Thursday, May 30, 2019

branching models, trunk based development

the only good git presentations are VISUAL - unless you visualize what happens in terms of commits, there is NO WAY you can learn.


here they explain very well the meaning of -no-ff (no fast forward)

git merge --no-ff myfeature

https://nvie.com/posts/a-successful-git-branching-model/

"The --no-ff flag causes the merge to always create a new commit object, even if the merge could be performed with a fast-forward. This avoids losing information about the historical existence of a feature branch and groups together all commits that together added the feature. "

interesting the explanation of Feature branches, Release branches, Hotfix branches


Here great explanation of merge vs rebase https://git-scm.com/book/en/v2/Git-Branching-Rebasing



https://jenkins-x.io/about/accelerate/


Really interesting what they say here:

https://trunkbaseddevelopment.com/



Tuesday, May 28, 2019

Codota!

I have just read/watched the Baeldung article on Codota https://www.baeldung.com/codota

this thing seems to have a big future... as IT developer, I am often confronted with a blank screen and a "and now what?" and googling for working examples... with so many frameworks libraries languages etc, it's unrealistic to expect that every developer should remember all by heart... nor people having the discipline of building a collection of quickstarts/examples.

having an IDE who can guide you through the syntax of each specific framework is really enormously boosting productivity and self-confidence.

I will explore the tool when I have time

Sunday, May 19, 2019

JAXRS all-in-one

All annotations are summarized here https://dzone.com/articles/introduction-to-restful-web-service-a-jax-rs-speci

"Base URL for any web application is:

http://<server>:<port>/<context-root>

Append tag from web.xml with Base URL that forms:

http://<server>:<port>/<context-root>/<url-pattern>

Append class-level @Path(“class-level”) annotation and then method-level @Path(“method-level”) annotation that forms:

http://<server>:<port>/<context-root>/<url-apptern>/<class-level>/<method-level>"





https://dzone.com/articles/an-introduction-to-jax-rs-annotations-part-1

https://dzone.com/articles/what-are-jax-rs-annotations


https://readlearncode.com/java-ee/what-is-javax-ws-rs-core-context-httpservletresponse-and-httpservletrequest/


https://readlearncode.com/java-ee/what-are-the-jax-rs-annotations-get-post-path-applicationpath/


https://dzone.com/articles/what-is-javaxwsrscorecontext



@ApplicationPath("api")
extends Application

@Path("/books")

@GET
@Produces(MediaType.APPLICATION_JSON)

@POST
@Consumes(MediaType.APPLICATION_JSON)

@PUT
@HEAD

@DELETE

@Path("{isbn}")

@PathParam("isbn") String isbn

@QueryParam

@OPTIONS

@javax.ws.rs.HeaderParam
javax.ws.rs.core.Response

javax.ws.rs.core.SecurityContext



It's all very clear apart @Context... read here to understand @Context
https://readlearncode.com/java-ee/what-is-javax-ws-rs-core-context-httpheaders-and-uriinfo/

this for SecurityContext : https://readlearncode.com/java-ee/what-is-javax-ws-rs-core-context-securitycontext/


and some more coding examples here https://www.mkyong.com/webservices/jax-rs/get-http-header-in-jax-rs/




Friday, May 17, 2019

More interesting readings on quarkus and microprofiles

I reveive from my friend Rob:

This will soon overhaul Spring Boot. Look how they fast grow with integrating all enterprise patterns on Quarkus. This community is the driver https://smallrye.io/

Look at this suberb documentation

https://quarkus.io/guides/, almost covering everything you need

https://quarkus.io/guides/logging-guide
https://quarkus.io/guides/jwt-guide
https://quarkus.io/guides/transaction-guide

and then this amazing reactive streaming doc

https://quarkus.io/guides/kafka-guide


this will leave spring boot behind really soon


Worth reading is also https://www.baeldung.com/quarkus-io

Interesting also eclipse.microprofile https://www.baeldung.com/eclipse-microprofile running on Open Liberty



Thursday, May 16, 2019

Jooq and QueryDSL as alternatives to JPQL, Panache,

HQL (and JPQL) both suck because they are not statically typed..."lack of type safety and absence of static query checking" "concatenation of strings which is usually very unsafe "

"Criteria Query API ended up very verbose and practically unreadable. "


https://www.jooq.org/

"jOOQ generates Java code from your database and lets you build type safe SQL queries through its fluent API. "

So this is no ORM framework, it uses your DB as it is, it simply allows you to write safer SQL queries directly in a fluent Java API. No Hocus-Pocus, it's a 1-to-1 mapping between DB and Java.

Here some examples https://www.jooq.org/doc/3.11/manual-single-page/#jooq-in-7-steps



http://www.querydsl.com/

how to use it https://www.baeldung.com/querydsl-with-jpa-tutorial and https://www.baeldung.com/intro-to-querydsl



If you want to use Native SQL or JPQL in Spring: https://www.baeldung.com/spring-data-jpa-query


This is the horribly verbose JPA Criteria API https://www.baeldung.com/hibernate-criteria-queries
" the main and most hard-hitting advantage of Criteria queries over HQL is the nice, clean, Object Oriented API."




Apache SSL and ciphersuites

Useful commands and links

https://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslciphersuite


openssl ciphers -v

http://www.openssl.org/docs/apps/ciphers.html

httpd -v
httpd -V

https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html

openssl s_client -connect 129.123.123.112:443

yum list all
yum install nmap


nmap -p 443 --unprivileged -script ssl-enum-ciphers 129.123.123.112

https://www.tecklyfe.com/nmap-script-test-ssl-versions-cipher-suites/

SSLCipherSuite HIGH:!aNULL:!MD5

SSLCipherSuite HIGH:!aNULL:!MD5:!SSLv3:!TLSv1

PORT    STATE SERVICE
443/tcp open  https
| ssl-enum-ciphers: 
|   SSLv3: No supported ciphers found
|   TLSv1.0: No supported ciphers found
|   TLSv1.1: No supported ciphers found
|   TLSv1.2: 
|     ciphers: 
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - strong
|       TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - strong
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - strong
|       TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - strong
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - strong
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - strong
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - strong
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA256 - strong
|       TLS_RSA_WITH_AES_128_GCM_SHA256 - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA256 - strong
|       TLS_RSA_WITH_AES_256_GCM_SHA384 - strong
|     compressors: 
|       NULL
|_  least strength: strong





https://en.wikipedia.org/wiki/Évariste_Galois

talking about GCM ciphers https://en.wikipedia.org/wiki/Galois/Counter_Mode






yarn react and materialui

open cmd with admin rights:
choco install yarn
close this cmd and open a "normal" cmd

yarn create react-app app
cd app
yarn add bootstrap@4.1.3 react-cookie@3.0.4 react-router-dom@4.3.1 reactstrap@6.5.0
yarn add @material-ui/core
yarn start


in App.js:


import React, {Component} from 'react';
import './App.css';
import Button from '@material-ui/core/Button';
import Table from '@material-ui/core/Table';
import TableRow from '@material-ui/core/TableRow';
import TableCell from '@material-ui/core/TableCell';




Friday, May 10, 2019

CDI in IntelliJ Java Enterprise projects

I was following this https://www.jetbrains.com/help/idea/creating-and-running-your-first-java-ee-application.html tutorial to deploy a Primefaces application to Wildfly 16, but I kept getting an error


unable to find cdi beanmanager

I have tried adding Maven support and adding the dependency

<dependencies>

<dependency>
<groupId>javax.enterprise</groupId>
<artifactId>cdi-api</artifactId>
<version>1.2</version>
</dependency>

</dependencies>


to no avail.

Funnily, setting webapp version="2.3" instead of version="4.0" in web.xml fixes the problem.


Then I added CDI support as shown here:

https://www.jetbrains.com/help/idea/context-and-dependency-injection-cdi.html

and using version="4.0" and things are working.

good old friend JMeter

JMeter is one of those primitive animals that never goes extinct.

Decent presentation:




Excellent comparison with SoapUI
https://octoperf.com/blog/2018/06/05/jmeter-vs-soapui/

JMeter is good for a VERY quick and dirty PERFORMANCE test of a service.


Incorporating JMeter Performance tests in Maven builds: https://www.ubik-ingenierie.com/blog/shift-left-performance-tests-jmeter-maven/ and this is the plugin https://github.com/jmeter-maven-plugin/jmeter-maven-plugin/wiki





Some books on the topic:




Sai Matam, Jagdeep Jain - Pro Apache JMeter_ Web Application Performance Testing Apress (2017)

Bayo Erinle - JMeter Cookbook Packt Publishing (2014)

Bayo Erinle - Performance Testing with JMeter 3 Enhance the performance of your web application Packt Publishing (2017)





GraalVM native image

download GraalVM CE and unzip it to /home/centos/graalvm-ce-19.0.0/

export JAVA_HOME=/home/centos/graalvm-ce-19.0.0/
export GRAALVM_HOME=/home/centos/graalvm-ce-19.0.0/

cd /home/centos/graalvm-ce-19.0.0/bin
./java -version
sudo ./gu install native-image

vi HelloWorld.java

public class HelloWorld {
        public static void main(String[] args) {
            System.out.println("hello world");
        }
}



./javac HelloWorld.java

time ./java HelloWorld


hello world

real 0m0.074s
user 0m0.057s
sys 0m0.019s



./native-image -H:+ReportExceptionStackTraces HelloWorld

Build on Server(pid: 6249, port: 45750)
[helloworld:6249]    classlist:     299.78 ms
[helloworld:6249]        (cap):     359.96 ms
[helloworld:6249]        setup:     479.50 ms
Error: Basic header file missing (). Make sure headers are available on your system.
com.oracle.svm.core.util.UserError$UserException: Basic header file missing (). Make sure headers are available on your system.
 at com.oracle.svm.core.util.UserError.abort(UserError.java:65)
 at com.oracle.svm.hosted.c.CAnnotationProcessor.reportCompilerError(CAnnotationProcessor.java:138)
 at com.oracle.svm.hosted.c.codegen.CCompilerInvoker.compileAndParseError(CCompilerInvoker.java:74)
 at com.oracle.svm.hosted.c.CAnnotationProcessor.compileQueryCode(CAnnotationProcessor.java:131)
 at com.oracle.svm.hosted.c.CAnnotationProcessor.process(CAnnotationProcessor.java:84)
 at com.oracle.svm.hosted.c.NativeLibraries.finish(NativeLibraries.java:311)
 at com.oracle.svm.hosted.NativeImageGenerator.processNativeLibraryImports(NativeImageGenerator.java:1523)
 at com.oracle.svm.hosted.NativeImageGenerator.setupNativeLibraries(NativeImageGenerator.java:997)
 at com.oracle.svm.hosted.NativeImageGenerator.setupNativeImage(NativeImageGenerator.java:829)
 at com.oracle.svm.hosted.NativeImageGenerator.doRun(NativeImageGenerator.java:521)
 at com.oracle.svm.hosted.NativeImageGenerator.lambda$run$0(NativeImageGenerator.java:441)
 at java.util.concurrent.ForkJoinTask$AdaptedRunnableAction.exec(ForkJoinTask.java:1386)
 at java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:289)
 at java.util.concurrent.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1056)
 at java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1692)
 at java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:157)
Error: Image build request failed with exit status 1



sudo yum install glibc-devel
sudo yum install zlib-devel
sudo yum install gcc

./native-image HelloWorld

time ./helloworld
hello world

real 0m0.012s
user 0m0.001s
sys 0m0.011s




References:

https://www.graalvm.org/






Monday, May 6, 2019

Accelerate

https://www.kobo.com/us/en/ebook/accelerate-7




This is an excellent book - not only about technology but mostly about culture, leadership, teamwork, innovation.

I don't share the enthusiastic vision of the author for which life is about serving corporations to beat competition and cut jobs. However it's an educational book.


JDK maven Nexus and HTTPS

If your Nexus repository uses certificates signed by your own Root CA, chances are that a JDK doesn't trust them.

Then when you run

mvn package

you get


sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target


Go to your JAVA_HOME\jre\lib\security folder, where the cacerts file is located, and issue

keytool -list -v -keystore cacerts

enter "changeit" as password

this shold tell you all your trusted CAs

You should import your own CA certificate to into this keystore.


I have tried also setting:


set MAVEN_OPTS="-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true"

but it disn't work for me.




Panache as a wrapper for Hibernate

https://quarkus.io/guides/hibernate-orm-panache-guide

https://developers.redhat.com/courses/quarkus/effective-data-hibernate-and-panache-quarkus/

The product seems very well conceived, it really streamlines your JPA code.

One more aspect where the Java world has completely screwed up, is the 20 different ways you can implement DB queries....
ah if only ORM had been embedded into the language from the beginning, we would be dealing with a single persistence framework.



Thursday, May 2, 2019

Enabling Swagger in a Java EE application

This should be enough:

0) add Maven dependencies:

com.wordnik:swagger-jaxrs_2.10:1.3.1


1) with an Application, register the Swagger jaxrs resources:

import java.util.Set;

import javax.ws.rs.ApplicationPath;
import javax.ws.rs.core.Application;

@ApplicationPath("/rest")
public class JaxRsActivator extends Application {

 @Override
 public Set<Class<?>> getClasses() {
  Set<Class<?>> resources = new java.util.HashSet<>();
  resources.add(com.wordnik.swagger.jaxrs.listing.ApiListingResource.class);
  resources.add(com.wordnik.swagger.jaxrs.listing.ApiDeclarationProvider.class);
  resources.add(com.wordnik.swagger.jaxrs.listing.ApiListingResourceJSON.class);
  resources.add(com.wordnik.swagger.jaxrs.listing.ResourceListingProvider.class);
//  resources.add(BearerTokenFilter.class);
  addRestResourceClasses(resources);
  return resources;
 }

 private void addRestResourceClasses(Set<Class<?>> resources) {
  resources.add(BlaService.class);
  resources.add(MumbleService.class);
 }

}




2) register the Swagger configuration:


import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;

import com.wordnik.swagger.config.ConfigFactory;
import com.wordnik.swagger.config.ScannerFactory;
import com.wordnik.swagger.config.SwaggerConfig;
import com.wordnik.swagger.jaxrs.config.DefaultJaxrsScanner;
import com.wordnik.swagger.jaxrs.reader.DefaultJaxrsApiReader;
import com.wordnik.swagger.reader.ClassReaders;

@WebServlet(name = "SwaggerJaxrsConfig", loadOnStartup = 1)
public class SwaggerJaxrsConfig extends HttpServlet {

 @Override
 public void init(ServletConfig servletConfig) {
  try {
   super.init(servletConfig);
   SwaggerConfig swaggerConfig = new SwaggerConfig();
   ConfigFactory.setConfig(swaggerConfig);
   swaggerConfig.setBasePath("/rest");
   swaggerConfig.setApiVersion("2.1");
   ScannerFactory.setScanner(new DefaultJaxrsScanner());
   ClassReaders.setReader(new DefaultJaxrsApiReader());
  } catch (ServletException e) {
   System.out.println(e.getMessage());
  }
 }
}





3) then you can annotare your services methods:

import javax.inject.Inject;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import com.wordnik.swagger.annotations.Api;
import com.wordnik.swagger.annotations.ApiOperation;
import com.wordnik.swagger.annotations.ApiParam;
import com.wordnik.swagger.annotations.ApiResponse;
import com.wordnik.swagger.annotations.ApiResponses;


@Path("/pippo")
@Consumes({ MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_JSON })
@Api(value = "/pippo", description = "REST service end-points exposed to Pippo")
public class PippoService {
 @GET
 @Path("/profiles")
 @Produces(MediaType.APPLICATION_JSON)
 @ApiOperation(value = "All Pippos", notes = "List all Pippos")
 @ApiResponses(value = { @ApiResponse(code = 200, message = "OK"), @ApiResponse(code = 500, message = "Server error, check log files") })
 public List listPippobyQuery(
                 @ApiParam(value = "the hostname where Pippo resides") @QueryParam("hostname") String hostName) {

  return listPippo(hostName);
 }
}