News AggregatorTune the Need for Speed With Quality and Security Through Continuous Testing Practice in DevSecOpsAggregated on: 2021-12-15 19:34:19 The Need for Speed With Quality The slow speed of feedback to the dev team through the results of manual tests decreases productivity significantly. Re-executing manual tests in every iteration of SDLC is not a sustainable pattern in current world. There is never enough time, and adding more personnel to execute manual regression tests leads to reduced returns. Test effectiveness is a critical aspect to keep up with the faster-paced development life cycles so that sufficient quality of the system can be ensured and time and money can be saved. To have better test effectiveness, we need to think differently with the increasing adoption of agile and DevOps practices. We need to have automations in all layers of the test pyramid. This includes unit tests, component tests/service tests, and UI tests. Finding the Right Set of Tests The number of new features, and therefore the number of tests, increases significantly after a few iterations in almost all agile teams. The only way to keep up with the needed regression testing is to automate the right set of tests to ensure the change hasn’t impacted existing functionality. Realistically, we can’t test everything, and we can’t automate all our tests. So, we need to find the right balance. To accomplish this balance, mature DevOps teams use a combination of test automation and manual exploratory testing, both running in a continuous pattern. View more...Contention, Coherency, and Math Behind SoftwareAggregated on: 2021-12-15 19:34:19 Today I want to tell you a few words about how you can describe your system through mathematical equations — at least to some degree. You will get familiar with terms like Contention, Coherency, and Coherency Delay. Additionally, I want to show you laws and their mathematical equations that can help you calculate the impact of these 3 mechanics on your application. This article is more focused on overall system design and architecture than any other written by me till today — so consider yourself warned. In the article, I will try to answer a question: Can we scale systems indefinitely? View more...String Operations on Phone Numbers in SQLAggregated on: 2021-12-15 17:49:19 When dealing with SQL databases, users will have to interact with different data types and schemas depending on the project's requirements. Since databases are used in many different applications and support multiple platforms, devices, and users, there may be differences in how data is entered, even in a simple field like a phone number. For example, one set of users will enter the phone number with the country code, while the others may simply ignore the country code. Therefore, it is essential for database users to know how to clean data in a SQL database. In this post, we will see how to utilize SQL string operations on phone number fields to properly clean, format, and extract data. View more...Building an AWS Integration for Salesforce Image HandlingAggregated on: 2021-12-15 16:34:19 Introduction In this article, we’ll look at a solution that not only offloads your Salesforce image storage to Amazon Web Services (AWS), but also resizes and renders those images on demand. By offloading image storage to other solutions, your organization can free up Salesforce storage capacity. We’ll build off an example use case from Salesforce Field Service, but there are many other scenarios that can take advantage of these techniques. Having both a Salesforce org with Field Service installed and an AWS account are prerequisites for this article. View more...Migrating to Snowflake, Redshift, or BigQuery? Avoid these Common PitfallsAggregated on: 2021-12-15 16:04:19 The Drive to Migrate Data to the Cloud With data being valued more than oil in recent years, many organizations feel the pressure to become innovative and cost-effective when it comes to consolidating, storing, and using data. Although most enterprises are aware of big data opportunities, their existing infrastructure isn’t always capable of handling massive amounts of data. By migrating to modern cloud data warehouses, organizations can benefit from improved scalability, better price elasticity, and enhanced security. But even with all these benefits, many businesses are still reluctant to make the move. View more...Continuous Testing Practice: Shifting Left Tests and Security in DevSecOpsAggregated on: 2021-12-15 12:04:19 The Need for Speed and Quality The slow speed of feedback to the dev team through the results of manual tests decreases productivity significantly. Re-executing manual tests in every iteration of SDLC is not a sustainable pattern in the current world. There is never enough time, and adding more personnel to execute manual regression tests leads to reduced returns. Test effectiveness is a critical aspect to keep up with the faster-paced development life cycles so that sufficient quality of the system can be ensured and time and money can be saved. To have better test effectiveness, we need to think differently with the increasing adoption of Agile and DevOps practices. We need to have automations in all layers of the test pyramid. This includes unit tests, component tests/service tests, and UI tests. Finding the Right Set of Tests The number of new features naturally causes the number of tests to increase significantly after a few iterations in almost all agile teams. The only way to keep up with the needed regression testing is to automate the right set of tests to ensure the change hasn’t impacted existing functionality. Ideally, we can’t test everything, and we can’t automate all our tests. So, we need to find the right balance. To accomplish this balance, mature DevOps teams use a combination of test automation and manual exploratory testing, both running in a continuous pattern. View more...Engineering Manager: Do Not Be a HeroAggregated on: 2021-12-15 11:34:19 This is article is a follow-up to My First Thoughts as an Engineering Manager. It is a description of some behaviors that as engineering managers we have to avoid because they have a negative impact on the teams. I've read many books and articles about software engineering team dynamics, the term "Hero" usually references a software engineer that tries to help everyone and solve all the problems not using the best practices and focusing on the short term. Of course, I've seen this behavior in some engineers but usually, it hasn´t a big impact unless there is a "hero" culture in the organization. View more...How To Write Meaningful RetrospectivesAggregated on: 2021-12-15 09:49:19 One of the foundations of incident management in SRE practice is the incident retrospective. It documents all the learnings from an incident and serves as a checklist for follow-up actions. If we step back, there are 7 main elements to a retrospective. When done right, these elements help you better understand an incident, what it reveals about the system as a whole, and how to build lasting solutions. In this article, we’ll break down how to elevate these 7 elements to produce more meaningful retrospectives. 1. Messages to Stakeholders Incident retrospectives can be the core of your communication with customers and other stakeholders, post-incident. We talk a lot about how retrospectives function best when they involve input and feedback from all relevant stakeholders. That doesn't necessarily mean squeezing tons of folks into one meeting or sending out one long pdf to a large group without thoughtful considerations. View more...How To Do Deletion Animations With CSSAggregated on: 2021-12-15 09:49:19 In this quick tutorial, we're going to be looking at a bunch of different 'delete' styles to use on your next project. So let's take a look at some cool ways to delete things in your next project. Below are a set of delete animations that all work on similar principles. Let's take a look at them and then we'll jump into how they work. To start the animation, simply click the cross button on each card in the Codepen below. View more...Metadata Synchronization in Alluxio: Design, Implementation, and OptimizationAggregated on: 2021-12-15 08:49:19 Metadata synchronization (sync) is a core feature in Alluxio that keeps files and directories consistent with their source of truth in under-storage systems, thus making it simple for users to reason the data retrieved from Alluxio. Meanwhile, understanding the internal process is important in order to tune the performance. This article describes the design and the implementation in Alluxio to keep metadata synchronized. Why is Metadata Sync Critical in Alluxio In Alluxio, metadata refers to the information of files and directories in the Alluxio file system, including information of their owners, groups, permission, creation and modification time, etc. Metadata is independent of their content — even if a file or directory is empty, it still has associated metadata. View more...Data Classification With AWS Macie: Step by StepAggregated on: 2021-12-15 08:04:19 What Is Amazon Macie? Amazon Macie is a fully-managed data classification service that helps monitor your information. It uses machine learning technology to continuously analyze and classify content in Amazon Simple Storage Service (S3) buckets. After you activate Macie, the service starts scanning the contents of your S3 buckets. The initial scan helps establish a baseline of the data, including details on who accesses the data and with which protocols. Next, Macie inspects any request to access the data and provides visualizations on the dashboard. View more...How Is AI Used in Android App Development?Aggregated on: 2021-12-14 23:04:19 AI or Artificial Intelligence can be regarded as one of the most intriguing technologies that have been introduced in recent times. One can expect the AI industry to grow to $20 billion within the next couple of years. Consequently, this innovative technology is being adopted by many companies at present. Image Source: Google Besides adopting AI technology, these companies are likewise trying to use it for the benefit of the folks. In this article, we discuss the role played by AI in Android app development at present. View more...How to Prepare for a Personal Data Compliance AuditAggregated on: 2021-12-14 22:49:19 As the basis for the main requirements for data protection, we will consider the EU GDPR as the most pervasive and influential legislation in this area. In this article, we will skip the legal and organizational parts of the regulation which you can read elsewhere, and jump right in to explain what technical measures you can implement to get compliant. If you have a compliance check scheduled you will need to have the following in place: View more...The Present and Future of RPA for DevsAggregated on: 2021-12-14 22:04:19 We've touched on what goes into building a good RPA flow, so let's pull back a bit and look at the technology as a whole. Again, we're going to be tackling this from a developer's point of view, and again, we're going to rely on our friends from UiPath's dev team to help out. (By the way, this is going to be a useful, but higher-level look at RPA. If you're looking for more of a tutorial, check out our Refcard Getting Started With Robotic Process Automation.) View more...The Basics and Best Practices of Building RPA FlowsAggregated on: 2021-12-14 22:04:19 By this point, it should be clear that robotic process automation is going nowhere — and with good reason. The benefits of accuracy, compliance, and low technical barriers are pretty enticing to users. But what does that mean for companies and developers working on RPA? Maybe you're seeing more RPA-related tasks slipping into your sprints, or maybe you're just looking for a change of scenery in your job and want to sink your teeth into RPA. Well, with that in mind, I reached out to the dev team at UiPath to get a developer's perspective on RPA. In this post, we'll focus on the basics, best practices, and limitations of RPA flows. In another article, we'll examine how the RPA landscape is changing. View more...Virtual Reality and Augmented Reality in the BrowserAggregated on: 2021-12-14 22:04:19 Introduction This article about Progressive web apps is about implementing Virtual Reality (VR) and Augmented Reality (AR) in your web app. For this, we use A-Frame and the WebXR Web API. VR moves users to another world and lets them experience it as if they were themselves in this virtual world. AR, on the other hand, offers the possibility to blend the real and virtual worlds into one another. Both VR and AR offer unique opportunities for behavioral change, knowledge transfer, training, and research. For example, think of VR live streaming, social VR, and art. All this is now also possible in the browser! View more...Getting Started With OpenTelemetryAggregated on: 2021-12-14 21:34:18 Cloud-native and microservice architectures have risen in popularity throughout the developer community to address a number of challenges faced in modern application development. Addressing the problem of how to accurately monitor performance and availability for distributed applications, OpenTelemetry has revolutionized the way organizations tackle application observability. OpenTelemetry is an open-source collection of tools, APIs, SDKs, and specifications with the purpose of standardizing how to model and collect telemetry data. In this Refcard, we introduce core OpenTelemetry architecture components, key concepts and features, and how to set up an OpenTelemetry Tracing specification. View more...A Brief Note on Log4perlAggregated on: 2021-12-14 20:34:18 The Java world had an....interesting weekend when security researchers revealed on December 9 a vulnerability in the popular Apache Log4j 2 software library for recording and debugging events. Systems as diverse as Amazon Web Services, Apple iCloud, and the Minecraft video game could be exploited to run arbitrary code on a server merely by sending a specially-crafted string of text. Information technology professionals have been scrambling ever since the initial disclosure to patch, upgrade, reconfigure, or otherwise protect affected servers. It's bad, and past unpatched vulnerabilities like this have been responsible for the exposure of millions of people's sensitive data. Many Perl applications use the similarly-named and ‑designed Log::Log4perl library, and the good news is that, as far as I can tell, the latter doesn't suffer from the type of vulnerability described above. This doesn't mean poorly-written or ‑configured Perl-based systems are immune to all exploits, just this particular one. You should be safe to continue using Log4perl unless someone has deliberately configured it otherwise, and in fact, my work uses it extensively. View more...Jenkins Multibranch Pipeline and Git LFSAggregated on: 2021-12-14 20:34:18 In this blog, it is explained how to configure Jenkins Multibranch Pipelines when using Git LFS. This seems to be a non-issue at first sight, but the documentation is quite dispersed and no clear steps can be found how to configure this. Also, a troubleshooting section can be found at the end of the blog. 1. Introduction When trying to configure Jenkins Multibranch Pipelines in combination with Git LFS, numerous problems were encountered. No clear instructions could be found in the documentation and also Stack Overflow could not provide the answer. The error messages were also not given a clear description of what was wrong. In the end, I decided to create a sandbox environment running Jenkins from a local Docker container in combination with a GitLab Cloud Git repository. Eventually, ran into the same problems but I was able to find out which configuration was wrong. This blog consists of the following sections: View more...Why Is Application Security (AppSec) Important For Business?Aggregated on: 2021-12-14 20:04:18 Software applications are integral components of an organization’s success. Unfortunately, while applications are built to support faster growth and enhanced user experience, these are also prone to security incidents in the absence of appropriate security mechanisms. This article delves into application security and why it is vital to adopt the proper practices and tools to ensure attack vectors do not exploit inherent application vulnerabilities. What Is AppSec? With the rising adoption of software applications in business, an increase in cybersecurity attacks shows an upward trend. Out of all such attacks, Perforce.com projects that approximately 84% of such cybersecurity attacks are carried out in the application layer. View more...Getting Your Business Ready for API TuesdayAggregated on: 2021-12-14 17:04:18 The 2021 holiday season will be an inflection point: As the economy starts to ramp up again while the country still grapples with the pandemic, holiday shopping will be the most digital holiday season in history by a long shot. To get a sense of the scale, FedEx CEO Fred Smith predicts that the company will deliver 100 million more packages this year than in 2019. This year won’t bring long lines on Black Friday — something that has quickly been abandoned as a result of the pandemic and online shopping — as customers complete transactions through digital channels. But that won’t be able to happen without IT and development teams in the retail industry and the surrounding ecosystem working hard to ensure their infrastructures, bonded together by application programming interfaces (APIs), are functioning as smoothly as possible to handle the holiday demand. To do so, there are several API program best practices for these teams to follow as the holiday season approaches. View more...When Dominoes Fall: Microservices and Distributed Systems Need Intelligent DataOps and AI/ML To Stand Up TallAggregated on: 2021-12-14 16:34:18 As soon as the ITOps technician is ready to grab a cup of coffee, a zing comes along as an alert. Cling after zing, the technician has to respond to so many alerts, leading to fatigue. The question is: why can’t systems be smart enough to predict bugs and fix them before sending an alert to them? Imagine what happens when these ITOps personnel have to work with a complex and hybrid cloud of IT systems and applications. They will dive into alert fatigue. The emerging architecture specific to microservices is built with the following purposes: View more...PostgreSQL versus MySQL performanceAggregated on: 2021-12-14 11:04:18 When you need a database, you typically chose one according to its performance, and/or feature set. However, a "highly scientific performance test" might not speak much about your application's end resulting performance. Due to these reasons, I chose to create a "fully fledged app" using Magic and Hyperlambda, and I chose to create it twice. Once using Oracle's Sakila database and then once more using PostgreSQL's Pagila database. The reasons why this is interesting, is because the Pagila database is more or less an exact "port" of the Sakila database, including each row in its tables. This allows us to measure the performance differences between these two different databases, and end up with a result resembling the performance difference we might expect in our application. View more...How Containers Improve the Management of Embedded Linux Distros for IoTAggregated on: 2021-12-14 10:34:18 The embedded Linux appliance industry is changing from making innovative apps for low-cost, low-spec devices to one where powerful hardware runs more complex applications. While resource-intensive devices will become the norm, the low-end will still be the ones delivering the volume and the backbone of the consumer industry in today’s embedded Linux Internet of Things (IoT) ecosystem. With the explosion of the connected IoT on the intelligent edge, it’s more important than ever to keep devices up to date and secure. We discuss the challenges faced by embedded engineers on managing firmware and their apps on low-spec embedded devices. Finally, we’ll describe how containers and other cloud-native technologies can help automate and make IoT Linux distros secure and portable. Top Three Challenges in Managing Low-Spec Embedded Devices #1. Keeping Embedded Systems Lean Across Diverse Hardware Most embedded devices for IoT are single-function and single-purpose, and they are fitted with minimal hardware capabilities that support their intended purpose. In addition, the diverse set of hardware can have limited flash memory with a minimum of 32 MB of NAND, NOR, or EMMC storage with a minimum RAM of 64 MB. These constraints, as well as the diversity of hardware, can limit its processing and networking capability. View more...Developing Event-Driven MicroservicesAggregated on: 2021-12-14 05:34:18 This is the second in a series of blogs on data-driven microservices design mechanisms and transaction patterns with the Oracle converged database. The first blog illustrated how to connect to an Oracle database in Java, JavaScript, Python, .NET, and Go as succinctly as possible. The goal of this second blog is to use that connection to receive and send messages with Oracle AQ (Advanced Queueing) queues and topics and conduct an update and read from the database using all of these same languages. Advanced Queuing (AQ) is a messaging system that is part of every Oracle database edition and was first released in 2002. AQ sharded queues introduced partitioning in release 12c and is now called Transaction Event Queues (TEQ). View more...Java Media Player: Web Browser-Based ApproachAggregated on: 2021-12-14 05:34:18 If you need to embed a media player into your Java desktop application, there are several options for this: You can use JavaFX Media API to implement all the required media player functionality as shown in this example. A bit outdated but still functional Java Media Framework can be a solution. You can integrate a third-party Java library like VLCJ which wraps the functionality of a native media player. Each of them has its pros and cons: View more...Sweeter Perl Exception ClassesAggregated on: 2021-12-14 05:04:18 I mentioned at the Ephemeral Miniconf last month that as soon as I write about one Perl module (or five), someone inevitably brings up another (or seven) I’ve missed. And, of course, it happened again last week. No sooner had I written in passing that I was using Exception::Class than the denizens of the Libera Chat IRC #perl channel insisted I should use Throwable instead for defining my exceptions. I’ve already blogged about various ways of catching exceptions. Why Throwable? Aside from Exception::Class’s author recommending it over his own work due to a “nicer, more modern interface,” Throwable is a Moo role, so it’s composable into classes along with other roles instead of mucking about with multiple inheritances. This means that if your exceptions need to do something reusable in your application like logging, you can also consume a role that does that and not have so much duplicate code. If you're wondering, no, I’m not going to pick a favorite logging module; I’ll probably get that wrong too. View more...Designing High-Volume Systems Using Event-Driven ArchitecturesAggregated on: 2021-12-14 02:19:18 Prelude Microservices style application architecture is taking root and rapidly growing in population that are possibly scattered in different parts of the enterprise ecosystem. Organizing and efficiently operating them on a multi-cloud environment organizing data around microservices, making the data as real-time as possible are emerging to be some of the key challenges. Thanks to the latest development in Event-Driven Architecture (EDA) platforms such as Kafka and data management techniques such as Data Meshes and Data Fabrics, designing microservices-based applications is now much easier. View more...Java Web Crawler: Web Browser-Based ApproachAggregated on: 2021-12-13 23:49:18 There is a lot of data on the Internet now. Often, it needs to be extracted and analyzed for various marketing research and business decision-making purposes. When needed, it should be done quickly and efficiently. Why does one need to collect and analyze data? It may be necessary for a variety of reasons: View more...WebFlux and Spring Data Example for Java RecordsAggregated on: 2021-12-13 23:19:18 Traditionally, Java developers have depended on constructors, accessors, equals(), hashCode(), and toString() to define classes for basic aggregation of values. However, this is an error-prone approach that adds little value and diverts attention away from modeling immutable data. Java records were initially offered as a preview in JDK 14 to simplify writing data carrier classes. The second preview was released in JDK 15, and the final version in JDK 16. The JDK Enhancement Proposal JEP 395 has a summary of this history. While code generators can help reduce boilerplate code, the Java record proposals focus on the semantics of the code. Let's look at the characteristics and benefits of Java records and how to use them to develop a REST API and query a database. View more...XSS Attacks: Best PreventionAggregated on: 2021-12-13 22:04:18 What Is Cross-Site Scripting Prevention? A Cross-site scripting attack involves the execution of malicious code on a victim’s browser. Typically, the challenges to prevent Cross-site scripting (XSS) vulnerabilities are complex, since attacks can be orchestrated at any point in a vulnerable web application. This article explores the best practices for Cross-site scripting prevention, types of attacks in modern web applications and addresses commonly asked questions. Before we look at those areas, here is a quick introduction to how an XSS attack is orchestrated. View more...AI and IoT, Part 3: How to Apply AI Techniques to IoT Solutions — A Smart Care ExampleAggregated on: 2021-12-13 18:19:18 This is the third part of a three-part blog series. You can read the first part here and the second part here. Introduction In this final part of the series, I will be using the real-life example of an elderly care field trial in order to explain how we combine different AI techniques, in our case, using the Waylay platform. The DIoTTO project was developed by three partner companies (Studio Dott, Sensolus, and Waylay) and was funded through the Flanders Care Living Labs and supported by the VOKA Health Community. Studio Dott prototyped the app and was leading the overall concept; Sensolus provided sensors for the project, and Waylay worked on data mining and rules implementations. View more...AI and IoT, Part 1: Challenges of Applying Artificial Intelligence in IoT Using Deep LearningAggregated on: 2021-12-13 18:19:18 This is the first part of a three-part blog series. You can read the second part here and the third part here. The Internet of Things provides us with lots of sensor data. However, the data by itself does not provide value unless we can turn it into actionable, contextualized information. Big data and data visualization techniques allow us to gain new insights through batch-processing and off-line analysis. Real-time sensor data analysis and decision-making is often done manually, but to make it scalable, it is preferable that it is automated. View more...Revamping Online Commerce Workflows by Deploying Semi-Supervised Machine Learning ModulesAggregated on: 2021-12-13 17:34:18 Automation has quickly become something of a watchword in the field of online marketing, but it's often applied inconsistently. Due to the long lead times that are necessary when developing an automation tool, specialists often only deploy larger commercial packages in their places of business. These are meant to be one-size-fits-all solutions that may not be custom-tailored to a given industry. Data scientists wouldn't normally take too much of a glance at this field, since they're generally involved in research that's somewhat outside of the purview of these business practices. The large enterprise-scale artificial intelligence systems that they deploy tend to be too complex to scale down to the needs of small business owners. The development of so-called semi-supervised algorithms is helping to port this technology to the home microcomputer platforms that once led a digital revolution, which in turn is helping individual business owners to implement it in their own offices. After all, it normally isn't possible to deploy supercomputing-focused modules in a commercial environment. View more...Database Security Best PracticesAggregated on: 2021-12-13 16:34:18 Following the database security best practices outlined in this article will help ensure that your data is kept confidential and secure in the face of malicious attacks and data breaches. Whether you are creating a database from scratch with code or working with one of the many no-code development tools, you to ensure the data you collect is protected. Databases range in size and complexity from small and simple to massive and complex, but no matter the size or structure, the data within must be secure. View more...Example of Pushdown Using SingleStore and Spark - 2/2Aggregated on: 2021-12-13 14:19:18 Abstract In the first part of this Pushdown series, we successfully loaded our weather data into a Spark Dataframe, checked the number of rows, and then wrote the Dataframe to SingleStore using the SingleStore Spark Connector. In this final part of our query Pushdown series, we’ll see an example of Pushdown using our weather database. The notebook files used in this article series are available on GitHub in DBC, HTML, and iPython formats. View more...Great Engineering Teams Focus On Milestones Instead of ProjectsAggregated on: 2021-12-13 13:49:18 Milestones: The Surprise Solution to Challenges in Product Development The root of all much evil in engineering is our focus on projects. Most engineering organizations focus on delivering projects while what they should focus on is milestones. Managing projects is hard. Companies contort themselves to do it well. Instead of playing chess, switch to checkers. milestones are an easier game, and you get better results. View more...Managing Active Directory Objects With Azure AD Provider for TerraformAggregated on: 2021-12-13 13:04:18 The Azure AD provider for Terraform can be used to manage your Azure Active Directory resources declaratively. This allows you to do things like: Automatically provision users and make sure they belong to the correct groups. Manage Azure compute permissions via Azure AD groups. In this post, you will learn what the Azure AD Terraform provider is used for, how to authenticate and grant permissions and see examples of what you can do with it. Let’s get started. View more...YAKDT: Yet Another Kubernetes Development ToolkitAggregated on: 2021-12-13 11:04:18 This article is in line with our latest article YAKD: Yet Another Kubernetes Dashboard in which we listed several dashboard projects dedicated to managing Kubernetes clusters. In this article, we focused on development tools and we tried to highlight considerations that everyone should have in mind to correctly identify which tool is the best in which context. Every SRE, DevOps engineer, developer, and Kubernetes operator had to answer this question at least once in their life: what tool would be the best to manage my Kubernetes resources? View more...How To Create a NestJS Redis Microservice?Aggregated on: 2021-12-13 10:34:18 In this post, we will learn how to create a NestJS Redis Microservice. Basically, we will learn how to use the Redis transporter. This transporter leverages the publish/subscribe messaging paradigm. This post uses the NestJS Microservice package. If you are new to the same, please refer to this detailed post about creating a NestJS Microservice. View more...Native-image With QuarkusAggregated on: 2021-12-13 10:34:18 So far, we have looked at how well Spring Boot and Micronaut integrate GraalVM native image extension. In this post, I'll focus on Quarkus: A Kubernetes Native Java stack tailored for OpenJDK HotSpot and GraalVM, crafted from the best of breed Java libraries and standards. View more...LinkedIn Security Vulnerability: A Lesson for Security EngineersAggregated on: 2021-12-13 02:04:18 Security-related controversies are not new for LinkedIn. Here's the latest one, which was discovered by a cybersecurity firm, Cyphere, in Aug 2021. As per the company's report, anyone can post jobs on behalf of any company they want, without the consent or knowledge of the original company! This means hackers can post jobs impersonating a reputed company and invite the job applications, receiving thousands of CVs on the fake email address, or redirect candidates to a malicious or phishing website! View more...Complex Test Data Prototyping With shapeless and MonocleAggregated on: 2021-12-13 02:04:18 Introduction This article describes how shapeless and Monocle libraries, along with GoF patterns and type classes derivations, can help generate complex data for unit tests easily. I'd like to ask for some patience in advance: there is going to be plenty of code because the problem I'm going to present is pretty visible after certain codebase size and domain model complexity. The System Under the Test For the sake of the article example, let's consider a Spark application for personal expenses reports calculations. View more...Kubernetes Version 1.23 Is Out: Everything You Should KnowAggregated on: 2021-12-12 21:49:17 The Christmas edition of Kubernetes comes with 45 new enhancements to make it more mature, secure, and scalable. In this blog, we’ll focus on the critical changes grouped into the Kubernetes API, containers and infrastructure, storage, networking, and security. Let's start with the “face of Kubernetes”, which makes it scalable and expandable. View more...Why Good Communication Is Vital for Software Developer TeamsAggregated on: 2021-12-12 21:19:17 Whether it's about viewing pull requests, communicating with other developers, stakeholders, non-technical people, or some other form of feedback, how you do it matters a lot and becomes a primary part of a software developer's career. Communication affects people, helps you to work well with your team, and increases effectiveness, which is why it is so important to communicate correctly. View more...How to Pinpoint and Fix Distributed Problems Across MicroservicesAggregated on: 2021-12-12 18:04:17 Microservices are separated logically but are highly dependent on each other to deliver the expected functionality. This means performance problems become distributed across multiple services and can be difficult to trace. Gone are the days of a developer being able to just run a debugger to find problem code — now multiple contributing factors affect the state of an application in microservices, as well as in Kubernetes environments. A testing harness that closely mirrors the production setup and incoming traffic has become a requirement for highly distributed microservices and containerized environments. View more...Exploring GridGain Nebula: Cloud-Native Service for Apache IgniteAggregated on: 2021-12-12 18:04:17 Let's suppose that you embraced Apache Ignite's high-performance distributed database for your projects and now moving to the cloud. As part of that transitioning, you prefer using fully-managed services for your databases, including Ignite. In this article, I'll show you GridGain Nebula -- a fully-managed, cloud-native service for Ignite. Nebula is an end-to-end solution for running Apache Ignite clusters. With Nebula, you can run scalable, performing application workloads without the hassle of operating the environment. The Nebula hosted solution offers operations as a service. The back-end team manages and operates the clusters, performs software upgrades. It also handles patching, monitoring, and provisioning. View more...5 Ways to Make Sprint Retrospectives BetterAggregated on: 2021-12-12 17:34:17 Engineering teams need to plan and organize workloads into manageable pieces and sprints are a common, helpful way of doing so. By planning sprints well and including time for not just building, but also getting it done to quality standards, teams can take on a sustainable workload and get more predictable about their schedules. However, if these sprints are not set up efficiently, you can end up feeling worn down by common issues, which sometimes could just be the symptoms of a deeper root cause. A powerful way to avoid making the same mistakes repeatedly is by doing an honest sprint retrospective – a routine part of the agile process – after each sprint. For an hour or two, all members of the sprint team meet to discuss how to make meaningful improvements to the workflow, process, and team efficiency. An efficient sprint retro can look a little like the below: View more...How to Securely Commission Your IoT DeviceAggregated on: 2021-12-12 17:34:17 If you’re planning to grow your IoT business, you’ll eventually have to add new devices to your existing IoT project. This process is referred to as “commissioning” and, to be successful, you must get it right. Why? Well, if a new IoT device is introduced to a project without taking the necessary precautions, the security of that project could be significantly compromised. Hackers can take advantage of any vulnerabilities that can come up while commissioning, and get access to your project and its data. Open ports or data that are not encrypted can be exploited to get access to your network. Therefore, you need to take it seriously. View more...MongoDB Basics in 5 MinutesAggregated on: 2021-12-12 17:04:17 MongoDB is a document-oriented database management system that does not require any predefined schema. It is considered one of the classic examples of NoSQL systems. It uses JSON-like documents and a database schema. The database is used in web development, in particular, within the framework of some JavaScript stacks such as MEAN, MEVN, MERN, which are often used by web developers as their favorite tech stacks for creating applications. View more... |
|
|