periodical | A calendar to track your menstruation and calculate | Calendar library

No, it's by design. Here is a comment from the source code:

This seems like a problem with the dependency that I'm using (UnixDateTimeField) as the error thrown out was pointed toward the package in my virtual environment.

I resorted to store the time in an integer field:

1. JSON Web Key Set (JWKS aka JWK Set) is a list of JSON Web Keys (JWKs). Since JWK Set is simply a container, it contains no metadata such as an expiration date/time.

2. It does not expose this for at least two reasons:

• RFC 7517 is the specification that governs the behavior of JWKs and JWK Set. It does not mention or require the provider to publish an expiration date/time. Perhaps this is so due to reason #2:
• The provider should be able to remove keys for any reason at any time. Possible reason: key has been compromised. (For a private/public keypair, this would mean the private key has been compromised and the corresponding public key published via JWKS should be removed from circulation). This example is an outlier but it does happen and the provider would have to act immediately to fix it.

Emergencies notwithstanding, providers do rotate keys on a regular basis as a matter of good security hygiene. To handle key rotation (be it planned or emergency), your application should adhere to a simple algorithm. It should periodically fetch the keys from JWKS endpoint, build a local replica of all keys and add/remove keys from this replica based on the last fetch. Only keys found in the local replica should be used by your application to perform a cryptographic operation such as verifying a signature on a JWT.

Each JWK has a kid (key id) parameter and this parameter is used to match a specific key. RFC 7517 recommends using kid to choose among a set of keys within a JWK Set during key rollover. When your application does a fetch of keys from JWKS, you'll be comparing the set of keys coming from JWKs to the set of keys in your local replica. The comparison is based on kid. If a key with some kid is present in JWKS but not present in your local replica, you should add this key to your replica. Vice versa, if a key with some kid is present in your local replica but not present in JWKS, you should remove this key from your local replica.

How frequently should your application fetch the keys from JWKS? This is up to you, it depends on the risk tolerance of your app and/or your organization. Some apps fetch every minute, others do it hourly or daily.

Let's say your app never does this fetch, the key is hardcoded in your app. This will work until the key is removed by the provider. (We're assuming that we're talking about a public key here. A JWK could represent a private key...and that you will not want to embed into your app). Some providers don't rotate keys or do so once in a very long while. If you're dealing with a well-known (to you) provider and they guarantee to you that they won't rotate keys, your risk of embedding a key into your app is low.

In general, embedding a public key into the app is not a good idea. If you're going to be using a JWKS endpoint, implement a simple fetch + update solution as outlined above.

You can use in below way:

For step 2) First, you have to identify the records that have the same data for this you can run a select query with where clause before inserting any recode and count the number of records you receive as output. If the count is more than 0 don't insert the recode otherwise you can insert the recode.

For step 3) For this, you can insert a column as you mention above with the name 'db_expire_date' and insert the expiration value at the time of record insertion only.

You can also use a column like 'is_expire' but for that, you need to add a cron job that can update the DB periodically for the value of this column.

you can download newer version of the tools and install it, just like you do on linux host

example Dockerfile like below:

There are an infinite number of solutions to fit your constraints. A simple one is to require that each run has the same probability to be successful. Let's call this probability 𝑝.

We must satisfy that the probability of getting success in the first nMax runs is 0.95. In other words, the probability of not getting success in the first nMax runs is 0.05.

Not getting success in the first run, has a probability of 1 − 𝑝. Not getting success in both the first and second run, has a probability of (1 − 𝑝)². Not getting success in any of the first nMax runs, has a probability of (1 − 𝑝)^nMax

Let's solve this:

      (1 − 𝑝)^nMax = 0.05

so:

      𝑝 = 1 − 0.05^1/nMax

Prometheus doesn't implement it's own authentication|authorization.

Your best approach is to secure access to all host(s) running all software and, in this case, to the hosts running these Docker containers and all targets that you scrape etc.

All cloud providers provide ways by which you may limit access to the resources you create with their platforms. You'll want to become familiar with your preferred platforms' mechanisms and you should establish confidence, in part, by proving to yourself that you're able to restrict access to your services when you deploy then to these platforms.

Perhaps start with a simple test web site, secure it, then test that it is secure. Once you're confident in doing this, deploy your Prometheus services.

See this document on Prometheus security

I believe it is better to separate the two ways of launching your jobs. You can use the controller for API-based on-demand job launches, and use the @Scheduled way for a background process that launches jobs on the defined schedule.

That said, you should take into consideration the concurrency policy for your job definitions. For example, what should your system do if a job launch request comes through the API and tries to launch the same job that has been launched by a schedule (which could be running at that time)?. There are other use cases, but those depend on your requirement.