#GitHub

Welcome dear members of the Community to the presentation and first article of a small project that will demonstrate the capabilities of InterSystems IRIS to provide full backup functionality for a web application developed in Angular. This article will be limited to presenting the concept as well as the InterSystems IRIS functionalities used in a general way, going into more detail in subsequent articles.

Welcome to QuinielaML!

Introduction

Git stores complete history - meaning you would never lose your files, even if they are deleted, they are still available. That, however, presents an issue if large or sensitive files have been committed. Deleting them DOES NOT remove them from history. Recently one of the repos I work on became unexpectedly large, so here's how you can resolve that:

1. Check repo files. If there are large files - well, here are your suspects, but if there's nothing large in the repo itself, check the pack files .git\objects\pack. In my case, the packfile was ~1gb (99.9% of the repo size). It means that a large object was committed into a repo and then deleted - which still leaves it in the pack files.
2. Listed all repo objects by size:

git rev-list --objects --all |
  git cat-file --batch-check='%(objecttype) %(objectname) %(objectsize) %(rest)' |
  sed -n 's/^blob //p' |
  sort --numeric-sort --key=2 |
  cut -c 1-12,41- |
  $(command -v gnumfmt || echo numfmt) --field=2 --to=iec-i --suffix=B --padding=7 --round=nearest

Which returned one large file:

...
4c23d572ae62  963MiB docker/irishealth-2022.1.0.209.0-docker.tar.gz

Probably IRIS image was accidentally committed (and later deleted) - but was left in the repo history.

3. Searched for commits affecting the image file: git log --all --full-history -- "*irishealth-2022.1.0.209.0*"

Returned:

commit abc
Date:   Thu Apr 20 10:47:46 2023

    Remove iris image


commit xyz
Date:   Thu Apr 20 10:07:12 2023

    Fix bug

4. Using a GitHub search, I found the affected branch.
5. As the commit was in one branch only (not merged into the main branch, etc.) and so not deployed to prod, rewriting history was deemed ok.
6. Ran pepo cleaner to remove large files from history.
7. Force-pushed new history.
8. Cloned the repo again, and the operation was completed in under a minute.

After doing this, every developer working on a repo needs to clone the repository again.

I am happy to share with you my first experience of using a docker container version of IRIS for Health to explore your interest in using or having a trial by taking the advantage of a docker container that is lightweight, and easy to deploy. This cookbook will go through the implementation steps using the GitHub repository called ENSDEMO written by Renan Lourenco.

Steps for setting up an IRIS for Health Community Edition docker container environment

1. Docker up and running
2. Download the docker image

docker pull containers.intersystems.com/intersystems/irishealth-community:2022.2.0.304.0

Hi Developers!

This is yet another short post that is intended to simplify developers' life. Now we'll talk about how to make GitHub run unit tests with every push to the repository by adding just one file to the repo. For free.  On Github Cloud. Sounds great, isn't it?

It is possible and very easy to do. Credit goes to @Dmitry Maslennikov (and his repo), ZPM Package Manager, and GitHub Actions.  Let's see how this all works!

I am new to Intersystems, in our project we are directly connecting to the server (environment) using  Intersystems VSCode extensions and publishing our changes from local machine. This is not the way we usually do as development process.

Is it possible to implement continuous integration ? So that developers can check-in their code in GIT Hub and can integrate Jenkins and automate the deployment?

Could you please help me on this ?

It is becoming more and more common to see beautiful badges in the README.MD file with useful information about the current project in the repositories of GitHub, GitLab and others. For instance:

The project is being developed The quality of the code, which also provides its own badge, which immediately shows the status of code validation of the project. If you insert a line into the README.MD file

 [![Quality Gate Status](https://community.objectscriptquality.com/api/project_badges/measure?project=intersystems_iris_community%2Fappmsw-zpm-shields&metric=alert_status)](https://community.objectscriptquality.com/dashboard?id=intersystems_iris_community%2Fappmsw-zpm-shields)

And in the /.github/workflows/ directory github project the file objectscript-quality.yml, you can see this badge:

There are different services that grant these nameplates. For example - Shield.io It even executes screen forms, which simplify the creation of links, including for markup written in Markdown

I have been using a lot of different beautiful and useful nameplates in my projects for a long time.

As the project of the package manager ZPM matures, the requirements for the storage resources for package modules increase too.

It happens more and more often now that I need to know more detailed information, preferably observable at first glance at the first page, without opening the project files. Such data includes:

• what version of the project is stored in the repository. I need to see that without checking the module.xml file.
• how that version relates to the one in the public repository. Is it the right time already to update the release or not?...
• what ports are forwarded out in the settings of the docker file called dockerfile?

All of that is well performed by the shields.io service.

Show the version of the zpm project taken from the file module.xml

![Repo-GitHub](https://img.shields.io/badge/dynamic/xml?color=gold&label=GitHub%20module.xml&prefix=ver.&query=%2F%2FVersion&url=https%3A%2F%2Fraw.githubusercontent.com%2Fsergeymi37%2Fzapm%2Fmaster%2Fmodule.xml)

You can complicate the link by adding the ability to click to open the corresponding file module.xml:

[![Repo-GitHub](https://img.shields.io/badge/dynamic/xml?color=gold&label=GitHub%20module.xml&prefix=ver.&query=%2F%2FVersion&url=https%3A%2F%2Fraw.githubusercontent.com%2Fsergeymi37%2Fzapm%2Fmaster%2Fmodule.xml)](https://raw.githubusercontent.com/sergeymi37/zapm/master/module.xml)

Show the version of the zpm project taken from the service

![OEX-zapm](https://img.shields.io/badge/dynamic/json?url=https:%2F%2Fpm.community.intersystems.com%2Fpackages%2Fzapm%2F&label=ZPM-pm.community.intersystems.com&query=$.version&color=green&prefix=zapm)

Example of a link with a request for a service:

[![OEX-zapm](https://img.shields.io/badge/dynamic/json?url=https:%2F%2Fpm.community.intersystems.com%2Fpackages%2Fzapm%2F&label=ZPM-pm.community.intersystems.com&query=$.version&color=green&prefix=zapm)](https://pm.community.intersystems.com/packages/zapm)

Show which ports are forwarded in the settings of the docker file called dockerfile

 ![Docker-ports](https://img.shields.io/badge/dynamic/yaml?color=blue&label=docker-compose&prefix=ports%20-%20&query=%24.services.iris.ports&url=https%3A%2F%2Fraw.githubusercontent.com%2Fsergeymi37%2Fzapm%2Fmaster%2Fdocker-compose.yml)

For instance of a link with opening a file docker-compose.yml:

[![Docker-ports](https://img.shields.io/badge/dynamic/yaml?color=blue&label=docker-compose&prefix=ports%20-%20&query=%24.services.iris.ports&url=https%3A%2F%2Fraw.githubusercontent.com%2Fsergeymi37%2Fzapm%2Fmaster%2Fdocker-compose.yml)](https://raw.githubusercontent.com/sergeymi37/zapm/master/docker-compose.yml)

However, when it comes to more complex metrics, their combinations, or projects inside a private local network, for those purposes I have decided to bring about my REST service, which shows the version of the ZPM module from the repository file and from the service https://pm.community.intersystems.com/

After installation, you will have a service zpm-shields to which you need to provide access without authentication.

Using these links you can get a svg file that can be inserted into README.MD for instance:

![Repo](http://localhost:52773/zpm-shields/repo/mode?module=https:%2F%2Fgithub.com%2FSergeyMi37%2Fzapm&color=blue)

where the parameter values are: zpm-shields/repo - extaction from the file module.xml version module - link to the repository color - for example #00987

![Registry](http://localhost:52773/zpm-shields/registry/mode?project=appmsw-dbdeploy&color=gold)

where the parameter values are: zpm-shields/registry - getting the version by request from the service project - project name

![Repo+Registry](http://localhost:52773/zpm-shields/both/mode?module=sergeymi37%2Fappmsw-dbdeploy&project=appmsw-dbdeploy&color=FFA07A)

where the parameter values are: zpm-shields/both - extaction from the file module.xml version and getting the version by request from the service project - project name module - link to the repository

My service can also be used for local ZPM resources. To do that you need to utilise the full path of the local repository and private register.

I really like these badges. I think they might come in handy for you too.

Hi Everyone!

I have a question about how teams are using Atelier, in my experience, using a single-server/multi-developer environment is becoming problematic for us, especially when using GitHub to source control our code, let me explain...

What about having your IRIS REST APIs scanned every push you did and being reported on possible vulnerabilities? This is what I am going to show you in this article.

Recently, we had the Security Contest with amazing applications and examples showing how to improve security on your IRIS solutions. One of such examples was the zap-api-scan-sample, made by me and my colleague Henrique Dias. Our application shows how to use the OWASP ZAP API scanner to perform security tests on your REST APIs OpenAPI definitions generated by IRIS.

Now, we did an improvement on such example, using ZAP GitHub Action to automate security APIs tests on every push to a GitHub repository.

What are GitHub Actions?

GitHub actions are plugins for GitHub repositories, which perform tasks triggered by some events, like pushes for instance. They are nice tools to set up CD/CI pipelines.

You can set up actions by creating YAML files, located in the .github/workflows directory. Below an example is presented showing how to start a ZAP API scan. You can find more information in the quick start from GitHub Docs.

GitHub actions are available for download in the GitHub marketplace.

What is OWASP ZAP?

The Open Web Application Security Project® (OWASP) is a nonprofit foundation created and maintained by security enthusiasts around the world, developing amazing projects.

One of such projects is the OWASP® Zed Attack Proxy (ZAP), a web app scanner free and open source. This tool can perform scanning on web applications and/or APIs (REST, SOAP and GraphQL) searching for common vulnerabilities. You can also run penetration tests using this great tool.

You can find more information about ZAP here.

Example

So, as you can imagine, the OWASP ZAP API scan GitHub action is a hook to perform API scan automatically on repository events, such as pushes.

In order to set up this action, you need to create a file with any name in the .github/workflows directory. Inside this directory, you must create a YAML file with a name for your action, the event which triggers the action and a ZAP job config.

Below the action set up for perform API scan in our application example is presented:

name: owasp-zap-api-scan
on: push

jobs:
  zap_scan:
    name: Scan REST APIs
    runs-on: ubuntu-latest
    steps:
      - name: ZAP Scan for crudall API
        uses: zaproxy/action-api-scan@v0.1.0
        with:
          format: openapi
          target: 'https://zapsample.demo.community.intersystems.com/crudall/_spec'

In our example, this file is located here.

As you can see by the value “push” in property “on”, the ZAP job configured in “jobs” property is executed on every push to the repository. So, when a push is done, an action starts, like this one:

Run zaproxy/action-api-scan@v0.1.0
[@octokit/rest] `const Octokit = require("@octokit/rest")` is deprecated. Use `const { Octokit } = require("@octokit/rest")` instead
starting the program
github run id :1608811094
/usr/bin/docker pull owasp/zap2docker-stable -q
docker.io/owasp/zap2docker-stable:latest
/usr/bin/docker run --user root -v /home/runner/work/zap-api-scan-sample/zap-api-scan-sample:/zap/wrk/:rw --network=host -t owasp/zap2docker-stable zap-api-scan.py -t https://zapsample.demo.community.intersystems.com/crudall/_spec -f openapi -J report_json.json -w report_md.md -r report_html.html
2021-12-21 21:50:20,854 Could not find custom hooks file at /home/zap/.zap_hooks.py 
2021-12-21 21:50:32,043 Number of Imported URLs: 3
Total of 10 URLs
PASS: Directory Browsing [0]
PASS: Vulnerable JS Library [10003]
...
WARN-NEW: Unexpected Content-Type was returned [100001] x 5 
	https://zapsample.demo.community.intersystems.com/1009880830598384336 (404 Not Found)
	https://zapsample.demo.community.intersystems.com/crudall (404 Not Found)
	https://zapsample.demo.community.intersystems.com/ (404 Not Found)
	https://zapsample.demo.community.intersystems.com/elmah.axd (404 Not Found)
	https://zapsample.demo.community.intersystems.com/.htaccess (404 Not Found)
WARN-NEW: Incomplete or No Cache-control Header Set [10015] x 1 
	https://zapsample.demo.community.intersystems.com/crudall/_spec (200 OK)
WARN-NEW: X-Content-Type-Options Header Missing [10021] x 1 
	https://zapsample.demo.community.intersystems.com/crudall/_spec (200 OK)
WARN-NEW: Strict-Transport-Security Header Not Set [10035] x 1 
	https://zapsample.demo.community.intersystems.com/crudall/_spec (200 OK)
FAIL-NEW: 0	FAIL-INPROG: 0	WARN-NEW: 4	WARN-INPROG: 0	INFO: 0	IGNORE: 0	PASS: 73
[@octokit/rest] `const Octokit = require("@octokit/rest")` is deprecated. Use `const { Octokit } = require("@octokit/rest")` instead
Scanning process completed, starting to analyze the results!
Alerts present in the current report: true
Process completed successfully and a new issue #3 has been created for the ZAP Scan.
Total size of all the files uploaded is 9209 bytes
Finished uploading artifact zap_scan. Reported size is 9209 bytes. There were 0 items that failed to upload

You can find all actions output in the Actions tab in GitHub.

Note that you must have your API online in order for ZAP to scan it. In our example, we used another action to deploy the project to the cloud first and then, set the API endpoint which uses IRIS to generate the OpenAPI specification - defined in the “target” property.

This action also opens an issue with warnings and errors found, and send notifications to GitHub and to your e-mail:

Conclusion

In this article you learned how to use GitHub Actions to automate APIs scan tests on every push done to your repositories. Such a tool could help you to quickly identify vulnerabilities into your REST APIs on your IRIS solutions.

In this article I will demonstrate basics of OAuth2 authentication with GitHub account with the help of online demo 
https://dappsecurity.demo.community.intersystems.com/csp/user/index.csp by using SuperUser | SYS

I'd like to bring your attention to my two Virtual Summit sessions, even though they're not HALF as cool as Embedded Python.

Git & GitLab for Shared Development Environments details the newly-released git-source-control package (see also on the Open Exchange) which provides a new best-of-breed solution for server-side IRIS/Git integration, especially for shared remote development environments. (I need to write up a post about this package specifically and plan to do so soon.)

I wrote a step by step tutorial in the qewd-howtos repository how you can write state of the art multi-page web apps with Node.js using a QEWD-Up WebSocket/REST api back-end integrated with a mainstream web framework like NuxtJS & Vue.js. In particular with the latest NuxtJS/Vue.js frameworks, writing web applications becomes fun again, allowing you to write your applications very efficiently, hiding all boilerplate code from you.

The tutorial should be very easy to try out on your development machine and consists of two parts:

Hi,

I have CSV file in github repository. I want to import CSV file data into container class during running container. 

Thanks

Open up a random ObjectScript project (I think you need to be logged in first for this to work).

For example, the ZPM project

Then press "." (press full stop).

This will open the git repo inside an online instance of VS code.

Perhaps not that exciting for some, but I was impressed. Mainly because it's a good demo of editing ObjectScript in the cloud. As much as I like VS code locally, I still can't use it on many sites, and maybe not popular, but I still think IRIS + its own web IDE would be a killer combination. 

Hi, Community!

I'm pleased to share that we have a dedicated InterSystems Developer Community GitHub - github.com/intersystems-community!

Hi colleagues!

Often when we collaborate to someone's repo in GitHub we do the following cycle:

Fork-Clone-Change-Commit-Push-Pull-Request-Merge to the original repo.

This is all great and works fine!

And if we want to make a second collaboration right after the merge you need to perform "Fetch upstream" to your forked repo first to "ingest" your own Pull-request in the original repo.

Geeky git-professionals do it with ease but this was always a headache for me so I usually simply deleted the fork and created a new one.

And today I figured that Github added a new UI feature that I can easily fetch-upstream for my fork with the original one and make it up to date and capable for pull-requests.

Here is where the button is:

This is a relief! )

Wanted to share this relief and productivity tip with you!

Bring more collaborations to Github repos!

And speaking of PR - I just made a PR with docker to Google Cloud Run deployment for the FHIRaaS demo made by @Anton Umnikov for the current FHIR Contest! Looking for more of your contributions!

Hi Community,

Please welcome the new video on InterSystems Developers YouTube:

⏯ Deploying InterSystems IRIS Solutions into Kubernetes Google Cloud

Hi folks!

Just a very short note on if you want to add a cute Open Exchange shield like this:

 in your GitHub repo you can do it by entering one line like this:

[![Gitter](https://img.shields.io/badge/Available%20on-Intersystems%20Open%20Exchange-00b2a9.svg)](https://openexchange.intersystems.com/package/csvgen)

In the URL place the path to your OEX page.

Thanks to the participants of contest for such a neat shield )

What other helpful Github shields do you know? Please share in the comments?

I am currently evaluating Source Control systems that we can use for both MS SQL, MS Visual Studio, and InterSystems IRIS. For both MS SQL and MS Visual Studio we do have the option of either Azure or GitHub.  I understand when we upgrade to IRIS 2019.1 we have options for Source Control, and in previous Global Summit's I have heard GitHub discussed.  So why can't I user GitHub for both MS SQL/MS Visual Studio and IRIS?

A couple of questions come to mind starting to think about Source Control

Hi Community,

Please welcome the new video recorded by @Evgeny Shvarov on InterSystems Developers YouTube:

⏯ Developing InterSystems IRIS solution using GitHub Codespaces

The first full release of our iKnow open-source NLP library is now available on GitHub and PyPI! 

Introduction

In a previous article, I discussed patterns for running unit tests via the  InterSystems Package Manager. This article goes a step further, using GitHub actions to drive test execution and reporting. The motivating use case is running CI for one of my Open Exchange projects, AppS.REST (see the introductory article for it here). You can see the full implementation from which the snippets in this article were taken on GitHub; it could easily serve as a template for running CI for other projects using the ObjectScript package manager.

Features demonstrated implementation include:

This article is a continuation of Deploying InterSystems IRIS solution on GKE Using GitHub Actions, in which, with the help of GitHub Actions pipeline, our zpm-registry was deployed in a Google Kubernetes cluster created by Terraform. In order not to repeat, we’ll take as a starting point that:

In an earlier article (hope, you’ve read it), we took a look at the CircleCI deployment system, which integrates perfectly with GitHub. Why then would we want to look any further? Well, GitHub has its own CI/CD platform called GitHub Actions, which is worth exploring. With GitHub Actions, you don’t need to rely on some external, albeit cool, service.

In this article we’re going to try using GitHub Actions to deploy the server part of  InterSystems Package Manager, ZPM-registry, on Google Kubernetes Engine (GKE).

Hi Community!

We are glad to invite every developer who uses ObjectSript and VSCode plugin to the second webinar hold by the VSCode ObjectScript plugin developer on May 26  at 11:00 EDT. 

You will learn how to develop InterSystems IRIS solutions using GitHub Development Flow with VSCode ObjectScript and Docker.

Speaker: @Dmitry Maslennikov, InterSystems Developers Advocate, CTO at CaretDev.

Hey Developers,

The recording of the Kick-Off Webinar for InterSystems IRIS Native API Online Programming Contest is now available on InterSystems Developers YouTube:

Speakers:  
@Bob Kuszewski, InterSystems Product Manager
@Evgeny Shvarov, InterSystems Developer Ecosystem Manager

Hi Community,

New "Coding Talk" video was specially recorded by @Evgeny Shvarov for the second IRIS Programming Contest: 

⏯ Creating CRUD REST API for InterSystems IRIS in 5 minutes

Hi developers!

Suppose you have a Github repository with ObjectScript classes but without a Docker environment.

Recently I published a repository with a set of files that form a universal Docker and VSCode environment to let you either import and run your repository in InterSystems IRIS Community Edition on Docker or turn your repository into Docker and VSCode environment for InterSystems IRIS Community Edition.

So in one sentence:

Unpack these files in your folder and you have the Docker and VSCode environment for your InterSystems IRIS ObjectScript application!

See the details below.

What does everyone think about submitting an issue in a repository and then submitting a pull request to fix that issue. Is it an unnecessary step or does it give extra context and logging for the issue? I ask this because when I find a bug in an Open Exchange app, I always submit the Issue and then often submit a Pull Request to fix the issue.

I think that if the repository owner doesn't like your suggested fix, it is helpful to have the issue around so that they can deny the pull request and potentially implement their own change for the issue.

Hi Developers!

Recently we announced two new challenges on Global Masters: 'Bugs Bounty' and 'Pull Requests'.

And we are getting a lot of submits to the challenges which are not the thing we are expecting there. So I hope this post will give some shine to this quest.

'Bugs Bounty'

Ok! What are we expecting from 'Bugs bounty'?

There are a lot of Open Exchange solutions that come with public open-source repositories on Github: project and repo,  another project and the repo, another one and its repo, and many more on Open Exchange.

Hi Everyone,

New Coding Talk, recorded by @Evgeny Shvarov, is already on InterSystems Developers YouTube:

GitHub Repository Template To Develop and Debug ObjectScript in InterSystems IRIS