Release News.

How to trigger a Github action with an HTTP request

1.Create a new action with repository_dispatch trigger

Make sure your action is set to trigger on repository_dispatch event. This is the same event used when triggering the action through the UI.
name: Node.js CI

name:  Demo action todo list.

on:
  repository_dispatch:
  #workflow_dispatch:
  #schedule:
  #  - cron: '5 6 * * *'

jobs:
  build:
    runs-on: ubuntu-latest
2.Get yourself a personal access token to use the Github API

You can create one here: https://github.com/settings/tokens

Make sure you add repo and workflow permissions

3.Create the HTTP request

https://docs.github.com/en/[email protected]/rest/reference/actions#create-a-workflow-dispatch-event

POST https://api.github.com/repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches
Authorization: Bearer <Your personal access token here>
{"ref": "<BRANCH | TAG>"}

cURL

curl --request POST \
  --url 'https://api.github.com/repos/octocat/hello-world/actions/workflows/42/dispatches' \
  -H "Accept: application/vnd.github.v3+json" \
  -H "authorization: Bearer <TOKEN>" \
  -d '{"ref":"release"}'
Ref

https://docs.github.com/en/rest/reference/actions#create-a-workflow-dispatch-event

https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#repository_dispatch …

Lookup MX Records using Rust & trust-dns-resolver

I used to often work with DNS in one of my previous jobs. So I have always had a long running interesting in DNS. Most recently I have been looking into Rust. I wanted to see how easy it might be to use rust to access DNS records, one; because rust is said to be fast, and also because it’s a safe programming language.

This will be a brief write up at my attempt to use trust-dns-resolver to do MX record lookups and subsequently host address lookups.

Warning: This code is not intended to be used in production. You should review and adjust to your own needs.

Getting Started

First we will need to create our development environment.

cargo …

Apache Kafka - Playing with Consumer API using python library

Apache Kafka is written with Scala. Thus, the most natural way is to use Scala (or Java) to call Kafka APIs, for example, Consumer APIs and Producer APIs. For Python developers, there are open source packages available that function similar as official Java clients.

This article shows you how to use kafka-python package to consume events in Kafka topics and also to generate events.

Kafka brokers

The code snippets in the following examples requires Kafka brokers. If you don’t have a Kafka system to work with, try to configure one on Windows 10 following this guide:

Install and Run Kafka 2.6.0

Python ⅔ is required to run the sample code. In my system, Python version is 3.8.4 (x64 bit).

python …

Is it possible to Git merge/push using Jenkins pipeline

Overview

This demonstrates how to push a tag (or branch, etc) to a remote Git repository from within a Pipeline job. The authentication step may vary between projects. This example illustrates injected credentials and also username / password authentication.

Based on Stackoverflow answer at http://stackoverflow.com/questions/33570075/tag-a-repo-from-a-jenkins-workflow-script Injected credentials gist at https://gist.github.com/blaisep/eb8aa720b06eff4f095e4b64326961b5#file-jenkins-pipeline-git-cred-md

1) Configure Git User

The Git user name and email must be configured on the agent running the build to be able to commit changes / create a tag. If no user is configured in the agent environment, the following error would appear when committing / pushing changes:

*** Please tell me who you are.
shell> git config --global user.email "[email protected]"
shell> git config --global user.name "Your Name"

The user …

Dynamically adding parameters in sqlx

Bridging data types between the database and a programming language is such a foundational feature of most database-backed applications that many developers overlook it, until it doesn’t work. For many of my Rust-based applications I have been enjoying sqlx which strikes the right balance between “too close to the database”, working with raw cursors and buckets of bytes, and “too close to the programming language”, magic object relational mappings. It reminds me a lot of what I wanted Ruby Object Mapper to be back when it was called “data mapper.” sqlx can do many things, but it’s not a silver bullet and it errs on the side of “less magic” in many cases, which leaves the developer to deal with …

Embedding files in Go using the "embed" package

Go 1.16 Release Candidate 1 was announced recently and the most exciting feature for me in this release is the new “embed” package which allows you to embed a file contents as part of the Go application binary.

This ability so far was most easily available via using various third party packages and they worked great. You could also use go generate to roll out your own solution, if needed. However, now having this facility in the form of a standard library package is great news.

Let’s see how we can use it. I will keep this post updated as the 1.16 release evolves.

Getting Go 1.16 RC 1

If you have Go installed already, run:

$ go get golang.org/dl/go1.16rc1 …

Five websites to practice your coding skills

Completing coding challenges is a great way to learn. They also help with many skills needed to become a better developer and get better results at job interviews.

While completing coding challenges online, you will:

  • Learn new algorithms and ways to code.
  • Get better at problem-solving.
  • Identify coding patterns.
  • Spice up the learning process.
  • Get used to working with online IDEs.

With the pandemic, online interviews with small coding challenges are the norm. Being acquainted with this type of problem and with online code editors will remove part of the interview’s complexity (and stress).

Here is a list of websites with coding challenges that would be great for candidates to practice on. In no specific order:

Codewars

This site has …

Proxy services: Frequently asked questions answered

Choosing between the various types of proxy services and other anonymous browsing methods can be confusing. We have answered some frequently asked questions about free proxies, paid proxies and VPNs to help clarify what they are and when you should use each one.

What is a proxy service?

A proxy service is an intermediary between your browser and the web, allowing you to access websites via a different IP address, thus acting as if you are in any country and on any device.

With a proxy service, the requests for websites you visit and the actions you take on them are routed through a different IP in order to stimulate a different geolocation, device or browser, giving you transparency and …

So you want to write a successful license

In early 2020, when international travel was still a responsible thing one could do, I gave a talk on “what makes a license successful” at FOSDEM in Brussels. I then wrote a blog post about it, got some writer’s block, and never finished it. But recent interest in the topic, and specifically on what lawyers can (or can’t) contribute to the success of a license, made me decide to dust it off and hit publish. You can think of this post as the questions I would ask, and the advice I would give, to anyone seeking to promote new, innovative licenses, of any sort.

Tidelift disclaimer

Tidelift believes that the best way to increase the use (and profitability) of open …

OpenSSL Examples to Help You in Real-World

Create, Manage & Convert SSL Certificates with OpenSSL

One of the most popular commands in SSL to create, convert, manage the SSL Certificates is OpenSSL.

There will be many situations where you have to deal with OpenSSL in various ways, and here I have listed them for you as a handy cheat sheet.

In this article, I will talk about frequently used OpenSSL commands to help you in the real world.

Some of the abbreviations related to certificates.

  • SSL – Secure Socket Layer
  • CSR – Certificate Signing Request
  • TLS – Transport Layer Security
  • PEM – Privacy Enhanced Mail
  • DER – Distinguished Encoding Rules
  • SHA – Secure Hash Algorithm
  • PKCS – Public-Key Cryptography Standards

Note: SSL/TLS operation course would …

Handling Unix Kill Signals in Rust

Intro

Like many of you, I am a software developer. For the past few years, I’ve been working with Python, both at work, and writing small hobby projects at home.

One of the most common things I do with Python is write Linux services/daemons. A linux daemon is a program, in our case written in Python, that runs in a loop, usually by SystemD, and only exits when it receives a kill signal.

A few months ago, I decided to teach myself Rust, and after reading the Rust book (which I highly recommend), and watching lots of youtube videos, I tried to write a Rust Linux daemon.

Part of the process was figuring out how to handle kill signals in …

Proxy technology is driving the next generation of cloud security digital asset protection

In this article we will discuss:

  • Digital pirates pose very real threats
  • High profile ransomware attacks
  • How cloud security providers are harnessing proxy technology to combat cyber threats
Digital pirates pose very real threats

Malicious actors are constantly scanning the web looking for weak points of access and corporate vulnerabilities they can exploit. HBO, Xerox, Garmin, ExecuPharm and several hospital systems and local governments across the US and the world have fallen victim to ransomware attacks. According to the FBI, 2019 saw 467,361 reports of such attacks with cumulative losses reaching in excess of $3.5 billion.

Here are the most common ways in which fraudsters hold corporations at ‘digital gunpoint’:

Real-time breaches

In this instance, cybercriminals …

Versioning your API in Go

At some point in time your API need to have versions like /v1 or /v2 (like github API).
To implement this in Go I will use gorilla/mux router and I will assume you have a functional Go environment.

We will make a new project with the following main.go file:

package main

import (
    "flag"
    "net/http"

    "github.com/gorilla/mux"
)

var (
    port = flag.String("port", "8080", "port")
)

func main() {
    flag.Parse()
    var router = mux.NewRouter()
    var api = router.PathPrefix("/api").Subrouter()
    api.NotFoundHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
        w.WriteHeader(http.StatusNotFound)
    })
    http.ListenAndServe(":"+*port, router)
}

On short we have created a new router with a nice soubrouter for handling /api which represent the base of our versioned routes.
The routes will show like /api/v1/endpoint, /api/v2/endpoint …

API Security Best Practices

By nature, APIs are meant to be used. Even if all of your users are internal, security problems can still arise. To help with this, we’ve assembled a list of best practices to keep in mind when securing and locking-down an API or web service.

Use HTTPS

The web has moved past standard HTTP. With browser vendors flagging URLs that don’t use a secure layer, it’s time to do the same for your API. HTTPS uses Transport Layer Security (TLS) to encrypt traffic. This means communication between the client and server is encrypted. For your API, this means the content sent from your API is secured from third-parties, but more importantly it means that the access credentials are secured.

Authenticate …

How to fix Error 429: Too Many Requests

Your application is running smoothly. Tests have passed. Suddenly you start to see 429 error responses from an API. The 429 error means your app has made too many requests and has hit the rate limit of an API. The 429 (Too Many Requests) error is an HTTP status code is a client error sent back from the server to signal that you’ve reached your allowed limit.

While rate limiting may seem like a bad thing when you encounter it, this restriction is a protective feature of most consumable APIs. Rate limits prevent services from intentional abuse, as well as accidental abuse that may occur when developers are testing applications. If you’ve ever poured water into a funnel too quickly, …

How to Detect Bot Traffic?

Often we perceive the term “bot” as negative. However, not all bots are bad. The issue is that good bots can share similar characteristics with malicious bots. Therefore, good bot traffic get labeled as bad and get blocked.

Bad bots are only getting smarter, and it’s hard for other bots to stay block-free. This creates a lot of issues not only for site owners to ensure a healthy performance of their website but for the web scraping community as well.

In this article, we’ll go more in-depth about bot traffic, what it is, how websites detect and block bots, and how it can affect businesses.

What is bot traffic?
Bot traffic is any non-human traffic made to a website. It’s …

What is TCP/IP and how does it work?

TCP/IP is a collection of rules for data transfer between devices. And rules are important when you want to move information online.

Remember sending letters? If you wanted to use the postal service, you had to write down a name and address on an envelope, according to the rules. You had to use an certain amount of stamps and drop the letter into a letter box. Then there were even more regulations governing how the postal workers handled your mail.

There are no stamps on the internet, but there are rules. And your apps and devices have to follow these rules in order to send and receive information. This is called the TCP/IP model.

What is TCP/IP?

TCP/IP is a …

What is a Proxy Server [2021 Guide]

What is a proxy?

A proxy acts as an intermediary between you and the internet. When you’re using a proxy server, your request runs through the proxy server (which changes your IP address) first, and only then connects to the website. This is the main thing to know if you want to define a proxy.

What are proxies used for?
Proxies for personal use

There are several reasons for individuals or organizations to use a proxy.

Firstly, for regular internet users, a proxy could come in handy if there is a need to browse the internet more privately. On top of the privacy factor, proxy servers can also improve security levels if the proxy server is correctly configured as users …