Friday, June 25, 2021
"Entropy is the price of a Structure". But sometimes, the price turns too high to pay. Is your codebase turning untestable, unreadable, and unmaintainable? Does your costs to add new features aren't meeting the ROIs. It's time to ask your manager to fund Refactoring!
In this demo-driven talk, using a real-world service, we shall identity some common reasons for a codebase to rot and how to weed them out using principles from Clean Architecture and Functional Programming, along with achieving 95% test coverage and ~50% reduction in Cognitive complexity (https://www.sonarsource.com/docs/CognitiveComplexity.pdf).
Audience & Take-aways
This applies to software developers at all levels. I use Java to demonstrate the code snippets, but this talk is about Software Design and Testing and is agnostic of programming language. The major take-aways for the audience are:
- Pragmatically apply the principles of Clean-Architecture and Functional programming in real-world refactoring.
- How to completely eliminate Exceptions from your code using ADTs (Algebraic Data Types).
- How to replace Shared Global mutable state on your Shared Code with Data Transformations.
- How separating out What-to-do from How-to-do can bring in a lot of flexibility to your code-base.
- How following all of the above organically boost your Testability without falling into any anti-patterns of testing.
Let's talk about Complexity and how to objectively measure the reduction we brought with our refactoring.
Microservices have become a prevalent architectural approach to developing applications. Moving from a monolithic application to multiple container-based services has many advantages. One of the largest is dynamic scalability; spinning up and shutting down instances of services to adapt to dynamic loads is very cost-effective in a public cloud environment.
For JVM-based applications, running in a managed environment using JIT compilation, this provides additional challenges. Primarily, this is around the time required for a service to warm up and reach the optimum level of performance. To address this, we have seen various approaches such as the Graal VM and Quarkus that use an AOT approach rather than JIT compilation.
In this session, we will explore the pros and cons of both approaches to help in understanding the tradeoff between initial performance and overall
performance. At the end of the session, you will have a clear idea of how to approach your Java microservice design from the AOT and JIT perspective.
In this session, we will demonstrate how common vulnerabilities in the Java ecosystem are exploited on a daily base by live hacking real-world application libraries. All the examples used are commonly known exploits, some more famous than others, such as Apache Struts and Spring break remote code execution vulnerabilities. By exploiting them and showing you how you can be attacked, before showing you how to protect yourself, you will have a better understanding of why and how security focus and DevSecOps is essential for every developer.
JSON Web Token (JWT) is an open standard for creating tokens that assert some number of claims like a logged in user and his/her roles. JWT is widely used in modern applications as a stateless authentication mechanism. Therefore, it is important to understand JWT security risks, especially when broken authentication is among the most prominent security vulnerabilities according to the OWASP Top 10 list.
This talk guides you through various security risks of JWT, including confidentiality problems, vulnerabilities in algorithms and libraries, token cracking, token sidejacking, and more. In live demos, you‚Äôll learn how to hijack a user account exploiting common security vulnerabilities on the client-side, on the server-side, and in transport. You‚Äôll also find out about common mistakes and vulnerabilities along with the best practices related to the implementation of JWT authentication and the usage of available JWT libraries.
Java 16 is really awesome when it comes to "Hello, World!" programs.
It's also cool for sophisticated systems and algorithms, provided their authors write code that obeys a few fairly simple contracts and avoids obvious traps.
There are a few mantras regarding recent features of modern Java, such as:
* records can replace JavaBeans everywhere
* you never need to write `hashCode()` for records
* pattern matching with `instanceof` is the best tool for `equals()`
* just ignore`--illegal-access` and set it to `permit`
* `synchronize (new Long(42))` is the best for monitoring
and so on.
Please join this session to learn how harmful following such mantras can be and how to avoid some obvious misunderstandings about modern Java.
It all started with a small project to pass the time during The Great Quarantine of 2020. I bought some chiles from the local farmer’s market (with proper face coverings and social distancing, of course), fermented my first batch of hot sauce, and shared it with a few friends around the globe. I had no idea the sauce would be such a massive success, so I resolved to build on that triumph in 2021. But this time, I knew that I would have to start from the very beginning and grow the chiles myself. Of course, this presented the wonderful opportunity to combine two of my life’s greatest passions - the culinary arts and technology - to ensure that my growth operation was the ultimate success. Join me in this session where I show you how I used a microcontroller, some sensors, and the cloud to monitor and automate the germination and maturation of this year’s crop.
Dividing a huge system into modules is the only way to develop large systems. After Microservices became popular, people realized that the structure of a system is very important. Some took these ideas and applied them to monoliths. The basic concept of modularization is not new, however. These talks show the fundamental concepts and how they apply to microservices and monoliths alike. Because the architecture and the split into modules are so very important, the talk, therefore, shows basic concepts and prerequisites for successful projects.
Ever wondered what is a Cloud-Native Application? Is it a microservice or a monolith? oh, it must be made for Cloud? Ever wondered how to develop a Cloud-Native Application? Come to this session to find out about what makes an application Cloud-Native and then learn how to build a Cloud-Native Application using the latest MicroProfile technologies (MicroProfile 4.0) such as Config, Fault Tolerance, Rest Client, JWT, Metrics, etc. This session finishes with a live demo on developing Cloud-Native applications using MicroProfile 4.0 running on Open Liberty and deploying them on k8s.
Various organizations started to look into serverless as a way of building business logic that can take advantage of the cloud. As it might look at first, it‚Äôs not an easy task to rely strictly on functions that represent independent logic pieces. There is a risk of losing the big picture and by that not having full control over day-to-day operations.
In this session, Maciej will walk you through an approach that allows you to rely on serverless techniques such as functions and cloud events yet still working on the higher-level representation. He will introduce you to Workflow as a Function Flow concept that builds up on top of state of the art technologies such as Microprofile, CloudEvents, and KNative Eventing to deliver a highly scalable business-oriented solution that looks like a single service but runs as a set of functions.
The audience will get an introduction equipped with a set of demonstrations of function flows to prove the ease of use and visibility of the running solution.
University or college does an excellent job of teaching you how to write code. What it doesn’t do is teach you all the other skills you need to be a great developer.
First, I’ll discuss my university and graduate job experience, and its subsequent failure. I’ll then move on to some of the observations I’ve made in the last 20 years while working with numerous development teams. These are observations of skills that great developers have.
I’ll talk about my experience of learning some of those skills, usually the hard way, as part of my recent journey back to development and why having those skills helps to make you a great developer. They include pair programming, estimating, debugging, keeping up with technology, and many more.
Not too long ago, a reactive variant of the JDBC API was released, known as Reactive Relational Database Connectivity (R2DBC). While R2DBC started as an experiment to enable the integration of SQL databases into systems that use reactive programming models, it now specifies a robust specification that can be implemented to manage data in a fully-reactive and completely non-blocking fashion.
In this session, we’ll briefly go over the fundamentals that make R2DBC so powerful. Then we’ll take a pragmatic look at the recently released R2DBC driver from MariaDB to shed some light on how you can take advantage of crucial concepts, like event-driven behavior and back pressure, that enable fully-reactive, non-blocking interactions with relational databases.
Saturday, June 26, 2021
Most developers have wanted to contribute to the OSSs that they have used in their daily work. But it is a challenge for everyone, especially the product that is big and famous like OpenJDK. I used to be the same. It's scary to send code that I write by myself to such a big community. Additionally, I'm not a native English speaker, so it's hard to explain my code in English. However, last year I send several patches to OpenJDK at last. They weren't elegant or cool. I made some mistakes in them, but people in the OpenJDK community properly pointed out those mistakes. When my patches were finally merged, I got fulfillment that I've never felt before. In this session, I will talk about how to start to contribute to OpenJDK and my experiences. Even if you aren't an experienced java developer, you can contribute. In addition, the OpenJDK repository moved to GitHub and changed the development method to pull request based one. It is easier to contribute than before. After this session, you will be able to start contributions!
Duke needs your help in navigating through the Delta Quadrant. Join us on this incredible journey visiting new features of the JDK 16 system as well as the best features of previous versions of Java. During this journey, you can improve your craft as an engineer. These short challenges will keep your katas going at warp speed! Solve the puzzles to learn the full power of the Java language. Apply the techniques, and develop concise code where bugs will have a hard time hiding. Come to this session to boldly go where no Duke has gone before!
Unit Tests by themselves give no guarantee that your system will work in a production environment. That’s where your code will have to work together with other resources like databases and APIs. Unfortunately, those are the kind of dependencies we try to avoid in tests by using mocking-frameworks. Risky business, because this means we’ll only know if the application really works when you push it to production.
In this session, we’ll look at some strategies you can use to test your application without mocking your dependencies away. You’ll discover how tools like Liquibase, TestContainers, WireMock and Pact can immensely improve your tests so you can deploy your application to production AND sleep at night.
In this talk, we will discover how the joy of developing with Quarkus (https://quarkus.io/) can be applied to Apache Camel (https://camel.apache.org/). We will see how easy it is to develop and deploy supersonic integration connectors with Java that startup in just a few milliseconds.
Apache Camel is an integration framework and the most active project of the Apache Software Foundation (https://www.apache.org/). With more than 350 different connectors, it is the best tool to create decoupled and easy to maintain software architectures.
The Camel Quarkus(https://camel.apache.org/camel-quarkus/latest/) project, is the Apache Camel's subproject that brings the integration capabilities of Apache Camel, and its components into the Quarkus ecosystem.
The food wastage in India is 70 tonnes per year, and there is mismanagement at several layers. Approximately 20-30% of the wastage happens in the last mile, between wholesale traders, and retail mom-and-pop stores. Is there something we can do about food wastage?
This was the problem statement I attempted to solve as a first engineering hire at a startup. Our customers were 12.8 million retail owners that deal in FMCG (Fast-moving consumer goods, such as food grains, tooth paste, etc.). The goal was to develop a platform for retail traders (mom and pop shop owners / small and medium business owners) to buy FMCG products from wholesale traders using an Android app.
We were attacking a deeply entrenched business practice to help solve a societal goal. For a section of the population which is not very well versed with smartphones and technology, the user experience had to be designed from the ground up to be multilingual, fungible, unstructured, and relevant. In this talk, I cover how we went about iterating the solution from a simple SMS based system to a full fledged app backed by micro-services. Having a micro-service architecture provided us the agility to experiment and iterate quickly, and we were able to push out changes much faster, and help solve wastage problems even sooner.
I will discuss the several problems we faced in this segment with regards to unstructured data, and how our data models had to adapt. We used cloud services extensively, so I will also cover how different pieces came together in a cogent form to build a better experience for our customers.
The talk will include an explanation of asynchronous non-blocking programming with code snippets. It will demonstrate how asynchronous non-blocking code helps with resource utilization, isolation beyond just performing I/O in parallel and show how it can be measured/benchmarked. I will present a quick primer on reactive programming. Using a scenario where we need to fetch data from different microservices, we will solve it by leveraging reactive operators to combine different sources of data, perform non-blocking I/O, exception handling, retries, fallbacks and explain how work is scheduled on different threads. Finally, we will go over common mistakes and gotchas with project reactor.
Pattern Matching - the ability to detect a pattern and use it to compute, calculate or extract other values.
Previous versions of Java included a basic set of pattern matches, mostly relying on the developer to code the matches, the extraction or any other usage. Newer and upcoming versions of Java seem to bring in a lot more enhancements in this area and focus heavily on making Java more of a Functional-style language.
This talk is on Pattern Matching present and future, and may include speculative changes which may not compile yet (or ever). The intent is to share some ideas on Pattern Matching, some code samples and discuss the benefits and importance of these new language additions to the language.