DEV Community: oz9un

Developers' Collaborative Playlist

oz9un — Tue, 07 Dec 2021 23:28:31 +0000

My Workflow
- What inspired me
- How I created the workflow?
  - Dealing with Spotify API
  - Issue Handling
  - Random Gifs
  - Updating Contributors
  - Error Handling
Submission Category
Additional Resources/Info
Song Request

**_A drop of musical taste from every contributor..._** **_Welcome to the developer's collaborative playlist._**

My Workflow

What inspired me?

I spend most of my free time with coding and I need fairy of inspiration during these times of intense thinking.

Focusing on the same issue for a long time can be very tiring sometimes. Especially if the target problem doesn't have a single solution.

Every time I feel burnout, I want to take my mind on different adventures. And often the easiest way to start such an adventure is with a 'Shuffle Play' button.

The same algorithm can be written differently by each developer. The developer's code style becomes their signature.

So the question in my mind was:

Coding is an art, so what do artists listen to while performing this art?

I thought it might be a pretty fun and elegant way to answer: creating a developers' collaborative playlist, all automated using GitHub Actions.

How I created the workflow?

If I could, I would like to automate everything in this life. I may never be able to automate dealing with people, but this project has been a good medicine for my automatization addiction.

First I had to overcome some problems before reaching my final goal:

Communication with Spotify API, refreshing OAuth tokens, searching for songs and adding a track to the target playlist...
Evaluating the issues opened by the users and returning an appropriate result. Answering and closing issues.
To make things a little wackier, picking random gifs from various categories and using them.
The name of the developer who opened the issue and their favorite song should be stored as a contributor and written in the README.
Errors, errors and errors.

Solution workflow for problem 1: dealing with Spotify API

Let's be honest, Spotify has pretty good API documentation. But things can get complicated as you get involved.

I didn't want to have a lot of code in this repository I created for GitHub Actions Hackathon and make the situation even more complicated. For this reason, I created a different public repository and kept all the tools I wrote to communicate with the Spotify API in there. Thus, I would be able to effectively use GitHub actions' ability to communicate with a different repository.

My two different repository will communicate like:

The constantly talking kid on the left would represent the repository where I used GitHub Actions and submitted for this Hackathon, while the kid on the right that would just listen and execute the commands would represent the repository where I kept my auxiliary Spotify API functions.

In this scenario, the string itself would of course be GitHub Actions.

Solution workflow for problem 2: issues, issues...

In order for the developers to make a song request, they should open an issue with the title 'song request' and the body of the issue should have a text in - format.

Thus, it was necessary to correctly evaluate the issues opened by the users and to produce the necessary actions accordingly.

In this process, I explored the unlimited features of GitHub Actions and had to use many features from if-checks to environment variables.

Solution workflow for problem 3: random wacky gifs

Generating random gifs was very useful in two ways:

Responses to issues opened by developers would be more fun and varied.
There couldn't have been a better opportunity for me to learn about environment variables and cross-jobs data sharing.

Therefore I did it. do i regret it? No. Was that wacky? Maybe.

Solution workflow for problem 4: contributors

It was a good idea to view the songs added by each user. Until you try to code it.

GitHub Actions does not keep any persistent data by nature. So I had to overcome this nature and keep contributors' information:

I created files for every single contributor. Each time a new song was added, these files and the README_template would be concatenated and a new README file would be created. At this point, I used the code push feature to the target repository, which is readily available in the GitHub Actions marketplace.

Solution workflow for problem 5: error handling

If the input of the developed tool is controlled by the users, errors are inevitable.

In this scenario, developers are expected to adhere to certain formats when requesting songs. For this reason, all wrong entries need to be handled properly.

For example, in case of a wrong issue title or when the searched song is not found, an appropriate answer should be returned and the developer should be informed.

I will continue to improve this part after the contest ends. For example, now the same song can be added to the playlist multiple times. While I initially thought this was logical because popular songs were included more, I think it should be fixed in the future. I'm also considering making a custom super cool website reserved for my lovely contributors 🤩

I can say that most of the time of the project I developed was spent managing the inputs. I think user experience is very important at this point. Also a big kudos to everyone who has added their favorite songs on the GitHub repository and gave a feedback to me, thus contributing to an open source project!

Frankly, without GitHub Actions, this project would not have been easy to realize and popularize among developers.

In this process, I also had the opportunity to explore and use many ready-made works in the GitHub Actions market:

actions/checkout@v2 💖
actions/download-artifact@v1 💖
actions/github-script@v5 💖
peter-evans/close-issue@v1 💖
actions/upload-artifact@v1 💖
actions/setup-python@v2 💖
ad-m/github-push-action@master 💖

Submission Category:

Wacky Wildcards

Yaml File or Link to Code

Here is the repository:

oz9un / Developers-Playlist

A drop of musical taste from every contributor... Welcome to the developer's collaborative playlist.

Developers' Playlist \(📀_💿)/

A drop of musical taste from every contributor... Welcome to the developers' collaborative playlist.

Playlist link: Developers' Collaborative Playlist

Description🤖:

The same algorithm can be written differently by each developer. The developer's code style becomes their signature.

Coding is an art, so what do artists listen to while performing this art?

The Developer's Playlist analyzes opened issues on this repository using GitHub Actions and collects developers' favorite songs into a collaborative playlist.

Usage📖:

Open an issue with title 'song request' (⚠ 'Song request' and 'Song Request' also works right now.⚠)
Write your favorite track to issue's body in format: "artist-song". (⚠ If there is a dash "-" in the artist or song title, please use space instead for now. ⚠)
Wait for the Github Action Bot's response
Enjoy the developers' collaborative playlist!
You can also keep track of who added which songs by checking out the…

View on GitHub

You can also view the YAML file: devs_playlist_action.yaml

Additional Resources / Info

GitHub Actions Workflow:

Developers:
1- oz9un

oz9unFollow

Im sure that we are living in a simulation.

2- 1
3- 2

About the cover image:
Cover image is created with AI. Only using the text: "Developers Playlist"

It's the song request time!

Let's open an issue with your favorite song and enjoy the Developers' Favorite Playlist!

Playlist: [Spotify Link](https://open.spotify.com/playlist/5iI16F6SXezeIcxFFTsXWb)

Creating openssl.conf for Windows

oz9un — Tue, 02 Nov 2021 05:14:07 +0000

In this chapter, I will explain how to create openssl.conf file with the way that Windows can process it.

Parts to be changed in the default openssl.conf:

For creating a default openssl.conf, Jamie's amazing article would be a good start point.

There are many differences between original Windows certificates and those created with using OpenSSL on Linux:

Difference 1 → Issuer:

Issuer is one of the most important field in the certificates. This must be interpreted correctly in order to make Windows accept our handcrafted certificate.

Difference between certificate created with default openssl.conf and original Windows certificate:

Solution for Difference 1:

In this part, we define the section for the req command.

We can edit default_bits, default_md parts. But most importantly, we can change how to form the DN with editing the req_distinguished_name section.

Default [ req ] part would be similar to:



[ req ]

default_bits = 2048
distinguished_name = req_distinguished_name
string_mask = utf8only
default_md = sha256
x509_extensions = v3_ca

Corresponding default [ req_distinguished_name ] :



[ req_distinguished_name ]
# See <https://en.wikipedia.org/wiki/Certificate_signing_request>.
countryName                     = Country Name (2 letter code)
stateOrProvinceName             = State or Province Name
localityName                    = Locality Name
0.organizationName              = Organization Name
organizationalUnitName          = Organizational Unit Name
commonName                      = Common Name
emailAddress                    = Email Address

As you can see, there are lots of fields like countryName, stateOrProvinceName, localityName...

This is why we see lots of information in the 'Issuer' field of the certificates created with OpenSSL.

Edited [ req_distinguished_name ] should be similar to:



[ req_distinguished_name ]

1.DC = com
0.DC = company
DC = subdomain
commonName = Common Name

And user should type in that order:

As a result, we successfully created a valid issuer:

Difference 2 → Missing Fields:

Two fields, "Certificate Template Name" and "CA Version", are not available on the certificate that created with OpenSSL on Linux.

It is hard to know about which fields are precisely checked when tricking Windows to accept your handcrafted OpenSSL certificate, but I think it is a good practice to make your certificate look exactly like the original one.

Solution for Difference 2:

Firstly, define OID's at the top of our openssl.conf file:



oid_section = OIDs

[ OIDs ]

certificateTemplateName = 1.3.6.1.4.1.311.20.2
caVersion = 1.3.6.1.4.1.311.21.1

We can skip the definition of the OID's and use the OID directly, of course. But defining them first and using them as variables would be a good practice.

Secondly, create a new requirement in [ reg ], let's say v3_req :



[ req ]

default_bits = 2048
distinguished_name = req_distinguished_name
string_mask = default
default_md = sha256
x509_extensions = v3_ca
req_extensions = v3_req

Lastly, define [ v3_req ] :



[ v3_req ]

subjectKeyIdentifier = hash
basicConstraints = critical, CA:true
keyUsage = digitalSignature, cRLSign, keyCertSign
certificateTemplateName = ASN1:PRINTABLESTRING:CA
caVersion = ASN1:INTEGER:0

After that, you should create your certificate with the following parameter:



-extensions v3_req

As a result, we successfully created our certificate fields:

Final:

We have successfully created our openssl.conf!
You can view the whole openssl.conf file from: GitHub Gist

SysmonForLinux - Logging File Create Events

oz9un — Thu, 21 Oct 2021 05:33:41 +0000

In this article, I will explain how to use SysmonForLinux and how to create specific configurations to keep track of file creation events.

For further information about events and configuration options; you can visit my github repository: oz9un

Sysmon in a nutshell:

Sysmon (System Monitor) is a Windows system service that logs system activity to the Windows event log. Now, it is available for Linux too!

It was developed by Microsoft as an open source project. Even though it is doubtful to see such a contribution, I am very glad about it 🤭

File Create event:

As its name suggests, this event detects when a file is created on Linux systems.

This event can be especially useful when tracking auto-startup folders and folders where everyone has a permission to create files. Because most of the time, they are the main targets of malicious users 👹.

A normal file creation event log would looks like this:

Configuring File Create event:

By default, SysmonForLinux logs every file creation events. But we are talking about Linux. Even if you connect to a server via SSH; that results in the creation of many tmp files.

As a result, you can guess how chaotic the log file has become. This is why we don't want to log everything, especially in case of file creation event.

File Create event has 7 different description fields that we can use as filters:

You can view all description fields for each event on my github page!

When creating a configuration file (xml) for SysmonForLinux, we can use this fields as a filter.

Example scenario:

Suppose you want to keep log of the every file creation event with the following properties:

File should be created in /tmp or under /home/secret folder.
File should be created in October 2021.
File shouldn't be created with /usr/sbin/cups-browsed daemon (This printer daemon uses /tmp file quite often).

Desired configuration file should looks like that:

<!-- Event ID 11 == FileCreate. Log what we want! -->
<RuleGroup name="" groupRelation="and">
  <FileCreate onmatch="include">
    <TargetFilename condition="contains any">/home/secret/;/tmp/</TargetFilename>
    <UtcTime condition="contains">2021-10</UtcTime>
  </FileCreate>

  <FileCreate onmatch="exclude">
    <Image condition="is">/usr/sbin/cups-browsed</Image>
  </FileCreate>
</RuleGroup>

You can view the whole configuration file from: Example Scenario

Results:

To view sysmon's log file:

tail -f /var/log/syslog | sudo /opt/sysmon/sysmonLogView -X

Output:

As you can see, we successfully created a configuration file according to our properties and caught some malicious events already!

End & Contact:

This is at the end of my first post about SysmonForLinux. I plan to write much more on this subject as I find time. I would be very happy if you can give a feedback. Stay in touch!

Github: https://github.com/oz9un
Twitter: https://twitter.com/oz9un

Liman ile LAPS Yönetimi

oz9un — Tue, 19 Oct 2021 05:13:58 +0000

Yerel yöneticilerin parolalarını kolayca yönetmemizi sağlayan LAPS, artık Domain eklentisi aracılığı ile Liman üzerinde de kullanılabilmektedir.

Kullanım senaryosu:

LAPS'ın kurulu olduğu 'WINSERVDC' adında bir Windows DC'miz olduğunu ve bu sunucuyu Liman'a Domain eklentisi ile beraber eklediğimizi varsayalım:
WINSERVDC sunucumuz içerisinde LAPS'ın yüklü olduğu istemcilerimizi ise 'LAPS-CLIENTS' OU altında toplamış olalım:
Artık Domain eklentisinin arayüzünden yönetmek istediğimiz istemcinin üzerine sağ tıklayarak seçenekleri açabilir ve 'LAPS Yönetim' ekranına erişebiliriz:
Açılan 'LAPS Yönetim' ekranında kullanıcının karşısına 3 temel bilgi gelmektedir:
- Parola
- Parolanın yenilenme tarihi
- Parolanın güncellenmiş yenilenme tarihi

Yönetici yetkilerine sahip kullanıcı WINSERVDC Domain Controller'ı üzerinde 'LAPS Yönetim' ekranına erişerek istediği istemcinin 'Parola yenilenme tarihi'ni güncelleyebilmektedir.

Parola yenilenme tarihi 'Change expiration time' butonu aracılığı ile tarih ve saat olarak ayarlanabilmektedir:

Son adımda yönetici yeni tarih ve saat değerini kaydederek hedef istemcideki parolanın yenilenme tarihini güncelleyebilir:

Kaydedildikten sonra:

LAPS Parola yenilenme tarihi başarıyla güncellendi. Artık 18/10/2021 08:03 tarihinden sonra istemci üzerinde tetiklenecek bir gpupdate event'i sonucunda istemci yeni bir parola üretecek ve bu bilgiyi WINSERVDC ile paylaşacaktır. Biz de LAPS Yönetim ekranı üzerinde bu bilginin güncellendiğini görmüş olacağız.

DEV Community: oz9un

Developers' Collaborative Playlist

Table of Contents

My Workflow

What inspired me?

How I created the workflow?

Solution workflow for problem 1: dealing with Spotify API

Solution workflow for problem 2: issues, issues...

Solution workflow for problem 3: random wacky gifs

Solution workflow for problem 4: contributors

Solution workflow for problem 5: error handling

Submission Category:

Yaml File or Link to Code

oz9un / Developers-Playlist

A drop of musical taste from every contributor... Welcome to the developer's collaborative playlist.

Developers' Playlist \(📀_💿)/

Description🤖:

Coding is an art, so what do artists listen to while performing this art?

Usage📖:

Additional Resources / Info

oz9unFollow

It's the song request time!

Creating openssl.conf for Windows

Parts to be changed in the default openssl.conf:

Difference 1 → Issuer:

Solution for Difference 1:

Difference 2 → Missing Fields:

Solution for Difference 2:

Final:

SysmonForLinux - Logging File Create Events

Sysmon in a nutshell:

File Create event:

Configuring File Create event:

Example scenario:

Results:

End & Contact:

Liman ile LAPS Yönetimi

Kullanım senaryosu: