Forem: Yubraj Ghimire

E-day: A festival of knowledge sharing & caring

Yubraj Ghimire — Thu, 24 Sep 2020 15:33:27 +0000

In our daily 9-6 jobs, we hardly get a chance to pop out of our regular duties and spread our wings into something interesting to expand our knowledge spectrum, not getting a chance to try out some silly crazy things might also lead to experience monotonous feeling from the work. I think it is important to try out new things from time to time to get energize and live up to the spirit. E-day came to us to kill our boredom if there is any, to spread the knowledge, to build up the bonding, to grow the network, and of course to enjoy a fine day with great people.

E-day is a festival which occurs every last Friday of a month here at Etribes, it is a day where members of Etribes can leverage their knowledge by actively participating in different workshops, every speaker prepares something on some concrete topic with defined agenda and conducts the workshop, this way, the speaker can also build up their presenting skills. This day is solely supported by Etribes to develop one's skills and polish the rough edges.

Apart from developing the skills, E-day being a platform, gives an opportunity to build up team spirit, to open up an idea, and to be bold. I usually compare E-day with Christmas 🎅 It is very common here at Etribes that we don't see our colleagues on a regular basis since we are highly client-centric and we do find ourselves at the client's station more often. But E-day is a day where all Etribes family members come back to Office and celebrate it together just like at Christmas.

It is a tradition at Etribes that E-day always ends up with some surprises, a big shout-out to our E-day Squad Team, they always find a way to surprise the members; Ballon Football, Bowling, Beer & Barbecue, Beach Volleyball (lots of B... 🤩). As I am writing this article, our E-day Squad Team is on preparation to execute a very fine E-day #20 tomorrow, since it's the last Friday of the month Septemeber 😁.

During this E-day journey, lots of interesting workshops took place on a series of different issues and themes. The participants got a very fantastic opportunity to collect vast varieties of knowledge & experiences. As I recall, I am seriously impressed by the following sessions which I have found very much interesting and had lots of things to offer as a takeaway.

# How to: Personal Branding by Nils & Michel

The biggest takeaway I had from this session is that no matter how deep is your message, it doesn't get spread far away if you don't have a proper mass of audience. After getting some inspiration, I also started expanding my connections pretty seriously especially on LinkedIn so that I would have much more interactions with the people and much more exchange of ideas and opinions. I couldn't attend this session personally since all seats were already taken before I could register 🙈 but still, I was able to watch it in our Knowledge Base. We try to record the session so that interested people can always get benefited from it anytime anywhere.

# Open Fuck up Session by Roger & David

The biggest highlight of this session was that it conveyed the message that it's all right to talk about your mistakes, your failures, the wrong turn you took, and its consequences. There is no shame in sharing the experiences of bad moments because every single bad moment teaches us something to do in the right way next time. I recall the line by Thomas A. Edison - "I have not failed. I've just found 10,000 ways that won't work."

# Healthy Meal Prep by Melanie

This session was a very good example that how vibrant the E-day is, it doesn't always have to be techy or business-oriented, it also can be something which is directly affecting our living style. A truly simplest session, at the same time, conveying a great message, with a tiny bit of effort you definitely can save your health as well as money.

# Buzzword Clean Up by Benny

This session was one of the most interactive sessions I have ever had in this E-day Journey. It was truly successful in bringing tech-oriented as well as business-oriented people together and helping them interacting and exchanging the knowledge with the help of the Buzzword Jeopardy game. It was really fun playing this game and gaining some knowledge of various random buzzwords.

E-day being a part of Etribes, it is also growing as we are growing, the level of interactions and the intensity of message is increasing as the family member of Etribes is increasing. I sincerely would like to thank Etribes for bringing this culture and keeping it alive no matter what.

I would be glad to know if you folks also have this kind of culture or knowledge sharing program at your working station, please do share. Cheers.

What's up with Monolithic and Microservices Architecture

Yubraj Ghimire — Tue, 25 Aug 2020 20:41:51 +0000

Monolithic Architecture

The literal meaning of Monolith is something huge, like a single giant stone. In the same way, the Monolithic architecture is the traditional unified model for the software development where the application is single-tiered in which the user interface and data access code are combined into a single program from a single platform.

The monolithic application can be also comprised of a series of components within a single platform such as User Authorization, Presentation View, Business Module, Persistence Layer, Integration Layer, etc. This application is designed to be self-contained and the modules are highly interconnected and interdependent, since the existence of tightly coupled components, it also requires all the components functioning for the whole program to be executed properly.

Monolithic Approach for E-Commerce Application (for checkout service)

The diagram below shows a very simple monolithic architecture for the E-Commerce application where Application UI represents the store web view. Similarly, it also consists of few services such as Address, Payment, and Order serving for the checkout process by using the same database. It might be possible that the services are modular and independent from each other but still, they must work together to fulfill the complete checkout process. And if something goes wrong with any of those single modules it might be possible that the whole system goes down.

When does Monolithic Architecture make sense?

Simple to build - If the application you are building is simple, and everything is in the same language and framework.
Simple to test - If you want to test your application quickly without any hassles just by launching some testing tools.
Simple to deploy - If you have seldomly new features which will require to trigger the release of the whole application.

When does Monolithic Architecture pain?

Difficult to maintain - If the Application gets too large and takes a long time to make changes or to understand the flow.
Less reliable - If the release of new features gets increases, most likely the occurrence of the bugs also increases which could also bring down the whole application.
Challenge to scale - If the system reaches a certain size, compiling, testing, deploying, etc. gets too expensive to maintain a decent uptime. And even scaling from the manpower point of view is difficult since it arises lots of conflicts while working together because of tightly coupled software architecture.
No partial deployment - If you have frequent feature update then it leads to redeploy the entire application since the partial deployment of the module is not possible in this architecture.

Microservices Architecture

A variant of service-oriented architecture where the application is designed as a set of small services. It is composed of loosely coupled elements that have dedicated and bounded contexts and also has a well-defined interface to communicate with other services. Flexibility, scalability, and simplicity are few takeaways from this architecture which helps software developers to build complex applications. Netflix, eBay, Spotify, Amazon, Uber are some of the world-renowned companies that are truly benefiting from this architecture.

Unlike in the monolithic approach where the whole unit is connected with a single database, one can truly comfort from using a dedicated database for every single service to make it independent in a microservices architecture. Having a database per service is essential to make sure that the service is loosely coupled. The Flexibility of choosing the right tech stack as well as the right type of database for every single service is always there.

Microservices Approach for E-Commerce Application (for checkout service)

The approach below shows the simple implementation of Microservices Architecture for the checkout process in the E-Commerce application. Each service responsible for checkout process are dependent and loosely coupled, have their database, and served the service to the Application whenever it is requested. The failure of a single service will only stop serving the content from that service but it won't pull down the whole system to the ground and that's the key beauty of this architecture.

What to gain from Microservices Architecture?

Highly scalable - Every single service can be scaled separately as per the requirements. And also the resources can be used more wisely if the scaling of the service demands more manpower.
Productivity - This approach will allow the team members to work independently on the same project without much need of coordination and it is a better way for large teams. Decision making is quite easier for the team members since they are working decentralized based on the service and they could also choose the right tech stack for that service.
Reliability - The failure of one microservice affects only one part where the client is using it which means it won't affect the overall performance of the software. And this is not the case in the monolithic approach.
Deployment - This approach requires more effort for the deployment since one needs to deploys each service independently but the bright side is, the development team can always deploy their service at their convenience without doing much coordination with other teams. And if something goes wrong, it is much easier to rollback one small microservice than the entire app in the monolithic approach.
Agility - Agility is a way to go. Microservices architecture allows a large team to get split into several smaller teams handling dedicated responsibilities for separate service which ultimately provides the possibility to work more efficiently by working in a short iterative development cycle.

What are the challenges with Microservices Architecture?

High complexity - Being the existence of the several services that function independently requires the proper setup of communication channels that needed to be set to communicate between different modules and with the increment of services, this setup could get complicated to handle.
Complex testing - Unlike, in the monolithic approach where all modules exist in the same unit, microservices have distributed applications where testing gets complicated since it requires lots of configurations to test between different modules.
More time & effort - Since every single service is equipped with its database in microservices approach which requires better transaction management. Each independent unit has to be separately deployed and monitored which means the team has to put more time and effort into monitoring and preparing each service for the deployment.
Cost - Cost factor is tricky and difficult to compare but still microservices architecture doesn't come cheap since it requires dedicated resources for every single service.

When to switch to Microservices Architecture?

If you have a team with diverse knowledge of languages.
If you want to tackle the scalability of every service independently.
If your codebase is huge and difficult to maintain.
If you see that the existing application could be chopped into several clusters to transform into service.
If you have distributed teams in different countries.
If you have some liberal timeline since transforming into microservices requires quite a bit of research and planning.

Are you really using Microservices?

If you think you are truly benefiting from microservices, perhaps the following questions make you think otherwise. 🙈

Are you able to restart your services independently?
Are you able to deploy your services independently?
Does the modification on one service require synchronized modifications of others as well?
Does the collapse of one database bring the whole system down?

Additional resources:

Why transition from monolith to microservices?

Everything you need to know to get started with microservices

Are you sure you are using microservices?

Conclusion

Like the Yin and yang ☯️, nothing in the world is perfect, everyone has their package to carry 😜. Choosing the right architecture for software development truly depends on the necessities and the circumstances. I hope with this article you got a bit about Monolithic Architecture and Microservices Architecture.

If you have any remarks, please feel free to drop the comments, I will be happy to pick it up 😁

Some cool extensions with HTTP Basic Authentication

Yubraj Ghimire — Wed, 08 Jul 2020 16:03:57 +0000

Earlier, I explained about username/password authentication to authenticate the users before serving the content. Let's check out few cool extensions on basic authentication together with IP address, specific URLs, and cookie handling this time.

Prerequisites

The password file is already created (htpasswd)
username/password authentication is already working

Basic Authentication together with Access Restriction by IP address

Restricting certain IP address together with HTTP basic authentication can be also achievable with few configurations. Let's see this implementation in the following two cases.

Case 1: Allowing access to the user with a valid username/password as well as with a valid IP Address

server {
    location / {
                # satisfy all conditions
                satisfy all;

                deny  192.168.1.2;
                allow 192.168.1.1/24;
                allow 127.0.0.1;
                deny  all;

                # add http basic authentication 
                auth_basic "Password Required";
                auth_basic_user_file /etc/nginx/.htpasswd;
    }
}

This example shows a combo use case of HTTP basic authentication and IP restriction where satisfy all denotes that the user has to satisfy both conditions to be able to pass the authentication. This example will grant access for the 192.168.1.1/24 network excluding the 192.168.1.1 address.

Case 2: Allowing access to the user either with a valid username/password or with a valid IP address

server {
    location / {
                # satisfy at least one condition
                satisfy any;

                deny  192.168.1.2;
                allow 192.168.1.1/24;
                allow 127.0.0.1;
                deny  all;

                # add http basic authentication 
                auth_basic "Password Required";
                auth_basic_user_file /etc/nginx/.htpasswd;
    }
}

satisfy any denotes that the user has to satisfy at least one condition to pass the authentication.

takeaway points

The allow and deny directives will be applied in the order they are defined.
satisfy all denotes that the user has to satisfy all conditions whereas satisfy any denotes that the access is granted if the user satisfies at least one condition.

Basic Authentication for specific URLs

It is also possible to achieve authentication rules applied to a specific URL instead of applying to all.

server {
        location /api {
                # add http basic authentication 
                auth_basic "Password Required";
                auth_basic_user_file /etc/nginx/.htpasswd;
    }

    location / {
                auth_basic off;
    }
}

This example shows that the basic authentication only applies to /api and the rest of the URLs are freely accessible.

Basic Authentication together with Cookie and IP address for specific URL (Final episode 😜)

map $cookie_bettercallsaul $cookie_bettercallsaul_exists {
  "hailSatanIsubmitToTheDarkSide" "true";
  default                         "false";
}

geo $valid_ip {
  192.168.1.1/24 "true";  #access granted 
  127.0.0.1      "true";  #access granted 
  192.168.1.2    "false"; #access not granted
  default        "false";
}


map $cookie_bettercallsaul_exists$valid_ip $cookie_ip_authentication {
  "truetrue"   "off";  #cookie and IP are valid
  "truefalse"  "off";  #cookie is valid but IP not
  "falsetrue"  "off";  #cookie is not valid but IP
  default      "Password Required"; 
}

server {
    location /api {
                auth_basic  $cookie_ip_authentication;
                auth_basic_user_file  /etc/nginx/.htpasswd;
                add_header Set-Cookie "bettercallsaul=hailSatanIsubmitToTheDarkSide;max-age=3153600000;path=/"; #setting the cookie if authentication is succeeded
                proxy_pass http://127.0.0.1:8000/;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $remote_addr;
    }

    location / {
                auth_basic off;
    }
}

This example grants access to the users to /api if they are coming from valid networks or they have specified cookie (bettercallsaul) set. It shows the basic authentication dialog if none of the conditions are satisfied and it will set the cookie once the user has access.

takeaway points

map is extremely flexible and powerful module in Nginx configuration. It allows creating variables whose values depend on the values of other variables.

map <InputValue> <OutputValue> {
  <Match1> <Match1ReturnValue>;
  <Match2> <Match2ReturnValue>;
  default <DefaultReturnValue>;
}

geo module also possesses the same behavior in terms of input and output variables but it is based on IP address.

geo $geo{
  192.168.1.1/24 1;  
  default        0;
}

Last but not the least, don't forget to apply your configuration changes.

$ sudo service nginx reload

Conclusion

Well, that's it. That was a simple implementation of basic authentication together with IP restricting, cookie handling, and specific configuration for specific URLs with powerful commands like geo and map.

I hope this post helped you! 👊

JavaScript Debugging in PhpStorm

Yubraj Ghimire — Wed, 03 Jun 2020 12:42:21 +0000

Whenever we think of JavaScript debugging 🤔 console.log, debugger, browser dev tools are some terms that come up in our mind but have you ever thought of debugging JavaScript with IDE?

This post will guide you to integrate JavaScript debugging in PhpStorm in no time.

Lets get started...

Step1 - Install JetBrains IDE Support extension

First of all, you need to install JetBrains IDE Support extension for Google Chrome to debug client-side apps in any IDEs from JetBrains.

After installing the extension, now you should see the JetBrains icon in your google chrome panel.

Step2 - Add JavaScript Debug configuration in PhpStorm

Click Run|Edit Configurations... from the menu which will open the dialog box and add configuration by clicking + icon and choose JavaScript Debug as a new configuration. Provide your Name for the configuration and URL for the server.

Step3 - Start debugging

Choose the right debugging configuration and start debugging by clicking on the debug icon.

This will open your project in the new browser.

If you set the breakpoints, you would see the script stops at the breakpoints.

Congratulations! 👏 You have just integrated JavaScript Debugging successfully!

Keep on coding & keep on debugging 🐞

Restricting Access with HTTP Basic Authentication

Yubraj Ghimire — Wed, 27 May 2020 13:54:00 +0000

It is very common practice to restrict your development environment with some sort of username/password authentication so that the visitors has to authenticate first before landing into the website. For this purpose, HTTP basic authentication comes really handy, it is a simple response mechanism with which a server can request authentication information (userId and password) from a client, if the client provides correct credentials then the server serves the protected content otherwise sends authorization error with 401 status code.

Lets get started

Prerequisites

NGINX
apache2-utils as a password creation utility

Step 1 - Create a Password File

Creating a password file with a first user user1. Run the htpasswd utility with the -c flag to create a new file. The first argument contains the file path and second one holds the name of the user:

$ sudo htpasswd -c /etc/nginx/.htpasswd user1

You will be asked to supply and confirm a password for the user.

Leave out -c flag incase you wish to add multiple users:

$ sudo htpasswd /etc/nginx/.htpasswd user2

You can confirm that the file contains paired username and encrypted passwords:

$ cat /etc/nginx/.htpasswd

# Output
user1:$apr1$PbDKFyTU$1mPXhE3Yjbygmg5AH5hNE.
user2:$apr1$u/3QM/YL$jVhMow7XyR.umwpRcNdKE0

Step 2 - Configure NGINX HTTP Basic Authentication

Now that you have a file with all users and passwords in an encrypted format that the server can read, the next step would be configuring the server to check this file before serving the protected content.

To start configuring the server, you would like to find out where does the server configuration is located, this would help you:

$ cat /etc/nginx/nginx.conf

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    #...

    include /etc/nginx/conf.d/*.conf;
}

In above example, all the configurations are located inside /etc/nginx/conf.d/ directive.

Lets check the configuration files inside this directive:

$ ls /etc/nginx/conf.d/*.conf

default.conf  my_proxy.conf

In above example, it shows that there are two configuration files inside /etc/nginx/conf.d/ directive, one is default.conf and another is my_proxy.conf.

After finding out the correct configuration file, lets begin editing the server configuration and specifying the auth_basic which is a name for the protected area and auth_basic_user_file is a directive with a path to the .htpasswd file that contains user/password pairs.

$ sudo nano /etc/nginx/conf.d/default.conf

server {
    listen 80 default_server;
    server_name example.com;

        #....
        location / {

        }
}

Lets add basic authentication:

server {
    listen 80 default_server;
    server_name example.com;

        #....
    location / {
                # add http basic authentication 
                auth_basic "Password Required";
                auth_basic_user_file /etc/nginx/.htpasswd;
    }
}

Step 3 - Testing the Setup

This ends with your server configuration, restart your server to apply the changes:

$ sudo service nginx reload

When everything goes alright, your are prompted to log in when you load your site:

If the provided username and password do not match the password file, you get the 401 Authorization Required error.

Conclusion

You have just implemented HTTP basic authentication on NGINX. More detailed information about different means of access restrictions are available in NGINX Documentation.

Compiling Xdebug manually and integrating with PhpStorm on macOS Catalina 10.15.4

Yubraj Ghimire — Sun, 17 May 2020 22:47:15 +0000

Integrating Xdebug on PhpStorm has been always hectic, something always comes up which makes you to go through number of guides on the web and cost lot of time, if you are lucky you will somehow manage to integrate successfully otherwise keep on looking...

I faced this kind of situations multiple times in past and one more recently with macOS Catalina. I managed to integrate successfully after spending quite bit of time but this time, I would like to share my findings with you so that you don't have to bang your head on the wall :)

The problem with macOS Catalina is that, Apple decided to nuke /usr/include which has been the default location for C header file in UNIX systems. I tried to install through pecl install xdebug but got the error as the compiler was looking for necessary headers file in /usr/include, so it didn't work out. Then, I end of compiling Xdebug manually by specifying the actual location of the header files which are provided by Xcode but in a different location. It went good and now working like a charm.

Let's begin the chapter.

Installing Xcode

The first step is to get Xcode from the App Store.

After installing Xcode, it is time to get the command line tools:

xcode-select --install

If this command fails, you might need to open Xcode and accept the terms and conditions to finish the installation. I am using Xcode 11.5 beta.

Now, make sure that the path for SDK is found. It could be possible that your path does look a bit different than the one below. If so, then you might need to change the path accordingly later on.

$ xcrun --show-sdk-path
/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk

Getting source from GitHub

I am using 2.7.0 which is supported version for PHP 7.3 and PHP 7.4. You can check the version compatibility to find the right one for your project.
If you like checking out different versions of Xdebug, you could do it from GitHub.

git clone https://github.com/xdebug/xdebug.git
cd xdebug
git checkout tags/2.7.0

While checking out if you get the following error then you need to exclude Users/ directory in the config:

fatal: cannot use /Users/yourname/ as an exclude file

Excluding Users/ directory in the config:

Path: xdebug/.git/config

You might need to show hidden files by pressing shift+cmd+.

[core]
      excludesfile = Users/

phpize

Now, it is time to make a copy of phpize and to edit the include path:

cp /usr/bin/phpize .
nano ./phpize

Find this line:

includedir="`eval echo ${prefix}/include`/php"

and replace it with the line below if your SDK path is /Library/Developer/CommandLineTools/SDKs/MacOSX.sdk and if not then use your SDK path which you have already found previously and append /usr/include/php in that path

includedir="/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/include/php"

Run phpize:

./phpize

You should now see something like this:

Configuring for:
PHP Api Version:         20180731
Zend Module Api No:      20180731
Zend Extension Api No:   320180731

Installing autoconf

Run following command for building and installing it:

./configure --prefix=/usr/local
make
sudo make install

Configure and build Xdebug

We can now configure:

./configure    

#run following commands for specifying custom SDK location as compiler flags

SDK_PATH=$(xcrun --show-sdk-path)
make CPPFLAGS="-I${SDK_PATH}/usr/include/php -I${SDK_PATH}/usr/include/php/main -I${SDK_PATH}/usr/include/php/TSRM -I${SDK_PATH}/usr/include/php/Zend -I${SDK_PATH}/usr/include/php/ext -I${SDK_PATH}/usr/include/php/ext/date/lib"

You might see some warnings but can be ignored. Now, its time to run:

make install

You might see the Error like below and which makes sense because it can't move the extension to the right place due to System Integrity Protocol (SIP) will not allow it. Therefore, we will take care of this manually at the next step. make install is still required as it will sign the *.so file.

Installing shared extensions:     /usr/lib/php/extensions/no-debug-non-zts-20180731/
cp: /usr/lib/php/extensions/no-debug-non-zts-20180731/#INST@13740#: Operation not permitted
make: *** [install-modules] Error 1

Enabling Xdebug in PHP

Lets move the executable to /usr/local/php/extensions.

sudo mkdir -p /usr/local/php/extensions
sudo cp $(php-config --extension-dir)/xdebug.so /usr/local/php/extensions

Now, we enable Xdebug by editing the PHP configuration in php.ini.
Lets locate the file:

cd /etc
tail php.ini
php.ini          php.ini.default

#If you don't find php.ini, then you can just copy the default one

cp php.ini.default php.ini

Editing the configuration:

sudo nano php.ini

#Add the following at the bottom and save it

[xdebug]
zend_extension=/usr/local/php/extensions/xdebug.so
xdebug.remote_enable=on
xdebug.remote_log="/var/log/xdebug.log"
xdebug.remote_host=localhost
xdebug.remote_handler=dbgp
xdebug.remote_port=9000

Restart build in server:

sudo apachectl restart

Here comes the moment of truth:

php -i | grep "xdebug support"

#If the above command returns following outcome then you are set to go :)
xdebug support => enabled

Lets open the second chapter...

Configure Xdebug in PhpStorm

In the Settings/Preferences, select Language & Frameworks|PHP.
On the PHP page, choose the relevant PHP installation from the CLI Interpreter list and click the browse button (...) next to the field.
The name and version of the debugging engine associated with the selected PHP installation shows up here. If debugger is properly configured, PhpStorm shows the message:
Now, click Run|Edit Configurations... from the menu which will open the dialog box
Add server configuration by clicking + icon and choose PHP Remote Debug
Name: provide whatever name you like to call for your remote debug
Filter debug connection by IDE key: checked
Server: click the browse button (...) next to the field to create one
Above example shows the localhost setup, you can use mappings if the server is remote or symlinks are used
IDE key(session id): PHPSTORM
Session id has to be exactly same with the one from the Xdebug browser extension, it will come up in next step
Apply the configurations

Lets test the configuration

Click Run|Web Server Debug Validation, it will open the dialog box
Provide path for the project and Url and click Validate, if you see something like this below then you are all set.
One last thing is left which is adding Xdebug helper as an extension in google chrome.
After adding it, right click on the Xdebug helper which will open the menu, you could find it on the top right section of the google chrome.
Click on Options from the menu
Select your IDE and provide the sessionkey, previously we have used PHPSTORM, we will use the same one here
Don't forget to activate the Xdebug helper, just click on the icon and click Debug from the menu, it will turns into green.
Activate Start listening for PHP Debug Connections by clicking on following icon in PhpStorm, when it is activated it turns into green.

Thats it.

Set some breakpoints, run the project and 💥

Keep coding! Keep debugging! 👊