[ bash ] check contentType

contentType=$(curl -X HEAD -I ${url} | grep -Fi content-type | tr -d "\r")

if [ "${expectedContentType}" == "$contentType" ];
  echo "Success"
  exit 0
  echo "Content-type is not the same as expected"
  exit -1

<span id="mce_SELREST_start" style="overflow:hidden;line-height:0;">&#65279;</span>

[ bash ] compare 2 files and check if it is changed

date=`date '+%Y-%m-%d %H:%M:%S'`

# download ads.txt page from $url
curl -L "$url" > "$snapshot_ads"

# get the diff into $diff_ads file
rm -f $diff_ads
diff -c $latest_ads "$snapshot_ads" > $diff_ads && echo 'same!' || echo 'differences!'
cat $diff_ads

# create latest_ads
rm -f $latest_ads
ln -s "$snapshot_ads" $latest_ads

# check if the diff is acceptable
line_diff_count=`wc -l < $diff_ads`
if [ $line_diff_count -ne 0 ]; then
echo 'The ads.txt page is changed'
exit 1

[ ardunio ] create CACert for client.setCACert_P()

On firefox,

Click on the ‘>’ icon.

Click on “More Information” button at the bottom of the window.

In the new window titled “Page Info – https://api.github.com&#8221;, click on the “View Certificate” button.

In the “Certificate Viewer” window, click on the “Details” tab.

In the “Certificate Hierarchy” top window pane click on “DigiCert High Assurance EV Root CA” so it is highlighted.

Click on the “Export…” button at the bottom of the page.

At the bottom of the page select “X.509 Certificate (DER)” format then click on Save.

Use your favorite program to convert the binary DER format to ASCII. Here is what I do.

$ xxd -i DigiCertHighAssuranceEVRootCA.crt.der >cacert.h

ref : https://www.esp8266.com/viewtopic.php?p=74154

, https://github.com/esp8266/Arduino/tree/d5bb4a99f64a843e28b119d174b90c910516458f/libraries/ESP8266WiFi/examples/HTTPSRequestCACert

SonarCloud / SonarCube

  • SonarCloud ( on cloud )
  • SonarCube

SonarScan : We want which code / project to review.


  • Code smell
  • Bug
  • Vulnerbility ( Security domain )
  • Security ( Security domain )


image: sonarcube

http://localhost:9000 ( user : admin, pass : admin )

create project > get the project key for sonar-scan

Install SonarScanner

brew install sonar-scanner

Send code to scan on the project on the machine

sonar-scanner projectKey sources host=https://localhost:9000 login=keyToServer

see a result at the http://localhost:9000

Type : Bug / Vulnerability / Security / Reliability / Code coverage ( Unit test )

Language : Javascript

Can track priority major / assign to person ?


Quality Grade > New ( Operator Error at least : 80% )

Can add rules ….


SonarCube v.s. Eslint

  • SonarCube has visualization for non-technical person
  • $$$ if Integrated with github (need developer edition i.e. 12euro/month ( public repository ), private repository ( count max(LOC) in every branch, i.e. 100k ( 10 euro ) ) ( if SonarCloud, need to be public repository )
  • SonarCloud setup is more convenient ( login via github ). If SonarCube we need to pull the key and setup ( need ElasticSearch and another DB ).
  • SonarCloud is NOT able to custom rule ( rule and quality gate ).

SonarLint ( VS code extensions ) 

CircleCI ?

[ yarn ] Error: Git must be installed and in your PATH!


brew install yarn

Error: Permission denied @ rb_sysopen - /usr/local/var/homebrew/locks/git.formula.lock

Error: Git must be installed and in your PATH!

Error: Permission denied @ rb_sysopen - /usr/local/var/homebrew/locks/yarn.formula.lock


THWSM-MBA-001:api thwsmfolks$ xcode-select --install

xcode-select: note: install requested for command line developer tools

THWSM-MBA-001:api thwsmfolks$ xcode-select --install

xcode-select: error: command line tools are already installed, use "Software Update" to install updates

THWSM-MBA-001:api thwsmfolks$ brew install yarn

Error: Can't create update lock in /usr/local/var/homebrew/locks!

Fix permissions by running:

<span class="Apple-converted-space">&nbsp; </span>sudo chown -R $(whoami) /usr/local/var/homebrew

Error: Permission denied @ rb_sysopen - /usr/local/var/homebrew/locks/yarn.formula.lock

THWSM-MBA-001:api thwsmfolks$ sudo chown -R $(whoami) /usr/local/var/homebrew

[ jenkins ] login with AD

1) Download “Active Directory Plugin”

2) Manage Jenkins > Configure Global Security >

Enable Security : checked

Domain Name : whatever.com
Domain controller : what.whatever.com:9999

Bind DN : CN=wsm-admin,OU=Internal Services,OU=Service Account,OU=Thailand,DC=whatever,DC=th

Bind Password : XXXXX

TLS Configuration : JDK TrustStore

Group Membership Lookup Strategy : Recursive group queries

Security Realm : choose “Active Directory”

Authorization: choose Role-based strategy ( more : https://dsin.wordpress.com/2018/11/15/jenkins-role-strategy-plugin/ )
ref : https://medium.com/modern-stack/implementing-active-directory-based-security-in-jenkins-f78dbac929de