Sunday, November 21, 2021

Hacking in to webpack build process

With API Manager, we have a requirement to allow users to keep a separate source folder for each web application. To describe the requirement a bit more, we have a folder structure as follows.

We are sending updates to the source folder after releasing the product. If a developer customized the content in the source folder, it will be rewritten by the new updates. So for them to maintain the code separately we wanted to implement a file overriding mechanism. Our goal was to allow users to copy the file into a different folder on the same level as the source folder and do the customization logic there. Example.

The files in the overrides folder should take president over the files in the source folder. To achieve this we use a Webpack loader. A Webpack loader can be used to tap into the Webpack build process. 

   test: /\.(js|jsx)$/, 
   exclude: /node_modules/, 
   use: [ 
      loader: path.resolve('loader.js'), 

Now, all we need to do is create a new file at the same level as weback.config.js and add our logic. We get the list of files and the source content as input params. 

  module.exports = function (source, map) 
 // Do your magic 
 this.callback(null, newSource, map); 

Loader source

Wednesday, July 31, 2019

APIM 3.0 add multiple apis - bash script

Created a bash script to create, tag and publish multiple APIs. This is useful to populate data for the landing page.


# get the URL of the current Astronomy Picture of the Day (APOD)
clientId=$(curl -k -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d @payload.json https://localhost:9443/client-registration/v0.14/register | jq -r '.clientId')
clientSecret=$(curl -k -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d @payload.json https://localhost:9443/client-registration/v0.14/register | jq -r '.clientSecret')
# get just the image name from the URL
echo $clientId
echo $clientSecret

encoded=$(echo -ne $clientId:$clientSecret | base64)
echo $encoded

# get access token
accessToken=$(curl -k -d "grant_type=password&username=admin&password=admin&scope=apim:api_view,apim:api_create" -H "Authorization: Basic $encoded" https://localhost:9443/oauth2/token | jq -r '.access_token')

echo "======= access token =========="
echo $accessToken

declare -a tags=("weather" "finance" )
for tag in "${tags[@]}"
    for i in {6..50}
        echo $tag
        apiId=$(curl -k -H "Authorization: Bearer $accessToken" -H "Content-Type: application/json" -X POST --data-binary '{"name":"'$tag'API'$i'","version":"1.0.0","context":"'$tag'API'$i'","tags":["'$tag'"],"isDefaultVersion":false,"gatewayEnvironments":["Production and Sandbox"],"transport":["http","https"],"visibility":"PUBLIC","endpointConfig":{"endpoint_type":"http","sandbox_endpoints":{"url":"http://apiendpoint"},"production_endpoints":{"url":"http://apiendpoint"}},"policies":["Unlimited"]}' https://localhost:9443/api/am/publisher/v1.0/apis  | jq -r '.id')
        echo "==============================================================="
        echo $apiId

        ## publishing
        echo "===========================publishing===================================="
        publishState=$(curl -k -H "Authorization: Bearer $accessToken" -H "Content-Type: application/json" -X POST "https://localhost:9443/api/am/publisher/v1.0/apis/change-lifecycle?action=Publish&apiId=$apiId" -H "accept: application/json")

Sunday, December 10, 2017

Microservices governance vs SOA

whether you enforce contracts is independent of if you connect through the service bus or directly. You could build your microservices to use SOAP and WSDL. The industry as a whole seems to be moving away from this.

The team responsible for deploying the microservice needs to treat all external parties like customers. This means when changes occur, they need to keep backwards compatibility and then undergo a change management process in other teams to have them upgrade before decommissioning the old version. We avoid breaking changes as much as possible, and use semantic versioning otherwise. Automated tests help keep all this possible.

In terms of governance, I would set ground-rules around the following:

  • what is (and is not) considered a breaking change, and how this is to be handled in the versioning system
  • how/where documentation for services is to be published and updated
  • how clients are to authenticate themselves
  • security recommendations such as TLS and authentication mechanisms

While you may not have a canonical data model covering all services, it could be wise to introduce some smaller conventions suitable to your domain. In my domain, this means always using 3-character ISO standard currency codes alongside monetary amounts. We never assume the currency or use a different representation.

Source: StackOverflow

Tuesday, September 6, 2016

Microservices and SOA

Microservices is one of the buzzwords that generate a lot of hype in these days.So we thought about discussing SOA(Service-oriented architecture) and Microservices.

(SOA): an architectural pattern in computer software design in which application components provide services to other components via a communications protocol, typically over a network.

Microservices: a software architecture style in which complex applications are composed of small, independent processes communicating with each other using language-agnostic APIs

When looking at Microservices and SOA based service, I can see a lot of similarities between them. However, Microservices is a special approach of breaking a monolithic SOA service into small parts. So finally one service can be divided into many smaller services that talk to each other. Ideally, each SOA service operation should be implemented as a Microservice.

A Service which is implemented based on Service-oriented architecture has a broader scope than a one Microservice. The primary driving force of a Microservices architectural solution is the scalability. When demand is increasing for one or two services, we can easily scale them with fewer resource constraints. However, if we have a monolithic service, scaling will bring up many unwanted resources as well. So, instead of deploying the entire application only once everyone is done, developers can deploy their respective services. Also, testing, issue isolation are manageable easily in microservices.

When considering disadvantages of microservices, implementing distributed systems can be complex. There will be multiple small-small services which complicates the deployment. Also when implementing a complex service, we need to think about database connectivity and transaction handling as well.

Thursday, August 18, 2016

What is SOA Governance?

What is Governance?

Governance is the process of ensuring that an organizations resource are utilized in a manner in which they contribute to the fulfillment of an organizations goal and it is done in a transparent and measurable manner.The resources can include both people , processes or other physical infrastructure.At the heart of Governance is the concept of controlling how decisions are made.There are a number of different types of Governance:

  • Corporate Governance
  • IT Governance
  • Architecture Governance
  • SOA Governance
  • SDLC Governance

Why has Governance become important?

The past decade has brought to light several corporate scandals that highlight the pitfalls when decisions are made without transparency and accountability. As an example in the late 90s the corporate IT departments initiated a number of IT projects based on the whimsical notion of staying on the bleeding edge without any clear motivation on how these projects would contribute to the business. 

What are the building blocks of Governance?

  1. Precepts
  2. People
  3. Processes
  4. Metrics


Precepts define the environment as well as the effects of a decision.It achieves this by defining the following:
  • Defines who can make decisions
  • Defines the constraints under which decisions are made
  • The consequence of non compliance

They can include one or more of the following elements:
  • Objectives
  • Policies
  • Standards
  • Guidelines


The focal point of any governance system; it is ultimately the human element that makes decisions. Thus people must be aware of the precepts.


A process within the context of Governance defines the steps in which decisions can be made, enforce precepts and corrective action can be taken.


Metrics provide a way to :
  • Measure the effectiveness of the Governance system
  • Measure compliance to Precepts
  • Assist in determining whether precepts are effective

What is SOA Governance?

SOA Governance ensures that a companies SOA IT projects are:
  • Necessary to meet an organization business goals
  • Producing actual results 

Why is SOA Governance important?

  1. Metrics on the usage of services
    • Are people actually using the service?
    • Is the service consumed in the way it was intended?
  2. Uniformity
    • Ensure that teams across departments are building inter-operable services


[2] SOA Governance in Action
[3] Service-Oriented Architecture (SOA) Governance for the Services Driven Enterprise