DEV Community: Arash Hatami The latest articles on DEV Community by Arash Hatami (@hatamiarash7). https://dev.to/hatamiarash7 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F285929%2F87a859af-e945-4763-95e0-d95aa8b267b4.jpg DEV Community: Arash Hatami https://dev.to/hatamiarash7 en 4 common reasons cron jobs fail Arash Hatami Tue, 15 Mar 2022 09:36:02 +0000 https://dev.to/hatamiarash7/4-common-reasons-cron-jobs-fail-5hjp https://dev.to/hatamiarash7/4-common-reasons-cron-jobs-fail-5hjp <p>Cron job failures create chaos for your users and your team. These 4 problems emerged as the most likely causes of preventable job failures:</p> <h3> 1. System resources have been depleted </h3> <p>Without careful cleanup and log rotation, system resources like disk space can be consumed slowly over months or years before leading to job failures. By carefully cleaning up any files your cron job creates and using a tool like logrotate to automatically prune log files you can prevent disk space related failures.</p> <p>Other resource problems, especially when running cron jobs in a virtual machine, are limits to the number of open file descriptors, threads, and memory usage. You can view limits on your system by running ulimit -a as the cron user.</p> <h3> 2. Recent infrastructure updates were made </h3> <p>When developers are making changes to database connections or upstream APIs it's easy to overlook cron jobs, especially when they're running on a separate host. It can help if cron jobs are deployed like the rest of your app and are included in post-release verification steps.</p> <h3> 3. Your dataset has grown too large </h3> <p>Cron jobs are often used for batch processing, event sourcing and other data intensive tasks that can reveal the constraints of your stack. Jobs may work fine until your data size grows to a point where a bottleneck is reached.</p> <p>Optimizing database queries and API calls is the right place to start, and depending on the job, running it more frequently may be effective by reducing the data processed each time it runs.</p> <h3> 4. Cron job invocations begin to overlap </h3> <p>Cron will run your command at the scheduled time even if the last invocation is still running, or even if the last 10 are. If your job invocations are close to overlapping, consider spacing them out further or adding a tool like flock to ensure only 1 instance is running.</p> cron schedule How to launch Jekyll project in VS Code Arash Hatami Sun, 12 Dec 2021 12:56:20 +0000 https://dev.to/hatamiarash7/how-to-launch-jekyll-project-in-vs-code-54hi https://dev.to/hatamiarash7/how-to-launch-jekyll-project-in-vs-code-54hi <p>There is many extensions and multiple ways to run/launch/debug a project using a simple F5 key! I always developed web projects with Jetbrains PHPStorm, But last week I had to do this with VSCode and the first thing I encountered was the simple execution of the Jekyll project. </p> <p>You can simply run the whole project with this command :<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>bundle <span class="nb">exec </span>Jekyll serve </code></pre> </div> <p>But how can we execute this command with the F5 key? This is where it gets a little annoying. VSCode can debug projects when a supported extension installed and the problem is that Jekyll extensions can not run/debug project.</p> <p>With a little effort and testing different ways, I found the best way to do that. We can combine <strong>Task</strong> and <strong>Launch configuration</strong>.</p> <p>1- Create <code>tasks.json</code> in <code>.vscode</code> folder like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"version"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2.0.0"</span><span class="p">,</span><span class="w"> </span><span class="nl">"tasks"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"label"</span><span class="p">:</span><span class="w"> </span><span class="s2">"jekyll"</span><span class="p">,</span><span class="w"> </span><span class="nl">"command"</span><span class="p">:</span><span class="w"> </span><span class="s2">"bundle exec jekyll serve"</span><span class="p">,</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"shell"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>This task will run the command for us.</p> <p>2- Create <code>launch.json</code> file like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"version"</span><span class="p">:</span><span class="w"> </span><span class="s2">"0.2.0"</span><span class="p">,</span><span class="w"> </span><span class="nl">"configurations"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"firefox"</span><span class="p">,</span><span class="w"> </span><span class="nl">"request"</span><span class="p">:</span><span class="w"> </span><span class="s2">"attach"</span><span class="p">,</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Attach"</span><span class="p">,</span><span class="w"> </span><span class="nl">"preLaunchTask"</span><span class="p">:</span><span class="w"> </span><span class="s2">"jekyll"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>We use Firefox launch configuration to open our browser, and also run a <code>preLaunchTask</code> before that! </p> <p>Now you debug your project and open Firefox automatically by press the lovely F5 key 🤩</p> jekyll vscode webdev tutorial Scan Docker images using Trivy Arash Hatami Wed, 01 Dec 2021 14:22:50 +0000 https://dev.to/hatamiarash7/scan-docker-images-using-trivy-2b2i https://dev.to/hatamiarash7/scan-docker-images-using-trivy-2b2i <h3> My Workflow </h3> <p>Docker is currently one of the main tools in the DevOps domain. You may be dealing with multiple Docker Images every day. Certainly.<br> In the past, I used to create and publish Docker Images manually on my own PC, Now with Github Actions, my affairs are very fast and easy and I leave everything to Github.</p> <p>For example look at <a href="https://github.com/hatamiarash7/Memcached-Admin" rel="noopener noreferrer">my repository (Memcached-Admin)</a>. It's a Dockerized PHP web application to manage Memcached server(s). I should pass these steps to use this project :</p> <ul> <li>Build Image</li> <li>Check and scan security vulnerabilities</li> <li>Push to Dockerhub</li> <li>Push to Other Docker registries</li> </ul> <p>Doing these things normally will waste my time, also after planning the necessary things to build the image, it's necessary to ensure their security and the absence of security bugs. Here we have one of the best tools ... <a href="https://www.aquasec.com/products/trivy/" rel="noopener noreferrer">Trivy</a> 💪. A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts, Suitable for CI.</p> <p>Thanks to Github Action, now we can have all things together.</p> <p>I wrote simple workflows to handle the whole process.</p> <div class="ltag-github-readme-tag"> <div class="readme-overview"> <h2> <img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev.to%2Fassets%2Fgithub-logo-5a155e1f9a670af7944dd5e12375bc76ed542ea80224905ecaf878b9157cdefc.svg" alt="GitHub logo"> <a href="https://github.com/hatamiarash7" rel="noopener noreferrer"> hatamiarash7 </a> / <a href="https://github.com/hatamiarash7/Memcached-Admin" rel="noopener noreferrer"> Memcached-Admin </a> </h2> <h3> Memcached admin for docker </h3> </div> <div class="ltag-github-body"> <div id="readme" class="md"> <div class="markdown-heading"> <h1 class="heading-element">Memcached Admin</h1> </div> <p><a rel="noopener noreferrer nofollow" href="https://camo.githubusercontent.com/994eb38a34023d6ba11a3e0b2e112473308918f8c1f35042a48a68bbe46ad789/68747470733a2f2f696d672e736869656c64732e696f2f646f636b65722f696d6167652d73697a652f686174616d696172617368372f6d656d6361636865642d61646d696e"><img src="https://camo.githubusercontent.com/994eb38a34023d6ba11a3e0b2e112473308918f8c1f35042a48a68bbe46ad789/68747470733a2f2f696d672e736869656c64732e696f2f646f636b65722f696d6167652d73697a652f686174616d696172617368372f6d656d6361636865642d61646d696e" alt="Docker Image Size (latest by date)"></a> <a rel="noopener noreferrer nofollow" href="https://camo.githubusercontent.com/98f0ebd7aa7cbeae821ed4518f7ea6df5a817563c126a4ceea73c384c76e267a/68747470733a2f2f696d672e736869656c64732e696f2f646f636b65722f636c6f75642f6275696c642f686174616d696172617368372f6d656d6361636865642d61646d696e"><img src="https://camo.githubusercontent.com/98f0ebd7aa7cbeae821ed4518f7ea6df5a817563c126a4ceea73c384c76e267a/68747470733a2f2f696d672e736869656c64732e696f2f646f636b65722f636c6f75642f6275696c642f686174616d696172617368372f6d656d6361636865642d61646d696e" alt="Docker Cloud Build Status"></a> <a href="https://github.com/hatamiarash7/Memcached-Admin/actions/workflows/docker-image.yml" rel="noopener noreferrer"><img src="https://github.com/hatamiarash7/Memcached-Admin/actions/workflows/docker-image.yml/badge.svg" alt="Docker Image CI"></a> <a href="https://github.com/hatamiarash7/Memcached-Admin/actions/workflows/docker-publish.yml" rel="noopener noreferrer"><img src="https://github.com/hatamiarash7/Memcached-Admin/actions/workflows/docker-publish.yml/badge.svg" alt="Publish Image"></a></p> <p>This program allows to see in <strong>real-time</strong> (top-like) or from the start of the server, <strong>stats for get, set, delete, increment, decrement, evictions, reclaimed, cas command</strong>, as well as <strong>server stats</strong> (network, items, server version) with google charts and <strong>server internal configuration</strong></p> <p>You can go further to <strong>see each server slabs, occupation, memory wasted and items</strong> (<strong>key &amp; value</strong>).</p> <p>Another part can execute commands to any memcached server : get, set, delete, flush_all, as well as execute any commands (like stats) with telnet</p> <p><a rel="noopener noreferrer" href="https://github.com/hatamiarash7/Memcached-Adminapp.png"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub.com%2Fhatamiarash7%2FMemcached-Adminapp.png" alt="image"></a></p> <div class="markdown-heading"> <h2 class="heading-element">Statistics</h2> </div> <ul> <li>Stats for each or all memcached servers, items, evicted, reclaimed ...</li> <li>Stats for every command : set, get, delete, incr, decr, cas ...</li> <li>Slabs stats (Memory, pages, memory wasted, items)</li> <li>Items stats (View items in slabs, then data for each key)</li> <li>Network stats (Traffic, bandwidth)</li> </ul> <div class="markdown-heading"> <h2 class="heading-element">Commands</h2> </div> <ul> <li>Execute commands : get, set, delete, flush_all on servers to administrate or debug it</li> <li>Get…</li> </ul> </div> </div> <div class="gh-btn-container"><a class="gh-btn" href="https://github.com/hatamiarash7/Memcached-Admin" rel="noopener noreferrer">View on GitHub</a></div> </div> <h3> Submission Category: </h3> <p>Maintainer Must-Haves</p> <h3> Yaml File or Link to Code </h3> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s">Docker Image CI</span> <span class="na">on</span><span class="pi">:</span> <span class="na">push</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">master</span><span class="pi">]</span> <span class="na">pull_request</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">master</span><span class="pi">]</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout code</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v2</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build the Docker image</span> <span class="na">run</span><span class="pi">:</span> <span class="s">docker build -t memcached-admin:${{ github.sha }} .</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Run Trivy vulnerability scanner</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">aquasecurity/trivy-action@master</span> <span class="na">with</span><span class="pi">:</span> <span class="na">image-ref</span><span class="pi">:</span> <span class="s2">"</span><span class="s">memcached-admin:${{</span><span class="nv"> </span><span class="s">github.sha</span><span class="nv"> </span><span class="s">}}"</span> <span class="na">exit-code</span><span class="pi">:</span> <span class="s2">"</span><span class="s">1"</span> <span class="na">ignore-unfixed</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">vuln-type</span><span class="pi">:</span> <span class="s2">"</span><span class="s">os,library"</span> <span class="na">severity</span><span class="pi">:</span> <span class="s2">"</span><span class="s">CRITICAL,HIGH"</span> <span class="na">format</span><span class="pi">:</span> <span class="s2">"</span><span class="s">template"</span> <span class="na">template</span><span class="pi">:</span> <span class="s2">"</span><span class="s">@/contrib/sarif.tpl"</span> <span class="na">output</span><span class="pi">:</span> <span class="s2">"</span><span class="s">trivy-results.sarif"</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Upload Trivy scan results to GitHub Security tab</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">github/codeql-action/upload-sarif@v1</span> <span class="na">with</span><span class="pi">:</span> <span class="na">sarif_file</span><span class="pi">:</span> <span class="s2">"</span><span class="s">trivy-results.sarif"</span> </code></pre> </div> <p>This workflow has 4 simple step:</p> <ul> <li>Checkout my code</li> <li>Build Docker image</li> <li>Scan using Trivy</li> <li>Upload results to <a href="https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/about-code-scanning" rel="noopener noreferrer">GitHub Code scanning</a> </li> </ul> <p>I can see results in <a href="https://github.com/hatamiarash7/Memcached-Admin/security/code-scanning" rel="noopener noreferrer">Security tab</a> of my project:</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcrx4wz8crovwsrjsj7qo.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcrx4wz8crovwsrjsj7qo.png" alt="Security tab code-scanning"></a></p> <p>Now i can push my image to Dockerhub using another workflow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s">Publish Dockerhub</span> <span class="na">on</span><span class="pi">:</span> <span class="na">schedule</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">cron</span><span class="pi">:</span> <span class="s2">"</span><span class="s">0</span><span class="nv"> </span><span class="s">2</span><span class="nv"> </span><span class="s">*</span><span class="nv"> </span><span class="s">*</span><span class="nv"> </span><span class="s">*"</span> <span class="na">push</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">master</span><span class="pi">]</span> <span class="na">pull_request</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">master</span><span class="pi">]</span> <span class="na">env</span><span class="pi">:</span> <span class="na">REGISTRY</span><span class="pi">:</span> <span class="s">docker.io</span> <span class="na">IMAGE_NAME</span><span class="pi">:</span> <span class="s">hatamiarash7/memcached-admin</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">permissions</span><span class="pi">:</span> <span class="na">contents</span><span class="pi">:</span> <span class="s">read</span> <span class="na">packages</span><span class="pi">:</span> <span class="s">write</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout repository</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v2</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Log into registry ${{ env.REGISTRY }}</span> <span class="na">if</span><span class="pi">:</span> <span class="s">github.event_name != 'pull_request'</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c</span> <span class="na">with</span><span class="pi">:</span> <span class="na">registry</span><span class="pi">:</span> <span class="s">${{ env.REGISTRY }}</span> <span class="na">username</span><span class="pi">:</span> <span class="s">${{ github.actor }}</span> <span class="na">password</span><span class="pi">:</span> <span class="s">${{ secrets.DOCKERHUB_TOKEN }}</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Extract Docker metadata</span> <span class="na">id</span><span class="pi">:</span> <span class="s">meta</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38</span> <span class="na">with</span><span class="pi">:</span> <span class="na">images</span><span class="pi">:</span> <span class="s">${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build and push Docker image</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc</span> <span class="na">with</span><span class="pi">:</span> <span class="na">context</span><span class="pi">:</span> <span class="s">.</span> <span class="na">push</span><span class="pi">:</span> <span class="s">${{ github.event_name != 'pull_request' }}</span> <span class="na">tags</span><span class="pi">:</span> <span class="s">${{ steps.meta.outputs.tags }}</span> <span class="na">labels</span><span class="pi">:</span> <span class="s">${{ steps.meta.outputs.labels }}</span> </code></pre> </div> <p>Another amazing feature about Github Action is that I can schedule to run my workflow. For example push image at 02:00 every day:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">...</span> <span class="na">on</span><span class="pi">:</span> <span class="na">schedule</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">cron</span><span class="pi">:</span> <span class="s2">"</span><span class="s">0</span><span class="nv"> </span><span class="s">2</span><span class="nv"> </span><span class="s">*</span><span class="nv"> </span><span class="s">*</span><span class="nv"> </span><span class="s">*"</span> <span class="nn">...</span> </code></pre> </div> <p>Now everything will be done automatically and I just need to push the changes to the repository 😍</p> <h3> Additional Resources / Info </h3> <p>I used this action: <a href="https://github.com/aquasecurity/trivy-action" rel="noopener noreferrer">aquasecurity/trivy-action</a></p> docker actionshackathon21 github devops