Friends with benefits

byJakub Nabrdalik
October 15, 2012
5 minute read

Back when I was at my first university, working on my B.Sc., it was obvious for us, students, to always try to get into any possible, open IT event in the town. We were hungry for knowledge, for experience, anxious looking at the future. One of the really bad professors out there, told us on the first lecture, that whatever we learn is going to be outdated the moment we learn it. He said that we won’t be able to keep up the pace, that we will burn out, we will be replaced by some newfags before we even learn to do the job. And there is no hope for us.

It wasn’t a good university, it was a young one. A young university in a small town, with very old professors. Some of those guys were there, because no one else would take them. So yeah, we were anxious. Anxious that we are not getting any good education, anxious we will not find a good job afterwards, anxious we will become burned out before we know it.

But we were also very young, young enough to believe, we won’t be giving it up without a fight. And thus we were learning on our own, reading books, coding, getting together and sharing what little knowledge we had. And we applied for every interesting position around, to get as much experience as we could.

Not that we had many options. As I said, it was a small town.

After B.Sc., I moved to Warsaw. Started my M.Sc. at another university, which turned out to be no better, but it didn’t matter anymore. I had a good job as a programmer, with fantastic, smart people. In half a year, I learned more, than in five years at all the universities.

Then I moved to another company. Changed the technology stack completely. Started anew, and had great time learning from all those smart people around me, and teaching them whatever I could.

And there was not a single event I would attend to, or hear anybody do it. It seemed like a thing of the past. We had so much knowledge to learn inside the company, why move, why go anywhere at all?

And then I switched my technology stack again. I joined TouK. This time, however, it seemed like I could spread a lot more knowledge about TDD, OOP and good practices, than before. But to do that, I had to fill the holes in my knowledge really fast. So I got myself some books, some RSS’es, some tutorials. One day, my boss sent us an invitation for a Warsaw Java User Group meeting. Some guys were coming. I signed up to the mailing group, and off I went.

There I was, back at the University, getting to know other hairy guys at WJUG meetings, learning about their craft, their interests, and their passions. Encouraged by someone, I went to a conference. Then another. I started attending conferences on regular basis. Actually, I started attending all the Java conferences in Poland. And there are quite a few, I tell you.

Something strange happened. Apart from the technologies, personal experiences, tricks and traps, I learned something completely different. I knew I was getting tired by everyday work, that my energy was much higher after right after holidays, and I’d be much less efficient just before one. I knew I could find myself burned out, one day. I heard a story here and there, in the kitchen, over the coffee table. Someone with a sad look would mention, he has no fun anymore. The job became tiresome. Someone would talk about buying a farm. Or a workshop. Getting out of this line of work.

But at those WJUG meetings, at those conferences, my energy was replenished. The enthusiasm and passion for cool technology, hanging right out in the air, would be contagious. The people, with eyes burning bright for great things they could learn and bring back home… I could feel their hunger for knowledge. And I was back, to my student years again, feeling everything is possible. Not anxious about my future this time.

That was great.

I wanted to help those, who make it happen. To somehow thank them. And I could do that in two ways: either by helping organize, or by sharing what I knew. I prepared a small presentation about Craftsmanship for WJUG, and got a positive feedback. Then I had another, about Spring Security, and another, and so on. Then I answered a call for papers, and got myself speaking at conferences. And it was great too. I joined another great group, Agile Warsaw. I even organized a weekly workshop, here at TouK, to get all the shy people to share, and learn how good it feels.

I have to confess, though. Speaking at conferences is a terrible strain for an anti-social, hairy guy like me. There is so much stress involved. If I wanted to be in spotlights, I wouldn’t become a programmer in the first place. No one digs inside computers, because of love for humanity, I suppose.

Local group meetings, like WJUG, are a completely different story, however. Those are semi-formal, with 50-150 people in an old University assembly hall, with half of them hairy sociopaths in Amiga Forever T-shirts or alike, with beards that would make Richards Stallman proud, swearing like Linus Torvalds when he was thanking Nvidia, and making jokes that would fit right into bash.org, xkcd or the Jargon File. It feels good to be around them. It feels at home.

This is as close to demoscene-kind-of-feeling, as my old ass gets. Preparing a talk for them, apart from motivating me to dig the subject thoroughly, is even better.

One of the unforeseen consequences of getting out to conferences and meetings, is that you get a lot of cool gadgets. A hat from oracle, a ninja coder from Amazon, an energy drink from Microsoft with Linux/PHP/Ruby all over it, a nerd pistol, tons of T-shirts. I didn’t have to buy a T-shirt for years. Sometimes, you even get a licence or a ticket.

Thanks to WJUG, I have the IntelliJ Idea and JProfiler, both of which are extremely good and handy pieces of software.

And yesterday… well yesterday, I got a ticket for Devoxx in Belgium, saving me a few hundred Euros.

So in case you didn’t already, get your lazy ass out, and join a local technology group, go to conferences, write a blog, share with people. You’ll be surprised by the unforeseen benefits.

Even if you are a hairy sociopath, like me.

Jakub Nabrdalik

Solution Architect @ TouK

— Previous article

Scrum w Polsce - TouK

Next article —

Inconsistent Dependency Injection to domains with Grails

Running Qt4 Examples on Embedded Linux using ARM emulator

byRafal Rusin
November 13, 2011

In this article I will show how to run Qt4-Embedded Examples on Angstrom Linux using QEMU. The procedure…

DDevelopment & Design

33rd Degree day 2 review

byJakub Nabrdalik
March 25, 2012

Second day of 33rd had no keynotes, and thus was even more intense. A good conference is a conference, where every hour you have a hard dilemma, because there are just too many interesting presentations to see. 33rd was definitely such a conference, and the seconds day really shined.

There were two workshops going on through the day, one about JEE6 and another about parallel programming in Java. I was considering both, but decided to go for presentations instead. Being on the Spring side of the force, I know just as much JEE as I need, and with fantastic GPars (which has Fork/Join, actors, STM , and much more), I won't need to go back to Java concurrency for a while.

GEB - Very Groovy browser automation

Luke Daley works for Gradleware, and apart from being cheerful Australian, he's a commiter to Grails, Spock and a guy behind Geb, a browser automation lib using WebDriver, similar to Selenium a bit (though without IDE and other features).

I have to admit, there was a time where I really hated Selenium. It just felt so wrong to be writing tests that way, slow, unproductive and against the beauty of TDD. For years I've been treating frontend as a completely different animal. Uncle Bob once said at a Ruby conference: "I'll tell you what my solution to frontend tests is: I just don't". But then, you can only go so far with complex GUIs without tests, and once I've started working with Wicket and its test framework, my perspective changed. If Wicked has one thing done right, it's the frontend testing framework. Sure tests are slow, on par with integration tests, but it is way better than anything where the browser has to start up front, and I could finally do TDD with it.

Working with Grails lately, I was more than eager to learn a proper way to do these kind of tests with Groovy.

GEB looks great. You build your own API for every page you have, using CSS selectors, very similar to jQuery, and then write your tests using your own DSL. Sounds a bit complicated, but assuming you are not doing simple HTML pages, this is probably the way to go fast. I'd have to verify that on a project though, since with frontend, too many things look good on paper and than fall out in code.

The presentation was great, Luke managed to answer all the questions and get people interested. On a side note, WebDriver may become a W3C standard soon, which would really easy browser manipulation for us. Apart from thing I expected Geb to have, there are some nice surprises like working with remote browsers (e.g. IE on remote machine), dumping HTML at the end of the test and even making screenshots (assuming you are not working with headless browser).

Micro services - Java, the Unix Way

James Lewis works for ThoughtWorks and gave a presentation, for which alone it was worth to go to Krakow. No, seriously, that was a gem I really didn't see coming. Let me explain what it was about and then why it was such a mind-opener.

ThoughtWorks had a client, a big investment bank, lots of cash, lots of requirements. They spent five weeks getting the analysis done on the highest possible level, without getting into details yet (JEDI: just enough design initially). The numbers were clear: it was enormous, it will take them forever to finish, and what's worse, requirements were contradictory. The system had to have all three guarantees of the CAP theorem, a thing which is PROVED to be impossible.

So how do you deal with such a request? Being ThoughtWorks you probably never say "we can't", and having an investment bank for a client, you already smell the mountains of freshly printed money. This isn't something you don't want to try, it's just scary and challenging as much as it gets.

And then, looking at the requirements and drawing initial architecture, they've reflected, that there is a way to see the light in this darkness, and not to end up with one, monstrous application, which would be hard to finish and impossible to maintain. They have analyzed flows of data, and came up with an idea.

What if we create several applications, each so small, that you can literally "fit it in your head", each communicating with a simple web protocol (Atom), each doing one thing and one thing only, each with it's own simple embedded web server, each working on it's own port, and finding out other services through some location mechanism. What if we don't treat the web as an external environment for our application, but instead build the system as if it was inside the web, with the advantages of all the web solutions, like proxies, caches, just adding a small queue before each service, to be able to turn it off and on, without loosing anything. And we could even use a different technology, with different pair of CAP guarantees, for each of those services/applications.

Now let me tell you why it's so important for me.

If you read this blog, you may have noticed the subtitle "fighting chaos in the Dark Age of Technology". It's there, because for my whole IT life I've been pursuing one goal: to be able to build things, that would be easy to maintain. Programming is a pure pleasure, and as long as you stay near the "hello world" kind of complexity, you have nothing but fun. If we ever feel burned out, demotivated or puzzled, it's when our systems grow so much, that we can no longer understand what's going on. We lose control. And from that point, it's usually just a way downward, towards complete chaos and pain.

All the architecture, all the ideas, practices and patterns, are there for just this reason - to move the border of complexity further, to make the size of "possible to fit in your head" larger. To postpone going into chaos. To bring order and understanding into our systems.

And that really works. With TDD, DDD, CQRS I can build things which are larger in terms of features, and simpler in terms of complexity. After discovering and understanding the methods (XP, Scrum/Kanbad) my next mental shift came with Domain Driven Design. I've learned the building block, the ideas and the main concept of Bounded Contexts. And that you can and should use a different architecture/tools for each of them, simplifying the code with the usage patterns of that specific context in your ming.

That has changed a lot in my life. No longer I have to choose one database, one language and one architecture for the whole application. I can divide and conquer, choose what I want to sacrifice and what advantages I want here, in this specific place of my app, not worrying about other places where it won't fit.

But there is one problem in here: the limit of technologies I'm using, to keep the system simple, and not require omnipotence to be able to maintain, to fix bugs or implement Change Requests.

And here is the accidental solution, ThoughtWorks' micro services bring: if you system is build of the web, of small services that do one thing only, and communicate through simple protocol (like Atom), there is little code to understand, and in case of bugs or Change Requests, you can just tear down one of the services. and build it anew.

James called that "Small enough to throw them away. Rewrite over maintain". Now, isn't that a brilliant idea? Say you have a system like that, build over seven years ago, and you've got a big bag of new requests from your client. Instead of re-learning old technologies, or paying extra effort to try to bring them up-to-date (which is often simply impossible), you decide which services you are going to rewrite using the best tools of your times, and you do it, never having to dig into the original code, except for specification tests.

Too good to be true? Well, there are caveats. First, you need DevOps in your teams, to get the benefits of the web inside your system, and to build in the we as opposite to against it. Second, integration can be tricky. Third, there is not enough of experience with this architecture, to make it safe. Unless... unless you realize, that UNIX was build this way, with small tools and pipes.

That, perhaps. is the best recommendation possible.

Concurrency without Pain in Pure Java

Throughout the whole conference, Grzegorz Duda had a publicly accessible wall, with sticky notes and two sides: what's bad and what's good. One of the note on the "bad" side was saying: "Sławek Sobótka and Paweł Lipiński at the same time? WTF?".

I had the same thought. I wanted to see both. I was luckier though, since I'm pretty sure I'll yet be able too see their presentations this year, as 33rd is the first conference in a long run of conferences planned for 2012. Not being able to decide which one to see, I've decided to go for Venkat Subramaniam and his talk about concurrency. Unless we are lucky at 4Developers, we probably won't see Venkat again this year.

Unfortunately for me, the talk ("show" seems like a more proper word), was very basic, and while very entertaining, not deep enough for me. Venkat used Closure STM to show how bad concurrency is in pure Java, and how easy it is with STM. What can I say, it's been repeated so often, it's kind of obvious by now.

Venkat didn't have enough time to show the Actor model in Java. That's sad, as the further his talk, the more interesting it was. Perhaps there should be a few 90min sessions next year?

Smarter Testing with Spock

After the lunch, I had a chance to go for Sławek Sobótka again, but this time I've decided to listen to one of the commiters of Spock, the best thing in testing world since Mockito.

Not really convinced? Gradle is using Spock (not surprisingly), Spring is starting to use Spock. I've had some experience with Spock, and it was fabulous. We even had a Spock workshop at TouK, lately. I wanted to see what Luke Daley can teach me in an hour.

That was a time well spent. Apart from things I knew already, Luke explained how to share state between tests (@Shared), how to verify exceptions (thrown()), keep old values of variables (old()), how to parametrize description with @Unroll and #parameterName, how to set up data from db or whatever with <<, and a bit more advanced trick with mocking mechanism. Stubbing with closures was especially interesting.

What's new in Groovy 2.0?

Guillaume Laforge is the project lead of Groovy and his presentation was the opposite to what we could see earlier about next versions of Java. Most visible changes were already done in 1.8, with all the AST transformations, and Guillaume spent some time re-introducing them, but then he moved to 2.0, and here apart from multicatch in "throw", the major thing is static compilation and type checking.

We are in the days, were the performance difference between Java and Groovy falls to a mere 20%. That's really little compared to where it all started from (orders of magnitude). That's cool. Also, after reading some posts and successful stories about Groovy++ use, I'd really like to try static compilation with this language

Someone from the audience asked a good question. Why not use Groovy++ as the base for static compilation instead. It turned out that Groovy++ author was also there. The main reason Guillaume gave, were small differences in how they want to handle internal things. If static compilation works fine with 2.0, Groovy++ may soon die, I guess.

Scala for the Intrigued

For the last talk this day, I've chosen a bit of Scala, by Venkat Subramaniam. That was unfortunately a completely basic introduction, and after spending 15 minutes listening about differences between var and val, I've left to get prepared to the BOF session, which I had with Maciek Próchniak.

BOF: Beautiful failures

I'm not in the position to review my own talk, and conclude whether it's failure was beautiful or not, but there is one things I've learned from it.

Never, under none circumstances, never drink five coffees the day you give a talk. To keep my mind active without being overwhelmed by all the interesting knowledge, I drank those five coffees, and to my surprise, when the talk started, the adrenaline shot brought me over the level, where you loose your breath, your pulse, and you start to loose control over your own voice. Not a really nice experience. I've had the effects of caffeine intoxication for the next two days. Lesson learned, I'm staying away from black beans for some time.
If you want the slides, you can find them here.

And that was the end of the day. We went to the party, to the afterparty, we got drunk, we got the soft-reset of our caches, and there came another day of the conference.

You can find my review from the last day in here.

DDevelopment & Design

Phonegap / Cordova and cross domain ssl request problem on android.

byPaweł Byszewski
July 29, 2013

In one app I have participated, there was a use case:

User fill up a form.
User submit the form.
System send data via https to server and show a response.

During development there wasn’t any problem, but when we were going to release production version then some unsuspected situation occurred. I prepare the production version accordingly with standard flow for Android environment:

ant release
align
signing

During conduct tests on that version, every time I try to submit the form, a connection error appear. In that situation, at the first you should check whitelist in cordova settings. Every URL you want to connect to, must be explicit type in:

res/xml/cordova.xml

If whitelist looks fine, the error is most likely caused by inner implementation of Android System. The Android WebView does not allow by default self-signed SSL certs. When app is debug-signed the SSL error is ignored, but if app is release-signed connection to untrusted services is blocked.

Workaround

You have to remember that secure connection to service with self-signed certificate is risky and unrecommended. But if you know what you are doing there is some workaround of the security problem. Behavior of method

CordovaWebViewClient.onReceivedSslError

must be changed.

Thus add new class extended CordovaWebViewClient and override ‘onReceivedSslError’. I strongly suggest to implement custom onReceiveSslError as secure as possible. I know that the problem occours when app try connect to example.domain.com and in spite of self signed certificate the domain is trusted, so only for that case the SslError is ignored.

public class MyWebViewClient extends CordovaWebViewClient {

   private static final String TAG = MyWebViewClient.class.getName();
   private static final String AVAILABLE_SLL_CN 
                               = "example.domain.com";

   public MyWebViewClient(DroidGap ctx) {
       super(ctx);
   }

   @Override
   public void onReceivedSslError(WebView view, 
                                  SslErrorHandler handler, 
                                  android.net.http.SslError error) {

       String errorSourceCName = error.getCertificate().
                                  getIssuedTo().getCName();

       if( AVAILABLE_SLL_CN.equals(errorSourceCName) ) {
           Log.i(TAG, "Detect ssl connection error: " + 
                       error.toString() + 
                       „ so the error is ignored”);

           handler.proceed();
           return;
       }

       super.onReceivedSslError(view, handler, error);
   }
}

Next step is forcing yours app to use custom implementation of WebViewClient.

public class Start extends DroidGap
{
   private static final String TAG = Start.class.getName();

   @Override
   public void onCreate(Bundle savedInstanceState)
   {
       super.onCreate(savedInstanceState);
       super.setIntegerProperty("splashscreen", R.drawable.splash);
       super.init();

       MyWebViewClient myWebViewClient = new MyWebViewClient(this);
       myWebViewClient.setWebView(this.appView);

       this.appView.setWebViewClient(myWebViewClient);
       
       // yours code

   }
}

That is all ypu have to do if minSdk of yours app is greater or equals 8. In older version of Android there is no class

android.net.http.SslError

So in class MyCordovaWebViewClient class there are errors because compliator doesn’t see SslError class. Fortunately Android is(was) open source, so it is easy to find source of the class. There is no inpediments to ‘upgrade’ app and just add the file to project. I suggest to keep original packages. Thus after all operations the source tree looks like:

Class SslError placed in source tree.

Now the app created in release mode can connect via https to services with self-signed SSl certificates.