Christiano Guedes christianoguedes

## karabiner.json
...

"simple_modifications": [
                {
                    "from": {
                        "key_code": "right_command"
                    },
                    "to": [
                        {
                            "shell_command": "open -a 'iTerm.app'"

## echo-show-size-pics.sh
fdupes -qdN -r ./ #remove duplicates files with same hash
magick mogrify -format jpg -define preserve-timestamp=true *.heic #convert all files heic to jpg on current folder
magick mogrify -path ./convert -define preserve-timestamp=true -format jpg -auto-orient -resize "1280x<" -quality 80% *.jpg #resize proprotional to folder "convert". Echo Show 8 size's
magick mogrify -path ./convert -define preserve-timestamp=true -format jpg -resize "1280x800^" -gravity center -extent 1280x800  -quality 80% *.jpg #crop to amazon echo size after center zoom

mkdir convert_logo
magick mogrify -path convert_logo -compose over -gravity center -draw "image over 0,0 0,0 '<path/logo>.png'" *.jpg #OPTIONAL: Put logo on images

## medium_build_depedency_checker_profile.xml
...
    <profiles>
        <profile>
            <id>prd</id> <!-- chave do profile usado pelo CI/CD -->
            <build>
                <plugins>
                    <plugin>
                        <groupId>org.owasp</groupId>
                        <artifactId>dependency-check-maven</artifactId>
                        <version>5.3.2</version>

## medium_build_depedency_checker_exclusion.xml
...
    <build>
        <plugins>
            ...
            <plugin>
                <groupId>org.owasp</groupId>
                <artifactId>dependency-check-maven</artifactId>
                <version>5.3.2</version>
                <configuration>
                    <suppressionFile>dependency-checker-exclude.xml</suppressionFile>

## medium_build_depedency_checker.xml
...
    <build>
        <plugins>
            ...
            <plugin>
                <groupId>org.owasp</groupId>
                <artifactId>dependency-check-maven</artifactId>
                <version>5.3.2</version>
                <executions>
                    <execution>

## application.properties
#metrics - habilitar todos os endpoints do actuator
management.endpoints.web.exposure.include=*
management.endpoint.prometheus.enabled=true

#metricas - /actuator/metrics/bucket4j_summary_consumed
bucket4j.filters[0].metrics.enabled=true   #habilitar as métricas do bucket4j
bucket4j.filters[0].metrics.types=REJECTED_COUNTER    #métricas habilitas apenas para os bloqueios, mas poderia considerar também o consumo: REJECTED_COUNTER,CONSUMED_COUNTER
bucket4j.filters[0].metrics.tags[0].key=IP   #chave do actuador
bucket4j.filters[0].metrics.tags[0].expression=getRemoteAddr()  #valor ip do cliente
bucket4j.filters[0].metrics.tags[0].types=REJECTED_COUNTER  #quantidade de bloqueios

## pom.xml
  ...
    <dependencies>
    ...
        <!-- metrics dependency - actuator !-->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-actuator</artifactId>
        </dependency>
    ...
    </dependencies>

## application.properties
#bloqueio dos endpoints de autenticação - /auth
bucket4j.filters[0].cache-name=rate-limit
bucket4j.filters[0].http-response-body={ "message": "Too many requests" }
bucket4j.filters[0].url=/auth/.*   #url que será impactada pela regra
bucket4j.filters[0].rate-limits[0].expression=@authService.getCurrentAuthUserInSession()   #chave da regra de bloqueio. Retornado o usuário da sessão
bucket4j.filters[0].rate-limits[0].bandwidths[0].capacity=3   #3 requisições permitidas no intervalod de 1 minuto
bucket4j.filters[0].rate-limits[0].bandwidths[0].time=1
bucket4j.filters[0].rate-limits[0].bandwidths[0].unit=minutes
bucket4j.filters[0].rate-limits[0].bandwidths[0].fixed-refill-interval=5   #ao exceder, será bloqueado por 5 minutos
bucket4j.filters[0].rate-limits[0].bandwidths[0].fixed-refill-interval-unit=minutes

## StartController.java
@RestController
@RequestMapping("/")
public class StartController {

	@GetMapping
	public String helloWorld() {
		return "Helo World";
	}

}

## application.properties
#bloqueio para todos os endpoints, exceto do 'actuator'
bucket4j.filters[0].cache-name=rate-limit    #nome do cache no hazelcast.xml
bucket4j.filters[0].http-response-body={ "message": "Too many requests" }   #payload de retorno padrao em caso de exceder o limit
bucket4j.filters[0].url=.*    #regex para todas as URIs dos endpoints
bucket4j.filters[0].rate-limits[0].skip-condition=getRequestURI().contains('/actuator')  #exemplo de uma excessao que nao se aplica o rate-limit. A sintaxe é o SpEl - Spring Expression Language
bucket4j.filters[0].rate-limits[0].expression=getRemoteAddr()    #a expressão utilizada para gerar a chave do cliente. Neste caso o IP
bucket4j.filters[0].rate-limits[0].bandwidths[0].capacity=5    #a capacidade máxima de requisições
bucket4j.filters[0].rate-limits[0].bandwidths[0].time=1    #quantidade de tempo para análise do rate-limit
bucket4j.filters[0].rate-limits[0].bandwidths[0].unit=minutes    #intervalo de tempo (ChronoUnit) da análise
bucket4j.filters[0].rate-limits[0].bandwidths[0
	...

	"simple_modifications": [
	{
	"from": {
	"key_code": "right_command"
	},
	"to": [
	{
	"shell_command": "open -a 'iTerm.app'"
	fdupes -qdN -r ./ #remove duplicates files with same hash
	magick mogrify -format jpg -define preserve-timestamp=true *.heic #convert all files heic to jpg on current folder
	magick mogrify -path ./convert -define preserve-timestamp=true -format jpg -auto-orient -resize "1280x<" -quality 80% *.jpg #resize proprotional to folder "convert". Echo Show 8 size's
	magick mogrify -path ./convert -define preserve-timestamp=true -format jpg -resize "1280x800^" -gravity center -extent 1280x800 -quality 80% *.jpg #crop to amazon echo size after center zoom

	mkdir convert_logo
	magick mogrify -path convert_logo -compose over -gravity center -draw "image over 0,0 0,0 '<path/logo>.png'" *.jpg #OPTIONAL: Put logo on images
	...
	<profiles>
	<profile>
	<id>prd</id> <!-- chave do profile usado pelo CI/CD -->
	<build>
	<plugins>
	<plugin>
	<groupId>org.owasp</groupId>
	<artifactId>dependency-check-maven</artifactId>
	<version>5.3.2</version>
	#metrics - habilitar todos os endpoints do actuator
	management.endpoints.web.exposure.include=*
	management.endpoint.prometheus.enabled=true

	#metricas - /actuator/metrics/bucket4j_summary_consumed
	bucket4j.filters[0].metrics.enabled=true #habilitar as métricas do bucket4j
	bucket4j.filters[0].metrics.types=REJECTED_COUNTER #métricas habilitas apenas para os bloqueios, mas poderia considerar também o consumo: REJECTED_COUNTER,CONSUMED_COUNTER
	bucket4j.filters[0].metrics.tags[0].key=IP #chave do actuador
	bucket4j.filters[0].metrics.tags[0].expression=getRemoteAddr() #valor ip do cliente
	bucket4j.filters[0].metrics.tags[0].types=REJECTED_COUNTER #quantidade de bloqueios
	...
	<dependencies>
	...
	<!-- metrics dependency - actuator !-->
	<dependency>
	<groupId>org.springframework.boot</groupId>
	<artifactId>spring-boot-starter-actuator</artifactId>
	</dependency>
	...
	</dependencies>
	#bloqueio dos endpoints de autenticação - /auth
	bucket4j.filters[0].cache-name=rate-limit
	bucket4j.filters[0].http-response-body={ "message": "Too many requests" }
	bucket4j.filters[0].url=/auth/.* #url que será impactada pela regra
	bucket4j.filters[0].rate-limits[0].expression=@authService.getCurrentAuthUserInSession() #chave da regra de bloqueio. Retornado o usuário da sessão
	bucket4j.filters[0].rate-limits[0].bandwidths[0].capacity=3 #3 requisições permitidas no intervalod de 1 minuto
	bucket4j.filters[0].rate-limits[0].bandwidths[0].time=1
	bucket4j.filters[0].rate-limits[0].bandwidths[0].unit=minutes
	bucket4j.filters[0].rate-limits[0].bandwidths[0].fixed-refill-interval=5 #ao exceder, será bloqueado por 5 minutos
	bucket4j.filters[0].rate-limits[0].bandwidths[0].fixed-refill-interval-unit=minutes
	@RestController
	@RequestMapping("/")
	public class StartController {

	@GetMapping
	public String helloWorld() {
	return "Helo World";
	}

	}
	#bloqueio para todos os endpoints, exceto do 'actuator'
	bucket4j.filters[0].cache-name=rate-limit #nome do cache no hazelcast.xml
	bucket4j.filters[0].http-response-body={ "message": "Too many requests" } #payload de retorno padrao em caso de exceder o limit
	bucket4j.filters[0].url=.* #regex para todas as URIs dos endpoints
	bucket4j.filters[0].rate-limits[0].skip-condition=getRequestURI().contains('/actuator') #exemplo de uma excessao que nao se aplica o rate-limit. A sintaxe é o SpEl - Spring Expression Language
	bucket4j.filters[0].rate-limits[0].expression=getRemoteAddr() #a expressão utilizada para gerar a chave do cliente. Neste caso o IP
	bucket4j.filters[0].rate-limits[0].bandwidths[0].capacity=5 #a capacidade máxima de requisições
	bucket4j.filters[0].rate-limits[0].bandwidths[0].time=1 #quantidade de tempo para análise do rate-limit
	bucket4j.filters[0].rate-limits[0].bandwidths[0].unit=minutes #intervalo de tempo (ChronoUnit) da análise
	bucket4j.filters[0].rate-limits[0].bandwidths[0