https://medium.com/@danieljimgarcia/nginx-ingress-waf-with-modsecurity-from-zero-to-hero-fa284cb6f54a
Everything you need to get started on enabling and configuring Web Application Firewall (WAF) in your NGINX Ingress controller.
https://itnext.io/beware-of-depends-on-for-modules-it-might-bite-you-da4741caac70
When defining dependencies between Terraform modules, using depends_on can cause unwanted surprises. Find out why and how to prevent them!
https://medium.com/@danieljimgarcia/dont-use-the-terraform-kubernetes-manifest-resource-6c7ff4fe629a
The kubernetes Terraform provider is useful when bootstrapping clusters. However the kubernetes_manifest resource has important limitations. The article describes these limitations and provides working alternatives.
https://medium.com/@danieljimgarcia/10-points-to-consider-when-migrating-commonjs-to-es-modules-in-node-abe8ed31ac10
Migrating CommonJS to ES modules requires more than a syntax change. Explore what to expect and the effort required.
A CLI tool that allows developers and teams to capture their preferred tech stacks as a project template and a set of code generators.
Each of these stacks is captured as a git repository. Create them in a publicly available service such as Github to encourage usage and sharing across the wider community. But you are also free to use dexa with private repositories.
Read more in the KaizenDorks website.
https://www.dotnetcurry.com/aspnet-core/realtime-app-using-blazor-webassembly-signalr-csharp9
This article puts Blazor WebAssembly under test by building a small real time survey application leveraging SignalR for its real time functionality across both frontend and backend. While doing so, we will use the latest ASP.NET libraries in .NET 5 and C# 9.0, including some of the new language features like record types.
The official Sonarqube helm chart started as a community maintained effort as part of the Oteemo helm charts. It was later adopted as the official helm chart of Sonarqube and forked to a SonarSource repo.
This helm chart is the official way of installing Sonarqube in Kubernetes, even though it still has some limitations as per the official Sonarqube docs.
The chart allows you to change the default admin password when installing Sonarqube. This is implemented as a post-install helm hook that sends a POST request to the Sonarqube admin API using a container with curl installed.
The problem was that the current/new admin password were sent as part of the query string, but were not URL-encoded. This meant trying to change the admin password to a new password with special characters would fail.
I opened a bug and submitted a PR to fix the issue and URL-encode them it: https://github.com/Oteemo/charts/pull/278
https://www.dotnetcurry.com/aspnet-core/kubernetes-for-developers
Kubernetes became over the past few years one of the most common and important tools that teams and organisations can leverage in the DevSecOps space. In this article, we will go through the core Kubernetes concepts. It follows a hands on approach specifically aimed at developers so it becomes easier to start leveraging Kubernetes.
The official docker chef cookbook allows engineers to manage docker services and docker resources using Chef.
For example, you can install specific docker versions, configure the docker service or manage resources such as containers, networks and volumes.
The registry_mirror option of the docker_service resource allows you to configure the docker daemon with a registry mirror. It essentially adds the --registry-mirror option to the docker daemon arguments.
While it is possible to configure multiple mirrors by providing the --registry-mirror argument multiple times, this chef resource only allowed a single mirror to be configured.
I submitted a PR that updated the option so users can provide either a string or an array for the registry_mirror option.
Kured is an open source tool that allows Kubernetes administrators to control when their Nodes can reboot.
This way, automatic upgrades like unattended-upgrades can be configured in the cluster nodes so the OS dependencies are automatically patched.
When a reboot is necessary, unattended-upgrades will create a file /var/run/reboot-required instead of automatically rebooting the node. Kured runs as a daemon in your Kubernetes cluster and monitors the existing of that file. Once it detects a node needs to be rebooted, kured ensures a single node reboots at a time, and it cordongs & drains the node before rebooting.
In addition, kured lets you define the day of the week and time of the day that your nodes can reboot, as well as delay a reboot based on prometheus alerts and/or pod selectors.
Kured can be configured to send a slack notification when draining and rebooting a Node. However the notification message was hardcoded as in Rebooting node %s.
This was limiting for myself, since I was going to use kured in many clusters across different clouds and regions. It would be great if I could send a message like Rebooting node %s, from cluster %s, region %s
I submitted a PR that introduced 2 new options with drain/reboot message formats. I also stayed for the conversation on refactoring the notifications using shouterrr so destinations other than slack are supported.
https://kaizendorks.github.io/2020/11/13/kubernetes-dns-issues-cheatsheet
Brief cheatsheet on how to debug DNS issues inside Kubernetes.
Why kubectl stopped being able to interact with private clusters located behind a VPN
read more →
https://www.dotnetcurry.com/aspnet-core/progressive-web-apps-blazor-vuejs-angular
Progressive Web Applications (PWA) have become an interesting choice for web developers. Most of the popular frameworks for writing web applications now offer support for PWAs, making life as a developer easier. Is PWA for you? Find out in this detailed tutorial.
DefectDojo is an open source vulnerability aggregation tool.
It greatly simplifies the task of teams running multiple types of vulnerability scans like SCA (dependencies scan), SAST (static code analysis) or DAST (dynamic applicaiton scans) by providing a central aggregation and correlation point.
As part of the DevSecOps efforts I was leading, we were considering DefectDojo in combination with tools like Trivy (for SCA), Sonarqube (for SAST) and ZAProxy (for DAST).
I wanted to integrate these tools into our CI/CD pipeline and aggrgate all their results in DefectDojo to get a global consolidated view per project and across the board.
One of DefectDojo's features is its ability to automatically detect a duplicate across scans. For example an unmitigated issue will keep showing in your CI/CD scans until is solved. The deduplication feature allows DefectDojo to keep a single vulnerability open and close the rest as duplicates, greatly reducing the noise in your project.
However when Trivy scans were imported, some fields were missing which caused the deduplication to not work as expected. I submitted a PR which fixed how Trivy scans where imported.
https://www.dotnetcurry.com/aspnet-core/1537/blazor-ml-dotnet
This article brings together Blazor, ML.NET and TensorFlow to build a SPA where users can identify the main object in a picture.
https://kaizendorks.github.io/2020/04/16/vuepress-github-actions
Article describing how you can easily get a vuepress site deployed to GitHub Pages using GitHub Actions.
https://kaizendorks.github.io/2020/04/11/new-website
Retrospective on creating a new website for the KaizenDorks and the switch from Jekyll to vuepress.
https://kaizendorks.github.io/tutorials/kubernetes
Getting started with Kubernetes is not easy, there is quite a learning curve before most people feel comfortable interacting and/or managing their cluster.
The tutorial is aimed at developers with no previous experience of Kubernetes, however it assumes some basic knowledge of docker/containers, networking and web applications.
https://www.dotnetcurry.com/aspnet-core/1525/angular-react-vuejs-svelte-spa-aspnet-core-3
This article demonstrates how to integrate four different SPA frameworks within ASP.NET Core v3: Angular, React, Vue and Svelte.
While there are official templates for React and Angular out of the box, the article explain how these work and how they can be adapted for other frameworks such as Vue and Svelte.
Example application that shows how to integrate a Blazor server-side application with ML.NET
I wrote an article in the DotNetCurry magazine explaining the integration between Blazor and ML.NET.
I was delighted to help Irene Y with a full day VueVixens workshop. The event took place in Sligo, in the offices of Overstock Ireland who were really friendly and a great host!
My role was mostly to give an extra hand to Irene and Caroline when it came to answering doubts and questions, so everyone was taken care of!
These are some of the tweets from the event:
Tomorrow, our lead Vue expert and workshop lead Caroline Fenlon, myself and @Dani_djg hit the road to teach in Sligo. Looks like a near full house and we are very excited! #vuejs #vuevixens #womenintech https://t.co/BiFz5cBz3v
— Irene Y (@rene_iy) November 7, 2019
Excellent event hosting @VueVixensIRL workshop, a fab group of 20 participants being introduced to #vuejs, BIG THANKS to Irene, Daniel & Caroline from #VueVixens, & to Diane OBrien from @ITSligo & Elaine Murphy from @LiveTiles who both spoke!#Overstock #WomenInTech #SiliconSligo pic.twitter.com/RibvyqbTm4
— Overstock Ireland (@OstkIreland) November 11, 2019
A set of templates showcasing 3 different ways in which a project using Vue-CLI and ASP.NET Core can be structured.
The code was discussed during an article published in DotNetCurry.
https://www.dotnetcurry.com/aspnet-core/1514/grpc-asp-net-core-3
Article introducing gRPC for ASP.NET Core developers, now that it is supported in the latest ASP.NET Core 3.0 release.
The article covers:
https://www.dotnetcurry.com/aspnet-core/1511/authentication-aspnetcore-signalr-vuejs
This article covers authentication in the context of ASP.NET Core and SignalR apps.
It describes how ASP.NET Core allows you to implement authentication using different schemes. Starting with cookie based authentication, it discusses different authentication schemes followed by JWT Bearer tokens.
I was delighted to give a talk in the JSDayIE 2019 conference. Check out the YouTube recording!
You also have the slides available in slideshare.
An example of creating services using gRPC and both ASP.NET Core and SignalR.
The code was discussed during an article published in DotNetCurry.
https://www.dotnetcurry.com/aspnet-core/1500/aspnet-core-vuejs-template
This article discusses 3 different approaches to integrate ASP.NET Core with an Vue SPA generated by the Vue-CLI.
These templates range from separated frontend and backend projects, to a couple of variants on the ASP.NET Core SPA template that fully integrates them as one solution.
A plugin for the awesome Vue CLI that simplifies the setup needed to use Jest and Puppeteer to write and run E2E tests.
Read more in the KaizenDorks website.
A mini Stack Overflow replica built using Vue, ASP.NET Core and SignalR.
I wrote a series of articles in the DotNetCurry magazine explaining the stack, the integration between Vue and SignalR and the authentication mechanism:
Series of 3 articles covering the history of ASP.NET since its first release back in 2002
read more →
A library for Vue that lets you automatically register components, views, routes, and other Vue elements.
Read more in the KaizenDorks website.
A plugin for the awesome Vue CLI that generates the Docker and docker-compose files necessary for both development and production.
Read more in the KaizenDorks website.
https://www.dotnetcurry.com/aspnet-core/1480/aspnet-core-vuejs-signalr-app
Using an ASP.NET Core backend, and a Vue.js frontend, we will look into the main concepts and building blocks of SignalR by implementing a minimalistic version of Stack Overflow.
An extension for the sinon.js mocking library. It makes easier to write unit tests for code that uses the MongoDB Node.js driver, allowing you to create stubs and spys for the client, db and collection objects.
Install with npm i -D sinon-mogo. Read more in KaizenDorks.
mockgo is a Node.js library which simplifies the task to create integration tests using a real MongoDB server.
When integrating mockgo with your tests, it will take care of downloading the right mongo binaries, initialize a real in-memory mongo database and clean it at the end of the test.
I was using mockgo in various Node.js projects for writing integration tests that used a real mongo database but still run fast and in memory.
However some of its dependencies were outdated, which was limiting the MongoDB versions that could be used in our tests.
I submitted a PR that ended up refactoring mockgo not just to update its dependencies, but also to use promises and ended up released as the v2 of the library.
https://www.dotnetcurry.com/dotnet/1460/blazor-getting-started
Blazor leverages a number of technologies such as WebAssembly in order to provide a SPA framework that can run .NET code in the browser. In this article, we will explore what is Blazor, how does it work and the new possibilities it brings for Developers.
https://www.dotnetcurry.com/vuejs/1441/vuejs-unit-testing
Learn to write tests using the awesome vue-test-utils together with mocha-webpack. Also see how the vue-cli facilitates writing unit tests from the very beginning.
https://www.dotnetcurry.com/vuejs/1454/using-vuex-manage-vuejs-state
Vuex provides an alternate state management approach to your Vue.js applications that makes it very interesting on large apps. This article takes a in-depth look to the core Vuex concepts.
https://www.dotnetcurry.com/aspnet-core/1426/dependency-injection-di-aspnet-core
This article aims to demistify dependency injection in ASP.NET Core, now a first class member of the framework.
It begins with a brief introduction to Dependency Injection in ASP.NET Core. It continues with a comparison to ASP.NET MVC 5, followed by a deeper look at the dependency injection support in ASP.NET Core and using 3rd party containers like Autofac and StructureMap.
An ASP.NET Core website that implements a simple blogger-like website.
I wrote a series of articles in the DotNetCurry magazine explaining the presentation layer and how to implement unit, integration and E2E testing:
Series of 3 articles covering unit, integration and E2E tests for ASP.NET Core
read more →
A sample react-native app that communicates using gRPC with a sample server, also contained in this repo. Both the client app and the server share the protocol buffer definition, which is used to generate both server and client side code.
The client side react-native application can talk to the gRPC server through a native module that bridges react-native and the objective-c/Java client generated by gRPC tooling.
https://www.dotnetcurry.com/aspnet/1402/aspnet-core-2-new-features
ASP.NET Core 2.0 was released in August 2017. This article looks at the most important new features of ASP.NET Core 2.0 and improvements over its previous versions.
node-apn is a library to simplify the task of sending apple push notifications from Node.js applications.
In the corporate environment I was working on, request to the Internet had to go through an HTTP proxy or else they would be blocked.
We were building an iOS application with a Node.js backend from where we wanted to send push notifications. For that we wanted to use the node-apn library but we could only do so if it supported connecting to apple's servers through a proxy.
Since that wasn't a feature currently available, I submitted a PR for it: https://github.com/node-apn/node-apn/pull/602
https://www.dotnetcurry.com/aspnet/1383/modern-web-dev-aspnet-core-webpack-vuejs
This article explores the official Microsoft template for ASP.NET Core that uses Vue as its client-side framework and gets you started on using modern tooling and libraries like Webpack, Babel or hot-reload.
https://www.dotnetcurry.com/aspnet/1373/debugging-aspnet-core-using-visual-studio-code
Get a nice debugging experience of your Single Page applications (SPA) in Visual Studio Code for both client and backend code.
https://www.dotnetcurry.com/aspnet-mvc/1368/aspnet-core-mvc-custom-model-binding
How Model Binding in ASP.NET Core MVC works, how does it compare against the previous versions of the framework and how you can customize it with your custom binders.
https://www.dotnetcurry.com/general-topics/1361/third-party-tool-ndepend
This article explores the functionality provided by a 3rd party Code Quality tool, NDepend.
In order to do so, NDepend is added to one of my ASP.NET Core projects, DockNetFiddle.
https://www.dotnetcurry.com/patterns-practices/1358/code-quality-tools
This article explores the subject of Code Quality within the .Net ecosystem. It includes a brief look at tools included in Visual Studio and other third-party commercial tools.
https://www.dotnetcurry.com/aspnet/1354/elastic-search-kibana-in-docker-dotnet-core-app
Use the Elastic Search API in an ASP.NET Core and Docker project and combining it with applications like Kibana for data analysis, reporting and visualization..