:#a6e22e\">status<\/span><span style=\"color:#f92672\">:<\/span> <span style=\"color:#ae81ff\">400<\/span>,\n        <span style=\"color:#a6e22e\">body<\/span><span style=\"color:#f92672\">:<\/span> (<span style=\"color:#a6e22e\">The<\/span> <span style=\"color:#a6e22e\">payload<\/span> <span style=\"color:#66d9ef\">for<\/span> <span style=\"color:#a6e22e\">the<\/span> <span style=\"color:#a6e22e\">Wiki<\/span> <span style=\"color:#a6e22e\">event<\/span> <span style=\"color:#a6e22e\">is<\/span> <span style=\"color:#a6e22e\">invalid<\/span><span style=\"color:#960050;background-color:#1e0010\">&#34;<\/span>)\n    }\n}\n\n<\/code><\/pre><\/div><p>Hit <strong>Save<\/strong> after this update. We can now run a final test to see everything working.<\/p>\n<p>To do this head over to your GitHub repo settings, then select <strong>Webhooks<\/strong>, select <strong>Edit<\/strong> and navigate to <strong>Recent deliveries<\/strong>, then select the latest delivery by clicking the ellipsis <strong>&hellip;<\/strong>, and select <strong>Redeliver<\/strong>.<\/p>\n<p>At this stage, if you see a pop up asking if you want to redeliver the payload, select <strong>Yes<\/strong>. Now when you select the <strong>Response<\/strong> tab, you should be seeing a response (parsed by the function) similar to the below:<\/p>\n<pre><code>The current page is Home, The action taken is edited, and the event type for the action is gollum\n<\/code><\/pre><h2 id=\"conclusion\"><strong>Conclusion<\/strong><\/h2>\n<p>In this article, I walked you through how to setup an Azure Function app, create and setup a webhook on GitHub, connect this webhook with the created Function app to listen to Wiki update events (<a href=\"https:\/\/developer.github.com\/v3\/activity\/events\/types\/#gollumevent\">Gollum events<\/a>, in this case), and parse data from your payload with your Azure Function app.<\/p>\n<p>With this knowledge, you can now parse any content or information from your webhook payload with your function code.<\/p>\n<p>I do hope you&rsquo;ve enjoyed reading this as much as I did putting it into writing, you can find me on Twitter: <a href=\"https:\/\/twitter.com\/_bashirk\">@_bashirk<\/a>, if you want more contents like this. Cheers!<\/p>\n"},{"title":"A Definitive Introduction to DevOps and the Azure DevOps Suite","link":"https:\/\/kints.netlify.app\/blogs\/a-definitive-introduction-to-devops\/","pubDate":"Sun, 13 Mar 2022 22:37:52 +0000","author":"korede@persent.io (Korede Bashir)","guid":"https:\/\/kints.netlify.app\/blogs\/a-definitive-introduction-to-devops\/","description":"<p>Preface: This article would get you to know exactly what DevOps is, guide you through a real-world application of DevOps, get you in sync with Azure Cloud DevOps practices with a step-by-step guide, and finally walk you through the process of creating an Azure DevOps organization account on the Azure DevOps suite.<\/p>\n<p>The word DevOps means Development Operations, and it is basically the marrying together of people (engineers and management :wink:), products (software projects), and processes (steps required in the creation of software features) to enable the continuous delivery of value to the end users. Which means that DevOps is all about the developments and operations required in getting a software from development stage to a release stage. It&rsquo;s also a model around the development and operations needed to improve the collaboration process between the engineers of a software.<\/p>\n<p>You can read more about my post on DevOps and how to become a Cloud Engineer, <a href=\"https:\/\/iink.netlify.app\/blogs\/the-proven-way-to-become-a-cloud-engineer-in-2022\/\">here<\/a>.<\/p>\n<p>DevOps categorically includes many features and tools to help a team collaborate and streamline its development processes. For instance, say you&rsquo;re a new DevOps Engineer in a software company, you would journey through DevOps by essentially beginning with an introduction to the company&rsquo;s core software team members, who are discovering that they need to improve and streamline their software release processes.<\/p>\n<p>DevOps essentially helps with streamlining release processes which includes the need to have some incremental and frequent changes in software features. So&hellip;<\/p>\n<p>To begin with, this introductory guide is split into four sections that would comprehensively get you to understand the traditional method of software development, the reasons DevOps is essential, and the Azure Cloud DevOps processes required to change this traditional method. As a start&hellip;<\/p>\n<p>\u2022 The first section would be to analyze an example company&rsquo;s current release process and identify problems that arise from this release process.<\/p>\n<p>\u2022 The second section would be to evaluate this example company&rsquo;s release process - with Value Stream Maps (VSMs) - using a specific Key Performance Index (KPI).<\/p>\n<p>\u2022 The third section would be to introduce you to Azure DevOps, take you through how the team could migrate the company&rsquo;s release process entirely to Azure DevOps.<\/p>\n<p>\u2022 Finally, the fourth section would walk you through the process of creating an Azure DevOps organization account on the Azure DevOps suite.<\/p>\n<p>By the end of these four sections, I believe you would have successfully wrapped your head around what DevOps is, the necessity of working with an Azure DevOps process, and would have also created your very first DevOps organization account.<\/p>\n<p>Section 1: Analyze an example company&rsquo;s current release process<\/p>\n<p>In this first section, we would be analyzing a software development company (say, Softbro) that is focused on building software projects for partner companies who outsource their software needs. And, this new company hosts the software applications, websites, and servers - required by these partner companies - in an on premises datacenter.<\/p>\n<p>On one faithful day, a partner company celebrated the release of a product to production, and through word of mouth - this partner company got the Softbro company a partnership deal from a new company. Say, for instance, the name of this new company is Unisoft. And Unisoft has gone on to agreeing a deal with Softbro to build them a web project within a few months.<\/p>\n<p>Softbro then puts together a team to work on this new software project, and this new team is composed of;<\/p>\n<p>A Development Lead who enjoys working on personal coding projects during his leisure period. This Dev Lead is a coding whiz and has been working with binaries and code since he was a kid, he always wishes he had more leisure time. Time has never been enough for this Dev Lead.<\/p>\n<p>An Operations guy who likes practical solutions and is very cautious (this makes perfect sense, as Ops is the first point of contact whenever there is an issue from somewhere).<\/p>\n<p>A Tester who is really good at organizing and setting priorities, and lives to find edge cases (What IFs). This tester is equally calm, which is great - you can not understand the joy of having a gentle tester.<\/p>\n<p>A Product Owner who has been in the software industry for decades. He has a relatively predetermined mindset, but he&rsquo;s always game whenever he gets an update on anything that can help his team get products to market with less efforts, and faster. He has been known to always favour tight schedule over team members, but equally acts friendly towards software development teams.<\/p>\n<p>All these roles are the setup in a basic product development team.<\/p>\n<p>After a month, the rest of the team presented a first preview of the software to the Product Owner, who in turn signed off release to the Unisoft company. Right after this sign off, the Product Owner got word from Unisoft about issues with the released software. He immediately called everyone into a meeting, furiously. Yelled at everyone on the team - for not rightfully meeting specifications. He furiously reads a number of the problems, and angrily shouts - &ldquo;How many weeks would it take you all to fix these issues?!&rdquo;<\/p>\n<p>None of these team members were able to provide a concise response to the question. Yeah, the team is in panic! And the team then gathered around at an open space, after the Product Owner had left, to find a quick fix to this list of problems.<\/p>\n<p>During their discussion, a DevOps engineer overheard the rants - and jumped in. The first question this DevOps engineer asked the Development Lead was, &ldquo;How does a software move from development to production in your company?&rdquo;<\/p>\n<p>The Dev Lead provided a series of responses, and from these responses, the DevOps engineer was able to realize a number of defects in the company&rsquo;s current release process; he realized the company uses a waterfall approach, which is only ideal for a team with minimal goals (and who still does minimal goal-setting, anyway?). A lot of the activities involved in the company&rsquo;s process are manual, and management keeps setting the priorities. Bad!<\/p>\n<p>This DevOps engineer eventually came up with a game-changing plan the following day, which was to religiously assess and evaluate the company&rsquo;s Waterfall process using a Value Stream Maps (VSMs) exercise. And this is exactly what I&rsquo;ll be covering in the next section.<\/p>\n<p>Section 2: Evaluate the company&rsquo;s current release process<\/p>\n<p>In this second section, you will be learning about Value Stream Maps (VSMs) - as discussed - and how to use a VSM to literally understand where a product release process needs improvement. Finally, you will get to understand how this Value Stream Map exercise gives you a good starting point, as a developer, to discuss exactly why DevOps practices should be encouraged - with management LOL.<\/p>\n<p>Practices in DevOps often begin with an understanding of a company&rsquo;s existing processes, which is what we have done in the first Section. By getting to know existing processes, as a DevOps engineer, you can easily come up with a plan to evaluate what&rsquo;s working and what&rsquo;s not, and also prioritize the things to fix first, without getting orders from management (management should be concerned with results, not setting priorities). Duh!<\/p>\n<p>By creating a Value Stream Map, or VSM, we are giving up room to allow an easy visualization of the process of development throughout a value chain, from the moment a software feature is requested until it is delivered to the customer. A Value Stream Map also helps in the analysis of a current release cycle process. The purpose of a VSM, essentially, is to visually show where in a software release process does a team create value and where in this process does the team creates wastes (spending an unnecessary amount of time). The goal of VSM, therefore, is to arrive at a process that delivers maximum value (fulfill requirements) to the customer with minimum wastes (spending less time). A VSM can help pinpoint those areas that either don&rsquo;t contribute any value or that actually reduce the value of a product.<\/p>\n<p>As DevOps engineers, we would be creating a VSM exercise to help us better understand the faults behind the existing process of the analyzed company. Using VSM, we would be checking whether the team is matured enough to typically release faster, with greater confidence, and with fewer bugs by going the DevOps route. Interestingly, we would also be getting a sense of where the team fits into in the DevOps model of software release processes.<\/p>\n<p>You can learn more about VSM, and how to implement VSM for DevOps, here:<\/p>\n<p>After going through the resource in the link posted above, and applying same to the Softbro company&rsquo;s release process discussed in section one of this guide, the VSM in the image below was derived:<\/p>\n<p>This VSM shows each of the components involved in getting the software from commit to deployment. It also indicates the number of days the Softbro team has assigned to each of these components.<\/p>\n<p>Below is an analysis of how the Softbro team has planned out the release cycle of Unisoft&rsquo;s software, using just a single feature of the software, which is exactly how the VSM above was brought to life.<\/p>\n<p>After the requirements of a feature have been specified by Unisoft, the Dev Lead creates a label via a centralized source control system. This Dev Lead then takes his time to confirm that all code for existing features is stable before creating the label. When this label has been created, the rest of the team gets an email confirmation to begin writing code for the new feature. This process of labeling and confirmation takes 3 days and is a waste to customers time, since it isn&rsquo;t a process that adds value to the customer - it&rsquo;s only necessary.<\/p>\n<p>Writing code for the software feature would take about 4 days, for all developers on the team. This time has value to the customer.<\/p>\n<p>Overall, the development process takes 7 days, but just 4 days is what the customer would want to know as the Development Process.<\/p>\n<p>Right after the team has decided unanimously to have a stable build, a spreadsheet is updated to confirm this decision, and also to notify the Tester in the team that there&rsquo;s a build ready for testing. This notification takes 2 days.<\/p>\n<p>After the Tester finishes testing the build, the process has already taken 3 days since testing is done manually. When the testing process is over, the tester mails bug reports back to the Dev Lead.<\/p>\n<p>When the Dev Lead gets feedback from the Tester, he needs to understand the bugs and issues and assign them to the right developers on the team.<\/p>\n<p>This takes another 3 days.<\/p>\n<p>These testing processes do not add value to the customer too, but necessary all the same.<\/p>\n<p>By the time the Tester gets and approves the final build, and transfers this build to the Operations guy for deployment to pre-production servers for more testing before final production, 2 days have already gone. Deployments to pre-production servers don&rsquo;t add value as well, they are also only necessary.<\/p>\n<p>After this build is now finally ready for final release, the Product Owner needs to schedule a meeting with management before signing off the release for the Ops guy to push the feature to production. The Product Owner eventually takes 4 days to have a meeting with management who officially reviews and approves the release.<\/p>\n<p>This Ops guy finally takes 1 day to deploy the feature to production, the feature release gets to the customer the same day. And everyone becomes happy. This final part of all the operations processes only add value to the customer, which takes up 1 day.<\/p>\n<p>From the mappings above, it would be deduced that the number of days that add value value to the customer is just 5 days - the number of days required to write the feature code, 4, plus the number of days it takes Operations to deploy the feature for the customer, 1. This time taken is the Process Time (PT).<\/p>\n<p>We can also deduce that the entire number of days it takes the feature to move through the entire release process, from commit to deployment is 22 days. This time taken is the Total Lead Time (TLT).<\/p>\n<p>It now becomes paramount, to determine the performance of the team through this software feature release process, which brings us to the next step, which is to calculate the Key Performance Indicators(KPIs) in the release process and evaluate the release process - in order to effectively show management the reason the company must switch to DevOps (numbers don&rsquo;t lie, they say).<\/p>\n<p>A notable KPI is the Activity Ratio (AR), which is calculated by dividing the Process Time (PT) by the Total Lead Time (TLT). That is, AR = PT\/TLT.<\/p>\n<p>Where, PT is the time spent on a feature that has value to the customer. While, TLT is the time it takes for a feature to make it to the customer.<\/p>\n<p>As can be observed on our VSM board, our Activity Ratio is 5 days divided by 22 days, that is - 5\/22 = 0.23. This in turn, brings the efficiency (Activity Ratio * 100%) of the current release process to 23%, which isn&rsquo;t up to 1\/4. Poor, right?<\/p>\n<p>Bettering and improving this efficiency is our goal, and we can only do this by drifting to the third section of this introductory guide; which is to&hellip;<\/p>\n<p>Section 3: Change the company&rsquo;s current release process to Azure DevOps<\/p>\n<p>In this third section, I would be introducing you to Azure DevOps and the amazing services that come with the Azure Cloud DevOps suite.<\/p>\n<p>Going back to the company crisis we want to solve from the second section; with the Azure DevOps process, we would be able to minimize time spent that has no real value to the customer. Azure DevOps would really improve efficiency by automating a lot of the steps , and that will definitely cut down on the time. But before going forward&hellip;<\/p>\n<p>What is Azure DevOps?<\/p>\n<p>Azure DevOps is a collection of services from the Azure Cloud that gives organizations and individuals the tools required to carry out development operations (DevOps) practices. DevOps practices that ensure transparency, cooperation, continuous integration and continuous delivery become embedded in a company&rsquo;s software development lifecycle, with the Azure DevOps service offering. Azure DevOps empowers organizations and individuals to build, test, and deploy any software project, be it to the cloud or on premise servers.<\/p>\n<p>Azure DevOps also provides several tools that can be used for an improved team collaboration, and includes tools for automating builds, testing, source control, and package management. You would be learning about these tools before the end of this guide.<\/p>\n<p>In the meantime, here are some of the areas where Azure DevOps would help each of the Softbro team members;<\/p>\n<p>Azure DevOps would help the Tester out by helping her save time through getting her updated, automatically, whenever there is a new build scheduled for testing, as the development team rarely update the Tester on new builds (yeah, that feeling when dev believes a code might be buggy).<\/p>\n<p>Azure DevOps would also help the Development Lead speed up the process of checking in with developers to find out what they&rsquo;ve built in-order to build and schedule code for testing immediately. It would also help him reduce the number of time it takes him to get a build label on the code for a feature.<\/p>\n<p>More importantly, Azure DevOps would help the team across board, without mixing up with nor damaging the team&rsquo;s current process - as a number of the manual steps would be automated and not replaced.<\/p>\n<p>But before the software product team begins to migrate the company&rsquo;s release process entirely to Azure DevOps processes. I would like to share insights into the Azure DevOps practices that the product team would be implementing during the migration process, which are;<\/p>\n<p>\u2022 Agile Planning: This is the practice used to create a backlog of work. With this practice, everyone on the team and in management sees this created backlog, and with this, the team can easily prioritize items. This is so that the team know exactly what they need to work on first. The created backlog can include user stories, bugs, and any other information that can better help the team plan.<\/p>\n<p>\u2022 Continuous Integration (CI): This is the practice used in the integration of code into a shared repository multiple times a day. Continuous Integration is also utilized in automating how a team builds and tests code. Continuous Integration is run every time a team member commits changes to a team&rsquo;s version control.<\/p>\n<p>\u2022 Continuous Delivery (CD): Continuous Delivery is a software development practice where code changes are automatically prepared for a release to production. During Continuous Delivery, a team tests, configures, and deploys from a build to a production environment.<\/p>\n<p>\u2022 Monitoring: Monitoring is the process of getting information about the performance and usage patterns of an application, using telemetry. A team ultimately uses this retrieved information to improve development and iterate the process.<\/p>\n<p>These Azure DevOps practices are essential in taking a project through the DevOps route, and more details around these practices would be discussed as you progress through the article. These DevOps practices also involves metrics (to be discussed later) that help in identifying the real reasons many high performers within a team are able to make valuable contributions - to the team - like integrating new features and improvements to softwares way more faster than the other team members.<\/p>\n<p>These metrics for distinguishing high performers from low performers within a team could be categorized into four parts, these parts are listed below.<\/p>\n<p>\u2022 Lead Time: High performers reduce lead time (from commit to deployment) by working to get features quickly to customers; through automating manual processes and deploying more frequently.<\/p>\n<p>\u2022 Failure Rate: High performing team members reduce feature fail rate. Whenever a new feature is deployed to production, and this feature fails or causes some other features of a product to fail, it definitely increases the chance of missed opportunities between a company and its customers. High performers ensure there is a reduction in the feature fail rate.<\/p>\n<p>\u2022 Deployment Rate: High performing team members help in increasing the deployment rate for product features. It is a fact, that, some high performing teams of high performers deploy up to dozens of times per day.<\/p>\n<p>\u2022 Crisis Recovery: High performers help teams recover more faster when crisis occur or situations occur. This is due to the fact that these high performers recover more quickly themselves while also deploying more frequently. This is a &ldquo;Move Fast, Break Things, and Fix Things Faster&rdquo; mantra.<\/p>\n<p>These amazing metrics of high performers are due to their non-stop utilization of DevOps practices during planning and development which include monitoring, continuous testing, database management, and security integration.<\/p>\n<p>So to transform a team of low performers to a team of high performers, team members would need to imbibe these metrics of DevOps characteristics as traits. Meaning, DevOps is the reason many high performers are able to tick off these metrics. And as an addition, DevOps practices help teams and companies better experiment multiple avenues to increase customer satisfaction, which essentially leads to higher profitability and market share often times.<\/p>\n<p>As a recap, Azure DevOps would help the Softbro team to excellently implement all the metrics that have just been discussed. Azure DevOps, as a suite of DevOps services, helps provide solutions for any organization or individual who wants an enterprise-grade service. By working with Azure DevOps, you get five (5) amazing services - which are the 5 main pillars of Azure DevOps. These services are discussed below, in no direct order:<\/p>\n<p>\u2022 Azure Boards: Azure Boards is an agile (like VSM) tool that can help organizations and individuals plan, track, and discuss workflows, even with other teams or companies.<\/p>\n<p>\u2022 Azure Pipelines: Azure Pipelines lets teams and individuals continuously build, test, and deploy with CI\/CD that works with any language, platform, and cloud.<\/p>\n<p>\u2022 Azure Test Plans: Azure Test Plans are literally explanatory testing tools.<\/p>\n<p>\u2022 Azure Repos: Azure Repos provide unlimited private and public Git repos hosted on the Azure Cloud.<\/p>\n<p>\u2022 Azure Artifacts: Azure Artifacts enables teams and individuals to create, host, and share software packages.<\/p>\n<p>Finally, the Softbro team can now successfully migrate the company&rsquo;s release process entirely to Azure DevOps processes, after understanding the practices and processes involved in the Azure Cloud DevOps - as well as its underlying services. The team could ultimately use the Azure Boards service to start out with Agile planning (like an VSM) on the to-be-delivered Unisoft project. The Azure Boards service would be comprehensively discussed in another article<\/p>\n<p>But as discussed, I&rsquo;ll be walking you through how to create an Azure DevOps organization, which brings us to the last section of the guide.<\/p>\n<p>Section four: Creating a DevOps organization on the Azure Cloud<\/p>\n<p>We will be using the Azure DevOps suite that houses the services discussed in the third section, to create an Azure DevOps organization account which Microsoft would be hosting for you. If in any case, you do not need Microsoft to host your organization account, you can decide to go the Azure DevOps Server route, which is an on premises version of Azure DevOps services that can be installed and run on a personal network.<\/p>\n<p>In addition, Microsoft only provides free Azure DevOps accounts for individuals, small teams, and open-source organizations. Enterprises can sign up for Azure DevOps accounts which can be scaled to thousands of team members. A free Azure DevOps organization account is what we would be signing up for in this guide.<\/p>\n<p>Getting Started<\/p>\n<p>\u2022 Create an Azure DevOps organization account<\/p>\n<p>In-order to create an Azure DevOps organization account, visit dev.azure.com, to get started.<\/p>\n<p>While on this page, click the Start free button, and sign in by using your Microsoft account - if you don&rsquo;t have a Microsoft account, select Create One to get your free Microsoft account.<\/p>\n<p>Next, agree with the terms of service by clicking on Continue. You will be automatically assigned to be the owner of this organization account, as you&rsquo;re the person creating the Azure DevOps organization, you can invite and add members to roles on the organization account later. When this has been setup, it&rsquo;s time to&hellip;<\/p>\n<p>\u2022 Create an organization<\/p>\n<p>Now, we would be setting up an organization within the newly created account. To do this, click on the Create new organization button. If there&rsquo;s an organization within your account already, click on the New organization option, and hit Continue.<\/p>\n<p>Select, and fill, in a unique name - if your chosen name says &lsquo;has already been taken&rsquo; you can include numbers to increase the uniqueness. This doesn&rsquo;t affect your the quality of your projects. For example, Unisoft1234.<\/p>\n<p>Next, choose a location that is close to you as this is where your projects would be hosted. Click Continue. And that&rsquo;s it! You have just created an Azure DevOps organization account. Aannddd&hellip;<\/p>\n<p>It&rsquo;s A Wrap!<\/p>\n<p>In this comprehensive guide, I walked you through what DevOps is, guided you through a real-world application of DevOps, got you in sync with Azure Cloud DevOps practices with a step-by-step guide, and finally walked you through the process of creating an Azure DevOps organization account on the Azure Cloud - which is quite simple.<\/p>\n<p>You also learnt to evaluate high performing team members in comparison to low performing team members with some metrics like Key Performance Indicators (KPIs), by getting to know that high performers help get features to production with few failures, more faster. Thus, DevOps provides team members with a direct path to becoming high performers.<\/p>\n<p>These metrics encourage teams to have goals that are measurable and specific. To ensure that these targets are being met and goals achieved, it&rsquo;s a necessity for teams to agree on metrics and Key Performance Indicators (KPIs) that achieve a positive return on investment and focus on specific business outcomes. Below is a list of commonly used metrics and Key Performance Indicators, not discussed early, but that apply to DevOps teams:<\/p>\n<p>\u2022 Unplanned Work Percentage (UWP): This metric helps in the identification of the percentage of work being performed that is unplanned.<\/p>\n<p>\u2022 Failed Builds Percentage (FBP): This metric helps in the identification of the percentage of builds that are failing.<\/p>\n<p>\u2022 Failed Deployments Percentage (FDP): This metric helps in the identification of the overall percentage of deployments are failing.<\/p>\n<p>\u2022 Ticket Volume (TV): This metric helps in the identification of the overall volume of customer issue tickets.<\/p>\n<p>\u2022 Bug Bounce Percentage (BBP): This metric helps in the identification of the overall percentage of customer bug tickets that are being reopened.<\/p>\n<p>\u2022 SLA Achievement (SA): This metric helps in ascertaining whether a team is meeting drafted service level agreements (SLAs).<\/p>\n<p>In conclusion, you learnt about DevOps practices, which takes time to be fully adopted by teams coming from a traditional background. As traditionally, the faster software is delivered, the lower the quality, and slower software projects are engineered, the higher the quality of the engineered software. Hence, it used to be a common belief that higher-quality softwares always take longer.<\/p>\n<p>DevOps practices are changing this narrative, as one of the promises of DevOps is to deliver software faster and with higher quality. These DevOps processes help teams find problems and bugs earlier, which means that they would take less time to fix these issues.<\/p>\n"},{"title":"Azure Front Door: An Overview","link":"https:\/\/kints.netlify.app\/blogs\/build-an-ssr-react-app-with-next-js\/","pubDate":"Tue, 22 Feb 2022 20:37:52 +0000","author":"korede@persent.io (Korede Bashir)","guid":"https:\/\/kints.netlify.app\/blogs\/build-an-ssr-react-app-with-next-js\/","description":"<p>This is a gentle brief of the <strong>Azure Front Door<\/strong> service offering from Microsoft Azure. Azure Front Door, as the appellation implies, serves as a tunnel that routes connection to your backend networks <em>scalably<\/em>. The service isn&rsquo;t really for everyone, as it&rsquo;s mostly useful for large enterprise applications that handle a huge influx of incoming connection requests to their backend resources, where the performance of these resources is equally paramount.<\/p>\n<p><em><strong>Azure Front Door<\/strong><\/em> is a member of the load balancing family; but shouldn&rsquo;t be mistaken with the <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/load-balancer\/load-balancer-overview\">Azure Load Balancer service<\/a>; <em><strong>Front Door<\/strong><\/em> and <em><strong>Load Balancer<\/strong><\/em> both help ensure network performance for the <a href=\"https:\/\/portal.azure.com\">Azure<\/a> cloud offering. The <em>load balancing family<\/em> includes a number of other services like; <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/cdn\">Azure Content Delivery Network<\/a>, <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/traffic-manager\/traffic-manager-overview\">Azure Traffic Manager<\/a>, <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/application-gateway\/overview\">Azure Application Gateway<\/a>, and some other third party services like Citrix, Cloudflare, F5, Kemp etc. All of these ensure your software applications run <em>efficiently<\/em> even when there&rsquo;s a huge influx of requests to your application, as long as the incoming requests are distributed evenly. Similarly to <em>Azure Traffic Manager<\/em>, Azure Front Door is resilient to failures, including failures to an Azure region.<\/p>\n<p><em>Interestingly<\/em>, Azure Front Door was initially released in 2013 in a bid to ensure that Microsoft service offerings like Office 365 are enhanced in performance, before being rolled out to the general public in 2018. Front Door does not just help with load balancing, it also ensures the high availability of your application. You can tunnel multiple websites through Azure Front Door.<\/p>\n<p>With Front Door, you are assured of a wide range of traffic-routing methods through the <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/networking\/microsoft-global-network\">Microsoft Global Network<\/a> that spans across over <strong>50<\/strong> Azure regions, <em>Azure Front Door<\/em> uses a <a href=\"https:\/\/www.cloudflare.com\/learning\/ddos\/what-is-layer-7\/\">Layer 7<\/a> (HTTP\/HTTPS layer) content switching technology by implementing an AnyCast protocol with <em>split TCP<\/em>. Ensuring successful directs of requests at the application layer.<\/p>\n<p><img src=\"https:\/\/dev-to-uploads.s3.amazonaws.com\/i\/evm6hpjsyklx8b3cswwb.png\" alt=\"Alt Text\"><\/p>\n<p>Azure Front Door always facilitates the routing of client requests to the most available resource. Front Door offers an array of <em>request-routing<\/em> methods and resource health monitoring options in order to satisfy the various application needs as well as cases of automatic failovers.<\/p>\n<p>The Front Door service enables you to define, manage, and monitor the global routing for your web traffic by enhancing resource <em>performance<\/em> and <em>reliability<\/em> through a quick global failover process.<\/p>\n<p>The routing of requests with Azure Front Door works in a way that the servers do not replicate the same content, but the servers effectively \u201cpass the baton\u201d amongst themselves, this allows for the increment in performance. To put that into context, say, there are four servers serving contents from an application; by using Azure Front Door, <em><strong>Server 1<\/strong><\/em> could be in charge of supplying images and graphic contents, <em><strong>Server 2<\/strong><\/em> could be in charge of delivering static contents to the site visitors using scripting and contents like CSS and HTML, while <em><strong>Server 3<\/strong><\/em> could be the one allowing a user to buy specific items on the site, and <em><strong>Server 4<\/strong><\/em> could be delivering the contents related to payment processing.<\/p>\n<p><img src=\"https:\/\/dev-to-uploads.s3.amazonaws.com\/i\/jujvvvi1jzfwlt9ljms6.png\" alt=\"Alt Text\"><\/p>\n<blockquote>\n<blockquote>\n<p>As you have probably noticed, Front Door allows for much more complex systems of application and content delivery based on real resource usage.<\/p>\n<\/blockquote>\n<\/blockquote>\n<p>For details around the pricing and cost calculation of the <em>Azure Front Door<\/em> service, you can peep that <a href=\"https:\/\/azure.microsoft.com\/pricing\/details\/frontdoor\/\">here<\/a>.<\/p>\n"},{"title":"The Proven Way to Become a Cloud Engineer in 2022!","link":"https:\/\/kints.netlify.app\/blogs\/the-proven-way-to-become-a-cloud-engineer-in-2022\/","pubDate":"Tue, 22 Feb 2022 20:37:52 +0000","author":"korede@persent.io (Korede Bashir)","guid":"https:\/\/kints.netlify.app\/blogs\/the-proven-way-to-become-a-cloud-engineer-in-2022\/","description":"<p><img src=\"https:\/\/github.com\/bashirk\/azure_webapp_node\/raw\/assets\/azure-training.png\" alt=\"Azure DevOPs\"><\/p>\n<p>Yeah right! It&rsquo;s 2022, and the first month of the new year (and the year 2022) is running to an end already. <em>&ldquo;Why not dive right into cloud computing?&quot;<\/em> - Yes, I know what you&rsquo;ve been thinking :wink:<\/p>\n<p>As it stands, cloud computing is the <a href=\"https:\/\/thenextweb.com\/hardfork\/2020\/01\/13\/blockchain-linkedin-solidity-ethereum-cryptocurrency-jobs-recruitment\/\">hottest skill to have, right after blockchain, and obviously was in the last decade<\/a> - and that shouldn&rsquo;t change this decade. At the very crux of cloud computing is DevOps (more details on this later). Since cloud is the new crazy, why not learn cloud computing <strong>the right way<\/strong> this year?<\/p>\n<p>And Microsoft Azure is arguably your best bet, if you&rsquo;re looking to give cloud computing a shot. In this article, I would be sharing great insights on how you can get started with Azure and become an Azure Cloud Engineer this year, 2022. But before going forward&hellip;<\/p>\n<h2 id=\"what-exactly-do-i-mean-by-devops\">What exactly do I mean by DevOps?<\/h2>\n<p>The word <strong>DevOps<\/strong> basically means <em><strong>Development Operations<\/strong><\/em>, and it&rsquo;s all about the developments and operations required in getting a software from development stage to a release stage. It&rsquo;s also a model around the development and operations needed to improve the collaboration process between the engineers of a software.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/azure_webapp_node\/raw\/assets\/devops.png\" alt=\"DevOps explained\"><\/p>\n<p>DevOps essentially helps during the need to have some incremental and frequent changes in software features. A DevOps Engineer could now be said to be that person who works with software developers\/engineers to facilitate the proper construction, testing, and release of each feature of a software by streamlining and automating the deployment and infrastructure management processes. Hope that wasn&rsquo;t too hard to grab, biko? :grinning:<\/p>\n<p>To get started as a Cloud or DevOps Engineer, you definitely need an Arsenal (not the s**thole football club LOL) which includes weapons. A first and notable weapon that should be ever-present in your arsenal is a cloud subscription, come in the Azure Cloud credits.<\/p>\n<h2 id=\"get-your-free-azure-credits\">Get Your free Azure credits<\/h2>\n<p>As stated above, the very first thing to have in your arsenal, as an Azure Cloud Engineer, is an Azure subscription with credits which you could get for free by signing up <a href=\"https:\/\/azure.microsoft.com\/en-us\/free\/students\/\">here<\/a> for students, and <a href=\"https:\/\/azure.microsoft.com\/en-us\/offers\/ms-azr-0044p\/\">here<\/a> for non-students. The Azure subscription includes a wide range of free services which can be used in any configurations as you deem fit. After getting your free Azure credits, the very next thing is to get ready to enrich your arsenal - by&hellip;<\/p>\n<h2 id=\"starting-with-the-fundamentals\">Starting with the fundamentals<\/h2>\n<p>No better way to get started with learning Azure, and the Azure stack, than starting with the very fundamentals of Azure. The Azure Fundamentals learning path on <a href=\"https:\/\/docs.microsoft.com\/en-us\/learn\/paths\/azure-fundamentals\/\">Microsoft Learn<\/a> contains well-prepared modules that would guide you from what an Azure subscription is, to how to get started with provisioning and managing your first virtual machine.<\/p>\n<p>You can get started with Azure Fundamentals, <a href=\"https:\/\/docs.microsoft.com\/en-us\/learn\/paths\/azure-fundamentals\/\">here<\/a>. After you&rsquo;ve gotten your head wrapped around these fundamentals, it&rsquo;s high time to&hellip;<\/p>\n<h2 id=\"become-a-microsoft-learn-fanboyfangirl\">Become a Microsoft Learn fanboy\/fangirl<\/h2>\n<p><img src=\"https:\/\/github.com\/bashirk\/azure_webapp_node\/raw\/assets\/mslearn.jpeg\" alt=\"MS Learn\"><\/p>\n<p><a href=\"https:\/\/docs.microsoft.com\/en-us\/learn\/\">Microsoft Learn<\/a> is an online education platform announced at Microsoft Ignite 2018. Microsoft Learn provides free learning resources on various Microsoft technologies, including Azure. The platform provides hands-on learning opportunity so that learners like you could develop skills through practical and interactive labs available on the platform. As you have observed, the Microsoft Learn platform houses the Azure Fundamentals you&rsquo;re advised to pass through as a beginner Cloud Engineer (don&rsquo;t fret, most expert Cloud Engineers started with this same learning path on Microsoft Learn).<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/azure_webapp_node\/raw\/assets\/mslearn.png\" alt=\"MS Learn\"><\/p>\n<p>Microsoft Learn is absolutely free, contains in-browser access to Microsoft tools, and also includes multiple learning paths on amazing Microsoft technologies - not excluding Azure. In addition to MS Learn, the amazing people at Microsoft have provided insightful documentations on each and every Microsoft technologies available to the public, but it&rsquo;s not enough to just consume the documentations, as you must&hellip;<\/p>\n<h2 id=\"read-and-be-better-than-the-docs\">Read, and BE BETTER than, the docs<\/h2>\n<p>As stated in the previous module, Microsoft provides amazing contents on all technologies released by the company, which doesn&rsquo;t exclude Azure. Microsoft Azure is a platform for multiple cloud services from Microsoft, and I&rsquo;ll be listing a number of those services below - including links to their respective documentations:<\/p>\n<ul>\n<li>\n<p><a href=\"https:\/\/docs.microsoft.com\/azure\/guides\/developer\/azure-developer-guide\">Getting Started Guide for Azure Developers<\/a>: This doc is a guide that helps developers get started faster with Azure and its underlying tools.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/docs.microsoft.com\/samples\/browse\/?products=azure\">Code Samples<\/a>: This doc provides seamless samples to developer tools and technologies offering from Microsoft. You can explore the various code samples and get started with building stuffs on Azure in real time.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/azure.microsoft.com\/resources\/templates\">Azure Quickstart Templates<\/a>: With this resource, you would get access to community contributed templates that empowers you to get more done in no time.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/azure.microsoft.com\/migration\/migration-journey\">Azure Migration Center<\/a>: With this resource, you get all the tools and resources that are required to migrate apps, data, and infrastructure at your own pace.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/docs.microsoft.com\/azure\/architecture\">Azure Architecture Center<\/a>: This doc contains guidance for building end-to-end solutions on Microsoft Azure, which contains the Azure Architecture Center best practices, design patterns, scenario guides, and reference implementations.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/docs.microsoft.com\/azure\/architecture\/framework\">Azure Architecture Framework<\/a>: The Azure Architecture Framework helps you to build on the pillars that ensure a successful cloud solution which is built on these five pillars of architecture excellence: Cost, DevOps, Resiliency, Scalability, and Security.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/docs.microsoft.com\/azure\/architecture\/guide\">Application Architecture Guide<\/a>: This doc details the Azure Application Architecture Guide which presents a structured approach for designing applications on Azure that are scalable, resilient, and highly available. It is based on proven practices that we have learnt from customer engagements.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/docs.microsoft.com\/azure\/architecture\/patterns\">Azure Cloud Design Patterns<\/a>: This doc details the Azure Cloud Design Patterns which are useful for building reliable, scalable, secure applications in the cloud. Each pattern describes the problem that the pattern addresses, considerations for applying the pattern, and an example based on Microsoft Azure. Most of the patterns include code samples or snippets that show how to implement the pattern on Azure.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/docs.microsoft.com\/azure\/architecture\/aws-professional\">Azure for AWS Professionals<\/a>: This content helps if you&rsquo;re coming from an Amazon Web Services (AWS) background - a different cloud platform. It helps AWS professionals understand the basics of Microsoft Azure accounts, platform, and services. It also covers key similarities and differences between the AWS and Azure platforms.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/azure.microsoft.com\/overview\/azure-hybrid\">Azure Hybrid<\/a>: This resource is for learning about the Azure Hybrid Cloud with features and services like Azure Stack, Azure Arc, and many more.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/azure.microsoft.com\/en-in\/services\/azure-sentinel\/\">Azure Sentinel<\/a>: This resource provides insights into the Azure Sentinel service which is an organization&rsquo;s birds-eye view across the enterprise. Azure Sentinel allows enterprises to put the cloud, and large-scale intelligence from decades of Microsoft security experience, to work.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/azure.microsoft.com\/overview\/security\">Azure Security<\/a>: This resource provides insights into learning about security on Azure.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/azure.microsoft.com\/en-us\/overview\/trusted-cloud\/compliance\">Azure Compliance<\/a>: This resource provides an overview of compliance in Microsoft Azure, which includes more than 90 compliance offerings.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/azure.microsoft.com\/en-us\/overview\/trusted-cloud\/privacy\">Azure Privacy<\/a>: This resource provides insights into learning about data privacy and protection in Azure.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/azure.microsoft.com\/pricing\">Azure Pricing<\/a>: This resource includes insights into how Azure pricing works.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/azure.microsoft.com\/support\/plans\">Azure Support Plans<\/a>: This resource helps in exploring the range of Azure support options and helps in determining the plan that best fits your Azure activities.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/docs.microsoft.com\/azure\/cloud-adoption-framework\/decision-guides\">Architectural Decision Guides<\/a>: This resource is the guide which helps in the Cloud Adoption Framework, which includes describing patterns and models that help when creating cloud governance design guidance.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/cloud-adoption-framework\/index\">Cloud Adoption Framework<\/a>:  This documentation provides useful insights into the Cloud Adoption Framework offering from Microsoft, which is the One Microsoft approach to cloud adoption in Azure - consolidating, and sharing best practices from Microsoft employees, partners, and customers. The framework gives customers a set of tools, guidance, and narratives that help shape technology, business, and people strategies for driving desired business outcomes during their adoption effort.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/docs.microsoft.com\/azure\/cloud-adoption-framework\/operating-model\">Cloud Operating model<\/a>: This documentation helps during the establishment of an operating model for the cloud.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/azure.microsoft.com\/pricing\/tco\/calculator\">TCO Calculator<\/a>: This resource helps in the estimation of the cost savings you can realize by migrating your workloads to Azure.<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"get-microsoft-azure-certified\">Get Microsoft Azure Certified<\/h2>\n<p><img src=\"https:\/\/github.com\/bashirk\/azure_webapp_node\/raw\/assets\/azurecert.png\" alt=\"Azure Cert\"><\/p>\n<p>Aside the badges and trophies you would earn while learning about Azure on Microsoft Learn, another great way to verify and validate your newly-earned skills is by taking Microsoft certification exams on Azure. By taking the Azure exams, you are definitely helping yourself to finding the right structure to a rewarding career path. The Microsoft Azure Certifications page can be found here, and each certification costs $80. Now, there is a free way to bypass this payment (tell no one I told you). This hack would be revealed to you soon enough, keep reading - and don&rsquo;t tell me you&rsquo;re tired :roll_eyes:<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/azure_webapp_node\/raw\/assets\/microsoftcert.png\" alt=\"Azure Certified\"><\/p>\n<h2 id=\"join-the-azure-cloud-bandwagon\">Join the Azure Cloud bandwagon<\/h2>\n<p>In order to excel in a chosen field, it is pertinent to study the traits of the present people in that field and get mentorship when necessary. A good way to get mentorship, and study the real traits of real people, is by joining a local community of real people. There are various communities around the Microsoft Azure cloud platform, a simple internet search would simply help in this case. But if you&rsquo;re hesitant to spend 10 seconds of your time searching the internet, below is a list of some online and offline communities that you could join:<\/p>\n<blockquote>\n<p>You&rsquo;ve already spent your 10 seconds scrolling down :stuck_out_tongue_winking_eye:<\/p>\n<\/blockquote>\n<ul>\n<li>\n<p><a href=\"https:\/\/www.microsoft.com\/en-us\/ignite-the-tour\/\">Microsoft Ignite: The Tour<\/a>: Now talking about the hack I mentioned (the free way to take an Azure certification), Microsoft Ignite: The Tour which brings the very best of Microsoft <a href=\"https:\/\/www.microsoft.com\/en-us\/ignite\">Ignite<\/a> to a city near you, provides technical training led by Microsoft experts and your community. You\u2019ll learn new ways to build solutions, migrate and manage infrastructure, and connect with local industry leaders and peers. All attendees at both Ignite and Ignite: The Tour will be given a free certification exam, subject to certain exceptions, to help you continue skilling up and prove your technical expertise to employers and peers. More details <a href=\"https:\/\/docs.microsoft.com\/en-us\/learn\/certifications\/microsoft-ignite-free-certification-exam-offer\">here<\/a>.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/techcommunity.microsoft.com\/t5\/azure\/ct-p\/Azure\">The Azure Online Community<\/a>: This is definitely your goto community for best practices and the latest news on Azure.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/dev.to\/azure\">The Azure DEV Community<\/a>: This is a curated content on how-to posts from the Azure Developer Advocates on the DEV Community platform.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/www.meetup.com\/pro\/azuretechcommunities\">Local Azure Tech Communities<\/a>: This is a curated lists of offline Azure communities present on Meetup. You can find a local Azure meetup happening around a city, by searching the name of such city.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/global.azurebootcamp.net\/\">Global Azure Bootcamp<\/a>: This is a worldwide and a 100 percent community-driven event organized by MVPs, regional directors, and user group leaders around the world who work in collaboration to deliver the largest one-day, global Azure event.<\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/channel9.msdn.com\/Shows\/Azure-Friday\/\">Azure Friday<\/a>: Join Scott Hanselman every Friday as he engages one-on-one with the engineers who build the services that power Microsoft Azure as they demo capabilities, answer Scott&rsquo;s questions, and share their insights.<\/p>\n<\/li>\n<\/ul>\n<p>&hellip;this isn&rsquo;t all, and these lists (documentations and communities) would definitely be updated - as I lay my hands on more information.<\/p>\n<h2 id=\"tldr\">TL;DR?<\/h2>\n<p>Here&rsquo;s a bullet list of all things covered in this article;<\/p>\n<p>\u2022 Get Your free Azure credits<\/p>\n<p>\u2022 Start with the fundamentals on Microsoft Learn<\/p>\n<p>\u2022 Become a Microsoft Learn fanboy\/fangirl<\/p>\n<p>\u2022 Read the Azure docs<\/p>\n<p>\u2022 Get Microsoft Azure Certified<\/p>\n<p>\u2022 Join an Azure Cloud Community<\/p>\n<p>This blog post is basically put together to give you a broader insight into the Azure cloud platform, and how you can dive more quickly into being a Cloud Engineer this year 2022 - if this is on your bucket list.<\/p>\n<p>If you had a swell time reading this, check out my article on Azure Quantum - and it&rsquo;s underlying resource offerings , <a href=\"https:\/\/dev.to\/bashirk\/azure-quantum-here-s-a-gentle-dive-2dcf\">here<\/a>. Do also feel free to shout me out around any broken links or any resources I could have added to the contents in this article. Cheers!<\/p>\n"},{"title":"FIXED: Azure - Resource provider not registered for the subscription","link":"https:\/\/kints.netlify.app\/blogs\/fixed-azure-resource-provider-not-registered-for-the-subscription\/","pubDate":"Wed, 25 Aug 2021 20:37:52 +0000","author":"korede@persent.io (Korede Bashir)","guid":"https:\/\/kints.netlify.app\/blogs\/fixed-azure-resource-provider-not-registered-for-the-subscription\/","description":"<h2 id=\"the-problem\">The Problem<\/h2>\n<p>If you have been following any tutorial around creating bots on Azure, and you hit the weird roadblock that tells you;<\/p>\n<pre><code>Resource provider Microsoft.BotService not registered for the subscription\n<\/code><\/pre><p><img src=\"https:\/\/github.com\/bashirk\/azure_webapp_node\/raw\/assets\/Screenshot%202020-08-19%20at%2011.57.24%20AM.png\" alt=\"&lsquo;Resource Provider error&rsquo;\"><\/p>\n<p>Fret not, &lsquo;cause you have just stumbled on the fix!<\/p>\n<h2 id=\"the-solution\">The Solution<\/h2>\n<p>Now, let us walk through the fix together.<\/p>\n<p>First off, head over to <em>Subscriptions<\/em> (you can search for this from the Azure <a href=\"https:\/\/portal.azure.com\">portal<\/a>), then you should select the specific <em>Subscription<\/em> that shows you that error.<\/p>\n<p>Now that you&rsquo;re inside that subscription, search for <strong>Resource Providers<\/strong>. There would definitely be a lot of providers here, so just do a <strong>filter by name<\/strong> for <em><strong>Bot<\/strong><\/em>, now should see the sneaky cause of the bug;<\/p>\n<p><img src=\"https:\/\/dev-to-uploads.s3.amazonaws.com\/i\/r2zalil5ras1kvg6hhh3.png\" alt=\"&lsquo;Microsoft.Bot&rsquo;\"><\/p>\n<p>In my case, the Microsoft.BotService Request Provider already indicates <em>Registered<\/em> - and yes, I still see the bug. If it shows <em>Unregistered<\/em>, you do have to register the provider by clicking the <em>Register<\/em> button above the Request Provider. And if it already has a <strong>Registered<\/strong> green tick (like mine), what we both want to do here is unregister the provider, then register it again. That should work. Simple, innit?<\/p>\n<h2 id=\"the-conclusion\">The Conclusion<\/h2>\n<p>And there you have your fix to the <em>Resource provider not registered bug<\/em>. This fix is the way to hard-refresh Request Providers in Azure, works for all Request Providers - not just the Microsoft Bot Service.<\/p>\n"},{"title":"What is serverless? A Gentle Introduction to Azure Functions (Part 3)","link":"https:\/\/kints.netlify.app\/blogs\/what-is-serverless-a-gentle-introduction-to-azure-functions-part-3\/","pubDate":"Thu, 11 Mar 2021 20:37:52 +0000","author":"korede@persent.io (Korede Bashir)","guid":"https:\/\/kints.netlify.app\/blogs\/what-is-serverless-a-gentle-introduction-to-azure-functions-part-3\/","description":"<p><img src=\"https:\/\/github.com\/bashirk\/azure_webapp_node\/raw\/assets\/azurefunc.png\" alt=\"Azure Functions\">\n<em>Source: Daily Host News' blog<\/em><\/p>\n<p>This is the third part of my series on an introduction to serverless computing and Azure Functions. In this part, I would be walking you through how to create and setup a webhook on GitHub, connect this webhook with our newly created API (we would be making changes to the function code) to listen to Wiki update events (<a href=\"https:\/\/developer.github.com\/v3\/activity\/events\/types\/#gollumevent\">Gollum events<\/a>, in this case).<\/p>\n<p>In the <a href=\"https:\/\/dev.to\/bashirk\/what-is-serverless-a-gentle-introduction-to-azure-functions-part-2-3b3j\">previous part<\/a>, I covered the downsides of serverless computing and Azure Functions - I walked you through deploying a function code in the cloud using Azure Functions.<\/p>\n<p>It is worthy to note that, webhooks offer a lightweight mechanism for apps to be notified by another service when something of interest happens via an HTTP endpoint. A webhook can be used to trigger an Azure function, and then analyze the message, to determine what exactly has happened and how best to respond.<\/p>\n<p>In order to follow along with this guide, you&rsquo;d need to have a checklist of these below.<\/p>\n<h3 id=\"requirements\"><strong>Requirements<\/strong><\/h3>\n<p>\u2022 Basic knowledge of Azure Functions, which is covered in the <a href=\"https:\/\/dev.to\/bashirk\/what-is-serverless-a-gentle-introduction-to-azure-functions-4hah\">first part<\/a> of this article\n\u2022 Basic knowledge of JavaScript\n\u2022 An Azure Subscription,  <a href=\"https:\/\/aka.ms\/azure4students\">here<\/a>\n\u2022 A <a href=\"https:\/\/github.com\">GitHub<\/a> account<\/p>\n<p>After you&rsquo;ve gotten set up with the requirements stated above, sign in to your <a href=\"https:\/\/github.com\">GitHub<\/a> account.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%206.50.00%20PM.png\" alt=\"Create a repo\">\n<em>Create a new repository<\/em><\/p>\n<p>Create a new public repository by clicking the <strong>New<\/strong> button and provide a meaningful name, something like <em>AzureWebhookTest<\/em>.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%206.51.00%20PM.png\" alt=\"Create a Wiki\">\n<em>Wiki creation page<\/em><\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%206.51.26%20PM.png\" alt=\"Create a Wiki\">\n<em>Add basic texts, and save<\/em><\/p>\n<p>Next, select the <strong>Wiki<\/strong> and <em>Create the first page<\/em>, add some basic texts before clicking <strong>Save page<\/strong>.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%206.52.54%20PM.png\" alt=\"Create a Webhook\">\n<em>Add a webhook<\/em><\/p>\n<p>Next up, set up a webhook by going back to the <strong>Settings<\/strong> tab, select <strong>Webhooks<\/strong> then <strong>Add a webhook<\/strong>. You&rsquo;d need to set a payload to the URL for your function, similar to this below:<\/p>\n<p>https:\/\/<your-functionapp-name>.azurewebsites.net\/api\/HttpTrigger1?code=<your-authentication-key><\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%206.54.42%20PM.png\" alt=\"Set a configuration\">\n<em>Webhook configurations<\/em><\/p>\n<p>There&rsquo;s a section that says; <em>Which events would you like to trigger this webhook?<\/em> do select the option labeled <strong>Let me select individual events<\/strong>. Do also change Content type to <em>application\/json<\/em><\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%206.55.35%20PM.png\" alt=\"Set a configuration\">\n<em>More webhook configurations<\/em><\/p>\n<p>Be certain to select the Wiki checkbox. No other check boxes should be selected. Also at the bottom of the Webhooks page, ensure <em>Active<\/em> is checked and select <em>Add webhook<\/em>.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%206.58.36%20PM.png\" alt=\"Verify Webhook\"><\/p>\n<p>You can now verify that everything is going according to plan, when the <em>Webhooks<\/em> page is displayed.<\/p>\n<blockquote>\n<p>Webhooks are basically HTTP callbacks that are triggered by specific events, and are always defined by users. An HTTP request is made to the URL configured for the webhook, by the source site, when an event occurs.<\/p>\n<\/blockquote>\n<blockquote>\n<p>Setting up a webhook is a two-way process. a) You can specify how you want your webhook to behave through GitHub and what events it should listen to. b) You can also set up your function in Azure Functions to receive and manage the payload received from the webhook.<\/p>\n<\/blockquote>\n<h2 id=\"testing-the-project\"><strong>Testing the Project<\/strong><\/h2>\n<p>To test out the newly created Webhooks project, go back to the Wiki tab from your repository, select the created page, edit and input some texts - say, <em>Hello World<\/em>.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%207.03.24%20PM.png\" alt=\"Test Webhook\"><\/p>\n<p>Click the <em>Save Page<\/em> button to save this edit. Now to add a payload to the URL for your function app&rsquo;s function, goto <em>Settings<\/em>, and select <em>Edit<\/em>. Then scroll down to the\u00a0<em>Recent Deliveries<\/em>\u00a0section.<\/p>\n<p>Select the latest delivery entry by clicking on the options <em>&hellip;<\/em> button. After expansion, you should see the\u00a0Header\u00a0information, which includes the\u00a0Event Type, similar to this below:<\/p>\n<div class=\"highlight\"><pre style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4\"><code class=\"language-json\" data-lang=\"json\">\n<span style=\"color:#960050;background-color:#1e0010\">Request<\/span> <span style=\"color:#960050;background-color:#1e0010\">URL:<\/span> <span style=\"color:#960050;background-color:#1e0010\">https:\/\/introfunc.azurewebsites.net\/api\/HttpTrigger<\/span><span style=\"color:#ae81ff\">1<\/span><span style=\"color:#960050;background-color:#1e0010\">?code=aUjXIpqdJ<\/span><span style=\"color:#ae81ff\">0<\/span><span style=\"color:#960050;background-color:#1e0010\">ZHPQuB<\/span><span style=\"color:#ae81ff\">0<\/span><span style=\"color:#960050;background-color:#1e0010\">SzFegxGJu<\/span><span style=\"color:#ae81ff\">0<\/span><span style=\"color:#960050;background-color:#1e0010\">nAXmsQBnmkCpJ<\/span><span style=\"color:#ae81ff\">6<\/span><span style=\"color:#960050;background-color:#1e0010\">RYxleRaoxJ<\/span><span style=\"color:#ae81ff\">8<\/span><span style=\"color:#960050;background-color:#1e0010\">cQ%<\/span><span style=\"color:#ae81ff\">3<\/span><span style=\"color:#960050;background-color:#1e0010\">D%<\/span><span style=\"color:#ae81ff\">3<\/span><span style=\"color:#960050;background-color:#1e0010\">D<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">Request<\/span> <span style=\"color:#960050;background-color:#1e0010\">method:<\/span> <span style=\"color:#960050;background-color:#1e0010\">POST<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">content-type:<\/span> <span style=\"color:#960050;background-color:#1e0010\">application\/json<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">Expect:<\/span> \n<span style=\"color:#960050;background-color:#1e0010\">User-Agent:<\/span> <span style=\"color:#960050;background-color:#1e0010\">GitHub-Hookshot\/<\/span><span style=\"color:#ae81ff\">16496<\/span><span style=\"color:#960050;background-color:#1e0010\">cb<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">X-GitHub-Delivery:<\/span> <span style=\"color:#ae81ff\">9<\/span><span style=\"color:#960050;background-color:#1e0010\">ed<\/span><span style=\"color:#ae81ff\">46280-6<\/span><span style=\"color:#960050;background-color:#1e0010\">ab<\/span><span style=\"color:#ae81ff\">3<\/span><span style=\"color:#ae81ff\">-11e9<\/span><span style=\"color:#ae81ff\">-8<\/span><span style=\"color:#960050;background-color:#1e0010\">a<\/span><span style=\"color:#ae81ff\">19<\/span><span style=\"color:#960050;background-color:#1e0010\">-f<\/span><span style=\"color:#ae81ff\">1<\/span><span style=\"color:#960050;background-color:#1e0010\">a<\/span><span style=\"color:#ae81ff\">14922<\/span><span style=\"color:#960050;background-color:#1e0010\">a<\/span><span style=\"color:#ae81ff\">239<\/span>\n<span style=\"color:#960050;background-color:#1e0010\">X-GitHub-Event:<\/span> <span style=\"color:#960050;background-color:#1e0010\">gollum<\/span>\n\n<\/code><\/pre><\/div><blockquote>\n<p>Webhooks require a couple of configuration options before you can use them. We&rsquo;ll go through each of these settings next.<\/p>\n<\/blockquote>\n<blockquote>\n<p><strong>Note:<\/strong>\n<em>Payload URL<\/em>\nThe payload URL is the URL of the server that will receive the webhook POST requests. Each event type has a specific payload format. That payload contains information about the event that triggered the webhook.<\/p>\n<\/blockquote>\n<blockquote>\n<p><em>Content Type<\/em>\nWebhooks can be delivered using two different content types:\na)The application\/json content type delivers the JSON payload directly as the body of the POST request.\na) The application\/x-www-form-urlencoded content type sends the JSON payload as a form parameter, called payload.<\/p>\n<\/blockquote>\n<p>You&rsquo;ll also see that the payload contains information indicating that your wiki page was edited. The payload contains pages, repository, and sender sections.<\/p>\n<p><img src=\"https:\/\/github.com\/bashirk\/AzureWebhookTest\/raw\/assets\/Screenshot%202020-01-27%20at%207.13.27%20PM.png\" alt=\"Final Test Webhook\"><\/p>\n<p>Finally, you&rsquo;ll see a response message generated by your Azure function app. This response message should be same as this: <em>Please pass a name on the query string or in the request body.<\/em><\/p>\n<h2 id=\"whats-next\"><strong>What&rsquo;s Next?<\/strong><\/h2>\n<p>In this part, I walked you through how to create and setup a webhook on GitHub, connect this webhook with our newly created API (we would be making changes to the function code) to listen to Wiki update events (<a href=\"https:\/\/developer.github.com\/v3\/activity\/events\/types\/#gollumevent\">Gollum events<\/a>, in this case).<\/p>\n<p>In the next\/last <a href=\"https:\/\/dev.to\/bashirk\/manipulating-github-wiki-data-with-azure-functions-3968\">part<\/a>, I&rsquo;ll walk you through how to update your function to parse information from the GitHub webhook payload, and hence display the results.<\/p>\n<p>See you on the other side. Cheers! :smiley_cat:<\/p>\n"}]}}