Software

In the previous article I showed how a model can be disabled. One of the things that you probably noticed is that I’m using a timestamp (DateTime) field instead of a Boolean field. This is a trick I learn years ago after working on a large database (>2B rows) for an Enterprise client. It has been useful in so many ways that I put it into every database design I do, yet I’ve never written about it before and only talked to developers in person about the purpose of the design. ...

When I first started using model concerns I struggled with how I could test the functionality of the concern, without having to replicate the tests across all models. Here I show you how I decided to test model concerns. It may be controversial, so buckle up. What are Model Concerns? Model concerns are an interesting concept that — if I recall correctly— debuted with Rails 4. They allow a developer to refactor common functionality out from various models and centralize it into a module, called a concern. A non-contrived example of this shows how several of my models can be deactivated at any time. ...

During beer o’clock at work, I happened upon Roman, who is a software developer on our API and Integrations team. He asked for my opinion on creating a sort-of “contract” between teams when setting up SNS topics and subscribing them to SQS queues. Now, this is how conversations with me often start. I’m a software developer by trade, but I have my feet in cloud infrastructure and security as well so, at the very least, I’m a good sounding board for people’s architecture ideas. I pushed a bit deeper and he finally relented and stated that he doesn’t want to think about the infrastructure, only the contract between teams and, really, he wants to emit an event and have it consumed by someone else… if they care enough to consume it. ...

For the past few years in the software development world, there has been a push to break-up monolithic applications into microservices. These smaller pieces of code perform one task and contain a small amount of code. Often, these microservices are contained within Docker images and reside on shared infrastructure. At first, it seems that there isn’t much of a place for infrastructure in a microservices environment. But I want to introduce the concept of nanoservices to everyone. These are even smaller than microservices and contain basic logic that infrastructure teams manage on a daily basis. ...

At Unbounce, we have recently started using Terraform for creating our AWS infrastructure. It is working well for our needs but it does have some sharp edges, which is expected as it is a young project. The other configuration tooling we use is Cloudformation, and we provide its templates to the software development teams to use because its commands are fairly simple (and documentation is plentiful). Until our team can come up with a good user experience when working with Terraform, we will keep it for our internal infrastructure projects. That being said, we have put together some best practices for working with Terraform and keeping its scripts organized. ...

You’re a software developer or an Operations person that is working with a Java application. Here are some questions for you. Do you have a WAR that you need to deploy? Do you know if it comes to you preconfigured or a blank slate? Do you know what happens if you deploy the WAR to an application server and not realize that it is preconfigured? I’ve now seen this many times and I’m here to get up on my soapbox and say something. Java was originally intended to be write once, run anywhere but I have repeatedly seen where the configuration is embedded within the WAR container. This embedding now renders the WAR file useless to run anywhere but the exact machine/platform/environment where the configuration is for. ...

Well, that title is a mouthful. It is intentionally verbose so that if anyone stumbles across this issue, they can easily find this article and not spend time (like I did) sifting through source code for an answer. Background Let’s say you are creating a new hook in your development IPBoard 3.x 1. This hook changes the values of a few settings that already exist in the system (for example, disabling Gravatar support). While this setting could be easily changed by an administrator, we want to programmatically change it through the use of hooks. ...

I’m currently building my new product, Storigible, and where I get stuck is the marketing component of the website. Specifically, the difficult part for me is getting the design right because I don’t see myself as a designer 1. All of that aside, what I’m writing about today is the usage of shell scripts versus more complex scripts to automate things like deployment. Storigible’s marketing website is a static website served by Amazon S3. I created it this way because the marketing component can be fully decoupled from the application component (which resides at another subdomain). I needed a good way to deploy the website files onto S3, which is basically saying, I needed a good way to upload the files to S3’s server. Deployment isn’t much more than a simple copy when you are dealing with a static website. ...

After reading Tips for how to decouple your HTML, CSS, and JavaScript, I was struck by how stupid I’ve been marking up my HTML for CSS and JS events. I started rewriting my latest project using these principles and they’ve really helped create a separation of concerns. To illustrate how this has helped, I was coding up a quick administrative interface to CRUD some service model classes in my project and I started to really hate the UI/UX I chose. I decided to switch to a table since the data is more tabular in nature and I was quite please to see that none of the JavaScript functionality broke. ...

One of the things that really irks me almost daily is the incessant use of SSO 1 services such as Facebook, Twitter, and Google by external services. These are services whereby they do not require you to setup your own account on their system and, instead, ask you to sign in with an existing account through Twitter or any of the other authentication providers. This in turn is supposed to keep your authentication details private from external services. ...