Posts

Showing posts from March, 2024

aws lambda - dotnet lambda deploy getting error - user is not authorized to perform: lambda:GetFunctionConfiguration on resource

 when running, dotnet lambda deploy-function myDotnetFunction It trigger an error with the following message :- user  is not authorized to perform: lambda:GetFunctionConfiguration on resource This is because the current user has no permission on your lambda function.  Try running  aws configure Then you will see what acess_key_id and acess_key used. Configure that this is your access key and has the permission to read and deploy to your lambda.

AWS Cloud Formation Stuck in Review_In_Progress

 This is really hillarious - my cloud formation stuck in review progress. :)  Who would have thought, the execute change set command is stuck in "changeset" tab.   

aws codepipline - creating s3 bucket using cloudformation

Image
 In this setup we are going to create a simple code pipeline that gets code from codecommit and then build it with codebuild. Finally it uses codepipeline to create/update a s3 via cloudformation.  Here are the steps: 1. check in your code  2. create a codebuild to get your app build - yes although it is just a simple command 3. create a codepipeline that combine everything Source  You can get the source from here. https://github.com/mitzenjeremywoo/simple-cloudformation-s3-codepipeline Check this into your codecommit. The build file is ready, so we can just setup codebuild as well. Setting up code build  1. Create a build project call it cfbuild 2. Source provider - AWS code commut  3. Repository - your repository, Branch - master,  4. Operating system - Amazon Linux 5. Buildspec - Choose Use Buildspec  6. Artifact - Amazon S3, Bucket name - choose your bucket name and name of the folder - configure it as cfbuild 7. Artifact packaging - zip ...

AWS Cloudformation - Template format error: At least one Resources member must be defined

Image
This is a very common error that says your cloudformation yaml or json is not in the correct format, for example  This would give you an error: AWSTemplateFormatVersion : 2010-09-09 Description : simple-s3-bucket     s3Bucket :       Type : AWS::S3::Bucket       Properties :         AccessControl : Private         BucketName : mytest         Tags :           - Key : squad             Value : foc When it should be (the resources is added as shown below )  AWSTemplateFormatVersion : 2010-09-09 Description : simple-s3-bucket Resources : <---- This one here     s3Bucket :       Type : AWS::S3::Bucket       Properties :         AccessControl : Private         BucketName : mytest         Tags :          ...

AWS codepipeline - giving DOWNLOAD_SOURCE, Code: CLIENT_ERROR, Message: AccessDenied

Bump into this error while trying to build my app. This is due to permission issue in S3 and often KMS too as they are use hand-in-hand to make the build successful. If you're using a custom location for s3, you will often bump into this error. So to resolve this you need to grant the proper permission for S3 and KMS key (as you will be using a different key for yours s3 bucket when placing the artifact. So there's 2 role to grant  - Code Build role  - Code Pipeline role.  Once you have granted this, then you'll be good to go.  Reference  https://github.com/awslabs/aws-refarch-cross-account-pipeline/issues/5

dotnet maui - setup

I found the following command is really useful for setting net maui.  Install Maui dotnet workload install maui dotnet workload list Install tool to check and install missing component for net maui dotnet tool install -g redth.net.MAUI.check maui-check Creating a net maui project dotnet new maui This is even better than using the Visual studio updater with the modify command to install netmaui  

visual studio 2022 - unable to find net maui project

After upgrading visual studio 2022, i still didn't get the Net Maui template and to resolve this i have to issue the following command :-  dotnet new install Microsoft.Maui.Templates

aws codebuild spec file reference

 To get access the spec file references. https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec-ref-syntax

apollo graphql generating schema from subgraph and running the instance locallly

Image
As supergraph consist of subgraphs, we need to generate a schema so router would know what query/mutation requests should be directed to which subgraph. Once you have the schema out, you run a different command to host this supergraph. 1. Generate Schema You can use the following command to generate supergraph schema The yaml file below called supergraph.yaml contains information about your subgraph and they have to be running before you can do this schema discovery.  Then it outputs supergraph.graphql.  rover supergraph compose --config ./supergraph.yaml --output supergraph.graphql federation_version : =2.5.0 subgraphs :   review-service :     routing_url : http://localhost:4002     schema :       subgraph_url : http://localhost:4002   location-service :     routing_url : http://localhost:4001     schema :       subgraph_url : http://localhost:4001 And the supergraph.graphql looks something like t...

microsoft azure build agent - powershell 11.0 vs 10.4 breaking changes

Image
Recently our build pipeline using microsoft build agents - bump into some issues with running powershell scripts and getting error like " PowerShell The term is not recognized as cmdlet function ". To add salt to the wounds there error message is really confusing - AzureRM and Az Powershell are installed side by side.  In actual fact, the powershell has been upgrade from 10 to 11 and there's changes to the command here.  Anyways to fix this issue, you have to change your script to version 11 or try to install 10 to the build agent.

infinispan client sdk - hotrod

  Just in case you're looking for a client to connect to infnispan, you can try out the following link https://infinispan.org/hotrod-clients They have Java, C++, Net, Javascript and Python!  Awesome stuff! 

apollo graphql subscription basic setup and tutorial

 The documentation for setting apollo graphql is all over the place and hard to get it to work.  The best place is to get sample code from their example repo here or you can try out my repo here. Or you can have alook at a very simple and basic example here https://github.com/mitzenjeremywoo/supergraph-apollo-example-basic

graphql apollo how to enable express middileware

 You can follow the guide here: https://www.apollographql.com/docs/apollo-server/api/express-middleware/

express - proper way to import into es

The correct and ideal way to import would be this (remain compatibility in terms of coding)   import express from "express" ; const app = express ()

apollo graphql subscriptions - check if server is up and running

We can use the following to check if the server is up and running: npx diagnose-endpoint@1.1.0 --endpoint=ws://localhost:4002/  

graphql mutation getting started

  Defining the mutation  type Mutation { addBook(title: String, author: String): Book } Mutation graphql execution For executing the graphql as a clien you can use this. And the expected response is title, author's name as shown below mutation CreateBook { addBook(title: "Fox in Socks", author: "Dr. Seuss") { title author { name } } } Defining interface interface MutationResponse { code: String! success: Boolean! message: String! book: Book } Sample code can be found here. https://github.com/mitzenjeremywoo/graphql-review-ts

docker how to authenticate to azure container registry (acr)

  az login az acr login --name acr-name-in-azure Then try to use docker to pull those images

webpack Failed to load 'webpack.config.js' config

Image
  Getting this error while doing my local build  [webpack-cli] Failed to load 'webpack.config.js' config [webpack-cli] ReferenceError: require is not defined in ES module scope, you can use import instead This file is being treated as an ES module because it has a '.js' file extension and 'package.json' contains "type": "module". To treat it as a CommonJS script, rename it to use the '.cjs' file extension. And the reason is that i configure my package.json to type: module - which webpack doesn't like. To resolve this (careful as you might end up breaking your code), i remove it as i intended to use webpack to do hardwork of bundling application for me. Having type = module in package.json mean you can use import  to reference external libraries as oppose to using required (Commonjs). https://nodejs.org/docs/latest-v21.x/api/esm.html#esm_enabling Apparently webpack don't like it.

webpack - webpack.config.js - import path from "path"; ^^^^^^ SyntaxError: Cannot use import statement outside a module

 I was trying different ways to exclude node_modules / external libraries from being include / packaged together in my dist folder. So i tried out this settings  webpack.config.js  import path from "path" ; import { Configuration } from "webpack" ; const config : Configuration = {   entry : "./src/index.ts" , To resolve this error, I had to go back to the good old webpack.config.js that look something like this const path = require ( 'path' ); var nodeExternals = require ( 'webpack-node-externals' ); module . exports = {   entry : './src/index.ts' ,   target : 'node' , // use require() & use NodeJs CommonJS style   externals : [ nodeExternals ()], // in order to ignore all modules in node_modules folder   externalsPresets : {       node : true // in order to ignore built-in modules like path, fs, etc.   },   module : {     rules : [       {        ...

webpack - typescript emit no output

Image
  While working my code, bump into this error and webpack was complaining typescript emit no error And i found that there's a setting in my tsconfig.json that says this -> noEmit: true.  {     "compilerOptions" : {         "outDir" : "./dist/" ,       "noImplicitAny" : true ,       "target" : "ESNext" ,       "module" : "ESNext" ,       "noEmit" : true ,       "esModuleInterop" : true ,       "moduleResolution" : "node" ,       "allowJs" : true ,       "allowSyntheticDefaultImports" : true ,     },     "exclude" : [ "node_modules" ],     "include" : [ "src/**/*" ],   } After removing that, webpack was able to work well.

typescript: Cannot find module 'undici-types'. Did you mean to set the 'moduleResolution' option to 'nodenext', or to ad aliases to the 'paths' option?

  Bump into this error when i compile my code using typscript - tsc in the command line. And the indici type is totally irrelevant to what i was doing As stated in the error, all i need to set my moduleResolution in tsconfig.json {     "compilerOptions" : {       "outDir" : "./dist/" ,       "noImplicitAny" : true ,       "module" : "ESNext" ,       "target" : "ESNext" ,       "jsx" : "react" ,       "allowJs" : true ,       "moduleResolution" : "node" , // <----- here       "allowSyntheticDefaultImports" : true ,       "esModuleInterop" : true ,     },     "include" : [ "src/**/*" ],     "exclude" : [ "node_modules" ]   }

git error with permission denied 403

 Run into this issue and then all I have to do is goto Windows Credential Manager and remove the default user for my git repository check in.   Permission to mitzenjeremywoo/webpack-product.git denied to mitzen. fatal: unable to access 'https://github.com/mitzenjeremywoo/webpack-product.git/': The requested URL returned error: 403

Bicep - use and learn

 You can find some good resources here about bicep. https://learn.microsoft.com/en-us/shows/learn-live/iac-and-bicep/

k8s - liveness probe failure threshold

While troubleshooting production deployment, was ask how many times does k8s hit pod before it gives up. So k8s has a failureThreshold set to 3. So, if a request to probe health 4th times then it will get timeout and deployment fails.  For an pod that is already running but then fail liveness problem, then it falls back to the configure RestartPolicy. As documented here. https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#probe-v1-core

tls host certificate with no subject

Image
  Using openssl to hit a host with certificate that has no subject name will display certificate has expired. For example,  openssl s_client -showcerts -connect no-subject.badssl.com:443 As you can see here, the subject is missing. So you need to scroll down the certificate chain to determine actual issue.

tls - verify error:num=21:unable to verify the first certificate - validating tls certificate for a target host

Image
This command would do    openssl s_client -showcerts -connect incomplete-chain.badssl.com:443 Then you will be able to see there's some issue with the certificate chain Then you get error like:  verify error:num=20:unable to get local issuer certificate verify error:num=21:unable to verify the first certificate --------------------- Sometimes when trying to debug the issue, you need to hit the exact endpoint to get the error, for example if you're using curl  curl -k https://www.myhost.com/api/v1/healthz vs  curl -k https://www.myhost.com The error might come out for endpoint /api/v1/healthz and not the root host.  Rip this command from Stackoverflow and really useful echo "" | openssl s_client -connect www.google.com:443 -prexit 2>/dev/null | sed -n -e '/BEGIN\ CERTIFICATE/,/END\ CERTIFICATE/ p' And i get a chain of certificates as shown below To validate this certificate, goto https://www.geocerts.com/certificate-decoder and then select "Cert...

sonarcode - devops extension source code

 This is the link to the sonarqube azure devops extension source code. https://github.com/SonarSource/sonar-scanner-vsts/tree/master Also worth noting, I found a repository for training there as well https://github.com/SonarSource/sonar-training-examples

rust debugging with gdb

Image
Started playing and debugging one of my sample app, I install gdb and then if you've created a debug version of your app, the you would be able to use the following command  gdb --tui ./nwt www.google.com Then you will see the following screen and the use gdb command to set break point at main.

rust build with release and non-release

 After doing a release build and looking at the size of my application, the following command was able to go from 80M to 13M - which is quite a significant drop. :)   cargo build --release

decrypting chrome tls traffic using wireshark

  You can easily decrypt chrome tls traffic by setting up  SSLKEYLOGFILE   in your environment. Setup instruction can be found here . 

postgres common admin task - from stackoverflow

  Check for locks  How to show all blocked queries. select pid, usename, pg_blocking_pids(pid) as blocked_by, query as blocked_query from pg_stat_activity where cardinality (pg_blocking_pids(pid)) > 0 ; Kill a blocked query by using the below command. SELECT pg_cancel_backend(a.pid), pg_terminate_backend(a.pid); Terminate all blocked queries using it. SELECT pg_cancel_backend(a.pid), pg_terminate_backend(a.pid) FROM ( select pid, usename, pg_blocking_pids(pid) as blocked_by, query as blocked_query from pg_stat_activity where cardinality (pg_blocking_pids(pid)) > 0 ) a check database size -- Database Size SELECT pg_size_pretty(pg_database_size( 'Database Name' )); -- Table Size SELECT pg_size_pretty(pg_relation_size( 'table_name' )); -- table size order by size select table_name, pg_size_pretty(pg_total_relation_size(quote_ident(table_name))), pg_relation_size(quote_ident(table_name)) from in...