IT |
気になる、記になる… |
「PlayStation 5 Pro」は開発中で、2024年後半に登場との噂 |
https://taisy0.com/2023/03/15/169640.html
|
insidergaming |
2023-03-15 12:43:29 |
IT |
気になる、記になる… |
Microsoft、「Surface Laptop 4 (Intel)」向けに2023年3月度のファームウェアアップデートをリリース |
https://taisy0.com/2023/03/15/169637.html
|
windowsocto |
2023-03-15 12:03:21 |
Ruby |
Rubyタグが付けられた新着投稿 - Qiita |
RSpecにおけるデバッグ方法 `save_and_open_page` |
https://qiita.com/30113011tr/items/d3044dabe450f0f7e8aa
|
everydayrails |
2023-03-15 21:08:57 |
Ruby |
Rubyタグが付けられた新着投稿 - Qiita |
[Rails] HTTPメソッドについて |
https://qiita.com/momozo_trademen/items/ca47fb0745c473eeeeeb
|
patch |
2023-03-15 21:05:28 |
Ruby |
Rubyタグが付けられた新着投稿 - Qiita |
Ruby 引数を使ってプログラムを作成する |
https://qiita.com/ta--i/items/3bc60aad326d40fda05c
|
numnum |
2023-03-15 21:03:54 |
AWS |
AWSタグが付けられた新着投稿 - Qiita |
【AWS】IAMユーザーの作成(ユーザー作成~MFA設定) |
https://qiita.com/hitorigotsu/items/f02823889436a784f03d
|
設定 |
2023-03-15 21:06:39 |
golang |
Goタグが付けられた新着投稿 - Qiita |
Go言語でループ内のポインタを安全に扱う上での一般的なバグとその解決策 |
https://qiita.com/atsutama/items/e8b9acee898da23216e3
|
取り扱い |
2023-03-15 21:31:21 |
Azure |
Azureタグが付けられた新着投稿 - Qiita |
Azere Cognitive SearchとAzure Form Recognizerの連携を試してみた ~③Cognitive Search編~ |
https://qiita.com/tmiyata25/items/861f1691b5ca56706242
|
azerecognitivesearch |
2023-03-15 21:48:06 |
Ruby |
Railsタグが付けられた新着投稿 - Qiita |
RSpecにおけるデバッグ方法 `save_and_open_page` |
https://qiita.com/30113011tr/items/d3044dabe450f0f7e8aa
|
everydayrails |
2023-03-15 21:08:57 |
Ruby |
Railsタグが付けられた新着投稿 - Qiita |
[Rails] HTTPメソッドについて |
https://qiita.com/momozo_trademen/items/ca47fb0745c473eeeeeb
|
patch |
2023-03-15 21:05:28 |
Ruby |
Railsタグが付けられた新着投稿 - Qiita |
Ruby 引数を使ってプログラムを作成する |
https://qiita.com/ta--i/items/3bc60aad326d40fda05c
|
numnum |
2023-03-15 21:03:54 |
技術ブログ |
Developers.IO |
ChatGPTの会話を保存するSaveGPTを使ってみた! |
https://dev.classmethod.jp/articles/chatgpt-savegpt/
|
拡張機能 |
2023-03-15 12:12:25 |
海外TECH |
MakeUseOf |
What Is GPTZero? How to Use It to Detect AI-Generated Text |
https://www.makeuseof.com/gptzero-detect-ai-generated-text/
|
chatgpt |
2023-03-15 12:31:16 |
海外TECH |
MakeUseOf |
The Pros and Cons of Using Apple’s Magic Trackpad |
https://www.makeuseof.com/magic-trackpad-pros-and-cons/
|
apple |
2023-03-15 12:16:16 |
海外TECH |
MakeUseOf |
How to See Someone’s Instagram Username Change History |
https://www.makeuseof.com/how-to-see-instagram-username-history/
|
businesses |
2023-03-15 12:05:16 |
海外TECH |
DEV Community |
My Experience In Tackling Critical Dependency Issues In React Native |
https://dev.to/narottam04/my-experience-in-tackling-critical-dependency-issues-in-react-native-o26
|
My Experience In Tackling Critical Dependency Issues In React NativeIn I successfully landed an internship as a frontend developer on the React Native stack As I was already familiar with React JS for web I thought it would be good to have some experience with the native mobile stack I am writing this article to share my experience of a few stressful days during which I had to fix a dependency bug from a package that was crashing the entire app Severity Of The BugBefore going into the bug let s understand the severity of the situation My team and I were working hard on polishing the app removing all the bugs and improving user experiences so that we could finally roll out the app to new users and apply to VCs for funding But as everything in this world things never go as planned Upgrading Expo SDKOur previously functioning app started crashing when Expo released SDK which was a problem as Expo only supports the previous three releases Since we were using SDK I was tasked with upgrading the SDK before it impacted other team members I came across the official Expo SDK blog and thought the process would be straightforward but I was wrong After following all the steps my console was filled with a daunting stack of red errors I tried to read through the error which I found almost gibberish to be honest lol and started my quest on debugging Debugging QuestThe first thing I did after skimming through the error stack was to search on Stack Overflow to see if people were getting similar errors after upgrading the SDK Since SDK was new I could not find any relevant sources for my problem So I second guessed myself and tried to repeat the steps provided by Expo SDK again but sadly it didn t work Since Expo SDK wasn t working and Expo also supports the three previous releases I decided to upgrade to a previous SDK version and try my luck I cloned two new repositories where I upgraded to SDK and SDK Unfortunately luck was not on my side as I encountered similar red stack errors on both SDK versions As more team members started experiencing issues related to the deprecated SDK my desperation began to increase I received text messages from the group alerting me to their similar problems It felt like I was trying to solve an error that wasn t in the code because it was working fine yesterday This only added to my frustration More Debugging… I have discovered that one of the best ways to solve bugs is to take a break and step away from the problem when you re feeling frustrated Doing something enjoyable like taking a walk having an ice cream or indulging in something that comforts you can help you clear your mind and refresh your perspective Personally I prefer to take a walk during sunset as it is incredibly soothing and the colors of the sky make everything feel ten times better Pic of sunset taken by me…After going for a walk I decided to ask for help and solve the problem through pair programming My team members attempted to upgrade but they encountered the same error Fortunately we received a clue that the error was caused by a dependency called react native reanimated With this hint I decided to investigate the issue on GitHub within the React Native package Previously I had been able to resolve almost all of my errors by searching on Stack Overflow So this was the first time that I felt like one of those senior engineers after searching for and finding an open issue Finally The Solution…Finally after skimming through various GitHub issues and opening more than Chrome tabs I discovered an issue with the package we were using react native skeleton content It was using a different version of react native reanimated under its dependencies which caused the error we were facing To resolve the issue I added resolutions in the package json file with the version of react native reanimated that react native skeleton content required This allowed us to use the correct version of the package and eliminated the error resolutions react native reanimated Well our fix did work We were able to add some new features resolve some bugs and improve the user experience of the app But just when we thought we had resolved platform specific errors and could focus on rolling out features and debugging some edge cases in our codebase…WE WERE NOT ABLE TO MAKE A NEW BUILD FOR USERS … The team finally decided to migrate from Expo to React Native One of the expert team members handled the migration from Expo to React Native and the adventure thus continued Similar Frameworks StacksMy experience as a developer with React Native wasn t very pleasant However I would like to introduce an another framework that I worked extensively in i e Ionic Capacitor Capacitor offers the stability of web development along with native plugins that can be added to provide native features Link to a blog article that introduces ionic capacitor I created a side project called Cryptocademy using React JS and Capacitor which has garnered over downloads on the Play Store and currently has more than signups Over the course of a year I never encountered any platform specific issues and dependency issue with React JS and Ionic Capacitor Overall my experience working with capacitor js was always pleasantOne of the downsides of using Capacitor Ionic is that the documentation and community content could be better Most of the available content for Ionic Capacitor on the internet is written in Angular JS which can be difficult to convert to React JS This has been a pain point for me personally The examples of plugins in the Capacitor documentation could be improved I have found that many plugins are difficult to implement because of a lack of examples Even if I manage to find a blog post on a plugin it is often written for Angular or is several years old which can make it challenging to apply the examples to my current project I have not tried flutter yet If you are a flutter developer I would love to know your developer experience with it in comments LearningsI learned a lot during my first internship and I m really grateful for the experience Before this I only worked on my own projects so it was great to work with other people s code debug it and do pair programming Having more experienced colleagues also helped me improve my skills I would like to know about your experience with the React Native stack Have you encountered similar issues and if so how did you resolve them Please let me know in the comments |
2023-03-15 12:48:13 |
海外TECH |
DEV Community |
Notification system for a grocery app with React and NodeJS |
https://dev.to/novu/notification-system-for-a-grocery-app-with-react-and-nodejs-234g
|
Notification system for a grocery app with React and NodeJS TL DRIn this guide we ll make a simple shoping list webapp with Node and Express Then we ll be using Novu as an open source notification system to send email reminders about our groceries on the day we need to get them Getting Some GroceriesI ll admit I m not the best when it comes to keeping track of things Half the time when I go to get groceries I end up missing a chunk of stuff that totally slipped my mind While I could easily just write things down I m also a dev and like to make things difficult for myself So let s throw something together In this article we ll be going over a simple shopping list that we ll create with Node js as well as some pointers on how we can use the Novu platform to send emails from our API Setting Up Our ProjectIf you d like to see the full project Github you can check it out here Naturally we ll need to start our project somehow The first step we need to do is to create a project folder and then add in a basic webpage index html lt DOCTYPE html gt lt html lang en gt lt head gt lt meta charset UTF gt lt meta http equiv X UA Compatible content IE edge gt lt meta name viewport content width device width initial scale gt lt link rel stylesheet href styles css gt lt link rel stylesheet href gt lt script src easepick bundle dist index umd min js gt lt script gt lt title gt Grocery Notification lt title gt lt head gt lt body gt lt div class container gt lt div class input gt lt input name Enter new item id grocery input placeholder Enter new grocery item gt lt inp gt lt i class uil uil notes notes icon gt lt i gt lt div gt lt div class datepicker container gt lt input id datepicker placeholder Schedule Grocery Date type text gt lt div gt lt h class title gt Grocery Items lt h gt lt ul class grocery list gt lt li class grocery list item gt lt span class grocery item gt Eggs lt span gt lt i class uil uil trash delete icon gt lt i gt lt li gt lt ul gt lt button class submit type button gt Schedule lt button gt lt div gt lt div class error notification gt lt div gt lt div class success notification gt lt div gt lt script src script js gt lt script gt lt body gt lt html gt Our markup is pretty simple actually We have our input where we specify the grocery item we need to add and the list of items Lastly we have an input date where we specify the date we want to be reminded We re going to use a third party date picker library called easepick It s a pretty simple library to drop into our app and we ll use it alongside icons from Unicons We ll use some styling for our site too which you can find here styles css import url ital wght amp family Roboto amp display swap font family Roboto sans serif box sizing border box margin padding body background color eee height vh padding container position relative max width px width background color fff box shadow px px rgba padding px margin px auto border radius px container input position relative height px width container datepicker container margin top px display flex justify content flex end container input datepicker padding px outline none border radius px border px solid cecece input grocery input height width outline none border radius px padding px px px px font size px font weight resize none notes icon position absolute top font size px right px transform translateY font size px color title text align center margin top px margin bottom px grocery list margin top px grocery list grocery list item list style none display flex align items center width background color eee padding px border radius px position relative margin top px grocery list grocery item margin left px grocery list delete icon position absolute right px cursor pointer button submit margin top px padding px border radius px outline none border none width background color C color white cursor pointer notification position absolute top left transform translate width px height auto padding px margin top px border radius px color white text align center display flex justify content center align items center opacity error background color FF success background color BDA notification show opacity webkit animation fadein s fadeout s s animation fadein s fadeout s s keyframes fadein from top opacity to top opacity keyframes fadeout from top opacity to top opacity Now that we have the looks we need the functionality So let s add some JavaScript too script jswindow addEventListener DOMContentLoaded gt const ulElement document querySelector grocery list const submitElement document querySelector submit const inputElement document querySelector grocery input const errorElement document querySelector error const successElement document querySelector success let dateSelected null const showNotificationMessage element errorMessage gt if element classList contains show return element textContent errorMessage element classList add show setTimeout gt element classList remove show const datePicker new easepick create element datepicker css easepick bundle dist index css zIndex setup picker picker on select e gt dateSelected e detail date ulElement addEventListener click e gt if e target tagName I ulElement removeChild e target closest li inputElement addEventListener keyup e gt const value e target value if e keyCode amp amp value trim const li document createElement li li classList add grocery list item const span document createElement span span classList add grocery item span textContent value const icon document createElement i icon classList add uil uil trash delete icon li appendChild span li appendChild icon ulElement appendChild li inputElement value submitElement addEventListener click e gt const groceryItems document querySelectorAll span grocery item map element gt item element textContent if dateSelected return showNotificationMessage errorElement Please select the grocery date const dateDaysBefore new Date dateSelected setDate dateSelected getDate if new Date gt dateDaysBefore return showNotificationMessage errorElement Please select a date two days or more after this day if groceryItems length return showNotificationMessage errorElement Please add grocery items fetch http localhost grocery schedule method POST body JSON stringify scheduledGroceryDate dateSelected toISOString groceryItems headers content type application json mode cors then resp gt resp json then resp gt while ulElement lastChild ulElement removeChild ulElement lastChild showNotificationMessage successElement resp message catch e gt console log e In our script js file we Initialize our easepick instance and in the setup method we are listening to the select event so we can get the date value For ulElement we re listening for the click event and in the callback we re checking for the I element because that is the delete button for our unordered list In inputElement we re listening for keyup event so that we can add a new item in the unordered list element And lastly submitElement is listening for the click event for this element and will send the request to our API will trigger scheduling We will be triggering the email the day before the scheduled date to remind us earlier This is what the web app looks like in the front end with one grocery item Creating Our APINow we ll be needing to create our backend with Node and Express Specifically we need Node version There s a command line utility that we can use to switch to the version we need mkdir api amp amp cd api amp amp npm init y amp amp npm install express cors novu nodeWhat we did here is that we created the API folder and after that initialize our node project with the npm init y command using the default configuration After that we installed the libraries that we will be using We re not saving our data in the database but we ll get to that later We also installed the Novu novu node package so that we can notify from our API package json name grocery notify app version description main app js scripts start node app js test echo Error no test specified amp amp exit keywords author license ISC dependencies novu node cors express type module config jsconst API KEY API KEY Novu Dashboard gt Settings gt Api Keys Tabconst SUBSCRIBER ID SUBSCRIBER ID subscriber id created by the sdk or from the workflowconst EMAIL TO EMAIL your EMAIL to receive the notificationconst PORT export API KEY EMAIL SUBSCRIBER ID PORT We will be getting API KEY and the SUBSCRIBER ID from the Novu Dashboard later app jsimport express from express import cors from cors import API KEY SUBSCRIBER ID EMAIL PORT from config js import Novu from novu node const novu new Novu API KEY const app express app use cors app use express json app use express urlencoded extended false app post grocery schedule async req res gt const scheduledGroceryDate groceryItems req body try res status send message Grocery Reminder Scheduled catch e console log e res status send message Something went wrong when scheduling the grocery reminder app listen PORT gt console log server listening at port PORT In our app js we have one endpoint grocery schedule This is where we will handle the notification that we receive in our email Using Novu is really easy getting the Novu constructor from the module and creating a new Novu instance Grab your API KEY from your Novu account dashboard What is Novu Basically Novu is a platform for implementing configuring and managing notifications in our application It can manage EmailSMSChatPush NotificationsAll on one platform Novu makes it easier when building real time applications all we need to do is to configure and trigger the notification in our code You can read more about Novu here You can easily create an account with Novu with your GitHub account which is probably the fastest for this tutorial When you first see the Novu dashboard you will be seeing the dashboard As I said earlier we can get the API key here in the dashboard specifically in Settings →Api Keys After that we need to make a notification template that we will trigger in our API Click Notifications and click the New button on the far right Put the necessary details about the notification template like the Notification Name Notification Identifier and Notification Description Before we create the workflow let s take a look at the Integrations Store tab As I said earlier Novu has a list of notification integration options that you can work with like email sms chat and push notifications This is where you integrate the Notification Template that we made earlier into a specific provider We ll use Mailjet as the email provider to send the grocery reminder to a specific email First your email must have a valid domain to make this work I ll be using my work email for this You can get your Mailjet API key and secret key in your Account Settings →Rest API →API Key Management Primary and Sub account Copy the API key and secret key and go to Novu Dashboard →Integrations Store →Mailjet Provider and paste it Make sure to include the email that you used for Mailjet After this we need to edit our workflow editor for our notification In your Novu dashboard go to Notifications and click the notification that you created earlier For me it s grocery notification Once we ve done that click the Workflow Editor tab and in that in the editor click the circle with the plus sign below the Trigger component and select Delay on the right side There are two types of Delay Regular and Scheduled For this we ll use the Scheduled type We also need to specify the name of the field that Novu will be using for email In my example I will be using the sendAt field And below the Delay component click the circle with the plus sign again and select Email Our workflow should look like this Lastly we also need to configure our email template Click the Edit Template button on the right below Email Properties After the redirection to the Edit Email Template UI the email you re seeing here is the email that you used in the Mailjet configuration earlier Update the email subject to Grocery Reminder and click the Custom Code and copy this Handlebars code below lt div gt lt h gt Hi It s time for you to buy your grocery items lt h gt lt h gt dateFormat date MM dd yyyy lt h gt each groceryItems lt li gt item lt li gt each lt div gt This code is pretty simple In the h we re formatting the date value to Month Day Year format and in the part where we use the each we re just iterating in our groceryItems array We re also using the item property that we get from each item iteration in the list item element and we need to specify the each after the iteration After that click the Update button on the top right side Finishing Our APIWith all of that out of the way it s time to complete the API of our app Update the config js file with the API key you got earlier from the Novu Dashboard the SUBSCRIBER ID and email from Notifications in the dashboard The EMAIL is optional here to use since the SUBSCRIBER ID will use that same value but for example purposes we will provide it And our updated config js file const API KEY YOUR API KEY FROM THE SETTINGS TAB Novu Dashboard gt Settings gt Api Keys Tabconst SUBSCRIBER ID ddfddfee const EMAIL macmacky gmail com const PORT export API KEY EMAIL SUBSCRIBER ID PORT Lastly we need to update our app js file to trigger Novu for scheduling our notification import express from express import cors from cors import API KEY SUBSCRIBER ID EMAIL PORT from config js import Novu from novu node const novu new Novu API KEY const app express app use cors app use express json app use express urlencoded extended false app post grocery schedule async req res gt const scheduledGroceryDate groceryItems req body try sendAt am on the scheduledGroceryDate const sendAt new Date new Date scheduledGroceryDate setHours toISOString await novu trigger grocery notification to subscriberId SUBSCRIBER ID email EMAIL payload sendAt date new Date scheduledGroceryDate toISOString groceryItems res status send message Grocery Reminder Scheduled catch e console log e res status send message Something went wrong when scheduling the grocery reminder app listen PORT gt console log server listening at port PORT Basically what we re doing here is creating the scheduled date value sendAt This will have the value of am of scheduledGroceryDate For example if we provide the value of March then the sendAt value will be March am The trigger method from the novu instance from the name itself will trigger our notification It accepts the Trigger ID as the first parameter which you can get from Novu In the to object we provide the SUBSCRIBER ID and EMAIL from our config js and in the payload object we provide sendAt date and groceryItems Remember that sendAt and date fields must be in ISO string format Okay Let s test our application I m gonna add new items to our grocery list Milk Bread Water Butter and Grapes Press the Schedule button and if went successfully it will pop up a message that tells us it s been scheduled Going back to Novu in the Activity Feed you can see if that particular reminder is scheduled And when you click the first one you can know the details of that notification The execution for this notification is delayed because we specified it as a Delay type earlier and you can also see the time when this notification will be executed This is a sample email that you will get if it all goes as planned If you want to expand this project you can add a database to our project for saving grocery items Then show the list of grocery dates that are scheduled on another page in our web app Closing the Shopping ListSo far we ve created an app that uses some simple Node js and Express to make a simple grocery list Then we use the power of Novu to schedule notifications and send emails to remind ourselves On the surface it s pretty simple but a lot of room for added functionality You can set up user accounts and share it with your family or maybe add SMS notifications too Novu is a great open source notification system that you can use for notifications to integrate with your applications It s free to get started and a very powerful tool in the right hands If you d like to see the full project Github you can check it out here |
2023-03-15 12:23:10 |
海外TECH |
DEV Community |
Why API Specs Are the Backbone of Successful Development |
https://dev.to/aws-heroes/why-api-specs-are-the-backbone-of-successful-development-i1k
|
Why API Specs Are the Backbone of Successful DevelopmentThe other day somebody told me about a REST API for some software that I use almost every day I typically use their SDK but jumped at the opportunity to use a REST based offering I could quickly hash out POCs in Postman and verify my ideas in seconds I m a big fan of REST and API design I ve been an advocate for API first development for years So naturally the first thing I do is try to find the spec I poke around GitHub for a bit but no luck So I ask a maintainer about it and I was given a single curl statement curl d SOMEBLOB https baseurl data set KEYNAME token TOKENHERENeedless to say I was a bit underwhelmed It ended up raising more questions than it answered What should I expect the data to look like in the response What was the schema of the request body What about the content type Can I sub the token query param as an Authorization header That path isn t very RESTful are there other endpoints I should be using instead I tried hitting the endpoint and it gave me an error But I didn t know how to fix it An example curl statement doesn t go very far when it comes to troubleshooting All of this could have been avoided had there been a publicly available API spec You can get by for a while without one as you work to churn out features that help determine product market fit but eventually that is going to catch up The user base will grow over time and people will have questions about how it works and what features are available over http Let s talk about what is involved with API specs and why they are so important for long term success What API Specifications Tell YouAn API spec like Open API lists the endpoints schemas responses parameters security and base URLs for an API It takes all the guesswork out of exploring a set of features Specifications tell you exactly what each endpoint needs what types of responses you could receive and why you would receive them Take an example from a game I m building Acorn Hunt points post summary Add or remove points from the caller in their active game operationId updatePoints requestBody required true content application json schema type object required count properties count type integer minimum maximum responses description The points were successfully added to the player score content application json schema type object required score properties score type integer ref components responses Conflict ref components responses UnknownError This endpoint definition tells consumers everything they need to know to call it successfully The path is listed at the top along with the http method It has a meaningful summary that tells readers exactly what business functionality it provides We can see the schema of the request body only accepts a count field ranging from to Finally we can see a list of all the possible responses We d expect a status code with a score property on success or a or in an error scenario Zooming out a level a specification will show you every path supported by the API Your readers aren t left wondering if there s an endpoint that does something specific because it s all listed in the spec You see not only the paths but the list of servers for each environment as well Consumers can string the server url with the path they want to hit and voila A clear concise description of all the available endpoints in your application NOTE the server urls in the image above are made up and will not resolve if you try them yourself Benefits of Having API SpecificationsBack to my story from before when I wanted information about the API I had to reach out to the maintainer That s fine in a one off scenario but what if that happened times a day What about Tribal knowledge doesn t scale What s worse you could have external consumers that hear about your API via word of mouth and they tell their friends about it Those friends tell other friends then those friends tell their friends so on and so forth Have you ever played a game of telephone The message at the end is usually vastly different than at the beginning Imagine if that happened with your API If you don t have adequate request level validation consumers could be pushing wildly different data to your requests than you expect That could cause your data integrity to falter and result in a potential increase in data storage costs Nobody wants that With an API spec you have a definitive resource that scales infinitely It doesn t matter if you have one or one million developers looking at your spec a static definition on a webpage will typically handle that amount of scale No developers necessary Beyond the internal benefits of not having your developers caught up teaching others about your API you have external benefits as well Not all developers want to reach out to a person to get their questions answered Many of us will abandon new software if we have to go through too much trouble to learn about it A specification lowers the barrier to entry by providing all the information you need Think a spec feels too low level to give consumers There are many tools that render API specifications in easy to use webpages directly from your CI pipeline Not only do you get documentation but depending on your tech stack you can deploy the back end implementation directly from it as well If you re using AWS there are extensions you can add to automatically build schema validation and connect directly to downstream services I talk with Andres Moreno about automating everything from SDK generation to integration testing to consumer documentation directly from the spec in the Ready Set Cloud podcast Final ThoughtsYour API specification is your source of truth It should drive how your product is designed Your API is the front door of your application enabling consumers to use and extend your product to meet their needs If you leave them with questions and undocumented endpoints how are they supposed to be successful SDKs are great and solve a multitude of use cases but they aren t a complete solution A web API be it REST or GraphQL is an enabler It lowers the barrier to entry for new users by not requiring them to write any code They simply need to open a tool like Postman or Insomnia plug in their API key and test away A single source of truth aligns your product team with the dev team There s no coding in the dark or black boxes involved A contract is defined and implemented then your consumers can immediately discover new functionality When establishing product market fit rapid feedback and iteration are key to success An API spec detailing available features is the fastest way to make your features known and get users to try them out You don t have to be extreme and go API first today But taking steps toward treating your API as your product and your spec as its definition will result in almost immediate benefits Make it a priority and watch as your quality improves and customer engagement increases Happy coding |
2023-03-15 12:07:22 |
海外TECH |
DEV Community |
KCSA Blog Series Part 1: Overview of Cloud Native Security |
https://dev.to/thenjdevopsguy/kcsa-blog-series-part-1-overview-of-cloud-native-security-2pbh
|
KCSA Blog Series Part Overview of Cloud Native SecurityIn part one of this blog series you ll learn about the first domain objective for the Kubernetes and Cloud Security Associate KCSA certification Cloud Provider SecurityWhen it comes to cloud security there are two crucial points what you re responsible for and what the cloud provider is responsible for This is called the Shared Responsibility Model While you decide which cloud provider you ll choose your options will differ For example Azure and AWS think about security utilizing similar methodologies but the tools that are associated with each platform are different However each cloud vendor does make recommendations based on best practices and the best practices are coming from the same place The cloud provider is responsible for the underlying hardware security For example the servers that Azure is running on aren t your concern However the network firewall rules that are connected to your virtual machines are your concern Think about it like this if you can access it it s your concern You can t walk into an Azure datacenter and touch the server You can however log into Azure and set up proper networking This is the basis of the shared responsibility model Below are two links for how AWS thinks about security and the way Azure thinks about security Within the links above you ll see various options for how you can secure your cloud resources based on the tools that are available for you out of the box Infrastructure SecurityWhen it comes to infrastructure security it s going to be similar to cluster security The cloud is responsible for certain parts and you as the engineer are responsible for certain parts For example one of the best infrastructure practices when it comes to Kubernetes is to encrypt Etcd the Kubernetes datastore If you re hosting Kubernetes yourself you can do it If Kubernetes is hosted in the cloud with a Managed Kubernetes Service you won t have access to Etcd which means you cannot secure it However even in the cloud there are some infrastructure best practices you can follow Ensure proper access to the API server By default a lot of the Managed Kubernetes Services will put a public IP address on your cluster You can turn this off The VMs that your worker nodes are running on can be protected via network policies and controls Remember the worker nodes attached to your Managed Kubernetes Service cluster are just virtual machines and virtual machines can be controlled Least privilege to the API server Not everyone on your team needs RBAC permissions to reach the API server and some may only need certain access like readonly Cluster SecurityWhen thinking about how to secure a cluster it ll be broken down into two pieces The cluster itself The applications inside of the cluster At the cluster level in the cloud because it s managed by the cloud it really all comes down to giving proper permissions and access Think about it in a least privilege fashion Not everyone needs access to scale the cluster or access the API server Some engineers may only need for example read access to the production clusters and other engineers may need full permission to the production clusters Cluster security in the cloud comes down to ensuring that whoever has access Has only the proper access they need and Has access to the proper resources and clusters A few other cluster specific security protocols to think about are Limiting resource usage on the cluster Security Contexts in your Pod spec Restricting network access Audit logging enabled From an application perspective it comes down to three parts Access to the application What Pods have access to from a network perspective Proper encryption The first step is to think about RBAC How are your permissions actively assigned for your Pods Is there a proper service account deploying your Pods and does it have appropriate permissions Do the users engineers that need access to your Pods have proper access and are defined with least privilege The second step is to confirm what your Pods have access to By default the Pod network is a flat network Meaning all Pods can talk to other Pods regardless of what Namespace they re in by default Because of that you want to ensure to have proper network policies in place along with ensuring that the containers running inside of the Pods are configured with proper security contexts Along with that one of the biggest overall concerns and security concerns is resource constraints Don t let your Pods have access to as many resources CPU memory storage as they want Set a limit request depending on CPU memory The third step is to ensure proper encryption If you re using an Ingress Controller ensure TLS is enabled For the Pod network think about a security centric CNI like Cilium or Calico You can also implement a Service Mesh for mTLS capabilities For Kubernetes Secrets ensure that Etcd encrypts them properly because it doesn t by default or you use a third party platform like HashiCorp Vault Container SecurityWhen securing a Pod outside of the network layer it comes down to the container image and the container itself The first step is to properly scan a container image Before anything is deployed you should always scan A few good tools for this purpose are Kubescape and Checkov Kubescape for example will scan container images against CIS benchmarks The next step would be to sign the container images so they re trusted You can read more about the full process here The third step is to ensure that proper access is given to containers As mentioned a few times above proper permissions and RBAC should be on top of your mind The last step is to ensure that you re using a proper container runtime with isolation Chances are you won t see much of this in the cloud but you can utilize a Kubernetes API to manage this Code SecurityWhen you re securing code you ll most likely be doing that way before it ever gets to Kubernetes As you re doing unit tests mock tests and integration tests you ll be performing well hopefully you will security scans against the code One of the most popular security scanning tools is Sonarqube This most likely won t be on the exam but it s still good to know For code security when it comes to Kubernetes think about the following TLS access for any communication that needs to occur via TCP IP Ensure that the apps only have access to particular ports that are necessary Scan your code with a third party tool like Sonarqube and utilize Static Code Analysis Test out attacks against your code in a controlled environment using dynamic probing You can learn about a few methods on how to do that here |
2023-03-15 12:01:25 |
Apple |
AppleInsider - Frontpage News |
Hands on: Camo 2 turns your DSLR into a webcam |
https://appleinsider.com/articles/23/03/15/hands-on-camo-2-turns-your-dslr-into-a-webcam?utm_medium=rss
|
Hands on Camo turns your DSLR into a webcamCamo is an app that lets people use their iPhone as a webcam and Wednesday s significant update extends that functionality to other devices Camo is outReincubate the company behind the app released the Camo update on Wednesday For the first time it supports webcams built in cameras Continuity Camera mirrorless cameras DSLRs and action cams Read more |
2023-03-15 13:00:01 |
Apple |
AppleInsider - Frontpage News |
2023 Jeep Grand Cherokee Uconnect 5 review: Finally wireless CarPlay |
https://appleinsider.com/articles/23/03/15/2023-jeep-grand-cherokee-uconnect-5-review-finally-wireless-carplay?utm_medium=rss
|
Jeep Grand Cherokee Uconnect review Finally wireless CarPlayThe Jeep Grand Cherokee uses the new Uconnect operating system for its in car display Here s how it works with wireless Apple CarPlay Uconnect with wireless CarPlayUconnect is an Android based system found in various Jeep Chrysler Fiat RAM and Dodge vehicles including the Grand Cherokee we tested Besides being built in Android which makes updates and iteration much quicker it also supports wireless CarPlay and Android Auto Read more |
2023-03-15 12:38:48 |
Apple |
AppleInsider - Frontpage News |
Even Foxconn says it's looking to move away from China |
https://appleinsider.com/articles/23/03/15/even-foxconn-says-its-looking-to-move-away-from-china?utm_medium=rss
|
Even Foxconn says it x s looking to move away from ChinaApple supplier Foxconn reports that it is working to reduce its reliance on its parent firm s home country of China and will diversify future production A Foxconn facilityFoxconn which is Apple s major supplier for the iPhone is based in Taiwan But it is owned by Chinese firm Hon Hai Precision Industry Co In announcing its latest Q earnings that showed a drop in profits the firm says it is working to expand away from China Read more |
2023-03-15 12:31:59 |
Cisco |
Cisco Blog |
The Site Reliability and Software Engineering Soft Skills That Matter Most |
https://feedpress.me/link/23532/16024298/the-site-reliability-and-software-engineering-soft-skills-that-matter-most
|
The Site Reliability and Software Engineering Soft Skills That Matter MostLearn from hiring managers and fellow engineers at Cisco about the soft skills that are most valuable in the field and how to showcase them in an interview |
2023-03-15 12:00:56 |
医療系 |
医療介護 CBnews |
リハや口腔・栄養管理の一体的な取り組み推進-厚労省方針、同時改定の意見交換会で |
https://www.cbnews.jp/news/entry/20230315204801
|
意見交換会 |
2023-03-15 21:05:00 |
金融 |
RSS FILE - 日本証券業協会 |
会長記者会見−2023年− |
https://www.jsda.or.jp/about/kaiken/kaiken_2023.html
|
記者会見 |
2023-03-15 13:30:00 |
金融 |
金融庁ホームページ |
鈴木財務大臣兼内閣府特命担当大臣閣議後記者会見の概要(令和5年3月10日)を掲載しました。 |
https://www.fsa.go.jp/common/conference/minister/2023a/20230310-1.html
|
内閣府特命担当大臣 |
2023-03-15 12:16:00 |
ニュース |
BBC News - Home |
Stock markets hit again by banking worries |
https://www.bbc.co.uk/news/business-64964881?at_medium=RSS&at_campaign=KARANGA
|
valley |
2023-03-15 12:17:56 |
コメント
コメントを投稿