Imagine you have several microservices exposing REST APIs. Imagine now that these microservices are spread all over and need to talk to each other. Imagine that you have a nice user interface interacting with these APIs where you can authenticate. And now, imagine that all this runs smoothly.
In this Deep Dive session, Roberto and Antonio will build, step by step, a full microservice architecture (using Java and different frameworks). This session will answer these questions:
How to build, document and deploy several microservices spread on different nodes (we use a Raspberry PI cluster because the Cloud is too expensive)
How to make those microservices talk to each other (Consul for registry and discovery)
How to scale up, down, and deal with network failures (Ribbon and Zuul to the rescue)
How to deal with high traffic (Hystrix, here you come)
How to monitor this distributed system (Dropwizard metrics with the ELK stack)
How to centralize configuration
How to authenticate and manage authorization with JWT (Tribestream Access Gateway)
How to have a centralized nice looking entry point (with Angular)
Join Jim McKeeth as he introduces you to FMXLinux, and shows how you can bring the power of FireMonkey to Linux.
Outline:
Installation via GetIt Package Manager
Linux, PAServer, SDK, & Package Installation
FMXLinux usage and Samples
FireDAC Database Access on Linux
Migrating from Windows VCL to FMXLinux
3rd Party FMXLinux Support
Deploying rich web apps via Broadway
https://embt.co/FMXLinuxIntro
SPIFFE Meetup Tokyo #2 - Attestation Internals in SPIRE - Shingo OmuraPreferred Networks
In SPIRE, attestation is the essential process because it certifies a node or workload, i.e. it asserts the identities of them. This talk describes how SPIRE implement this process and make it flexible. Moreover, it explains the detail of how spire-server and spire-agent (running at a node) interacts in the attestation process.
Slides presented by Jeff Squyres at the 2015 OpenFabrics Software Developers' Workshop. This talk discusses the current state and future plans for the use of Libfabric in Open MPI.
Join Jim McKeeth as he introduces you to FMXLinux, and shows how you can bring the power of FireMonkey to Linux.
Outline:
Installation via GetIt Package Manager
Linux, PAServer, SDK, & Package Installation
FMXLinux usage and Samples
FireDAC Database Access on Linux
Migrating from Windows VCL to FMXLinux
3rd Party FMXLinux Support
Deploying rich web apps via Broadway
https://embt.co/FMXLinuxIntro
SPIFFE Meetup Tokyo #2 - Attestation Internals in SPIRE - Shingo OmuraPreferred Networks
In SPIRE, attestation is the essential process because it certifies a node or workload, i.e. it asserts the identities of them. This talk describes how SPIRE implement this process and make it flexible. Moreover, it explains the detail of how spire-server and spire-agent (running at a node) interacts in the attestation process.
Slides presented by Jeff Squyres at the 2015 OpenFabrics Software Developers' Workshop. This talk discusses the current state and future plans for the use of Libfabric in Open MPI.
CocoaConf: The Language of Mobile Software is APIsTim Burks
We’re all excited about using the same language to write our mobile apps and cloud services, but as we do, we’ll still need to work with a few things that aren’t written with Swift. Fortunately, there are some great patterns that we can use for doing that. In this session we’ll talk about two technologies that you can use to make your app speak with APIs written in any language: OpenAPI and Protocol Buffers, and then we’ll see how to use them from clients and servers that are written in Swift.
Presented Friday November 4, 2016 in San Jose.
Materials for the Serverless APIs with Apache OpenWhisk session at OSCON on July 19, 2018
https://conferences.oreilly.com/oscon/oscon-or/public/schedule/detail/67393
Ever been frustrated with a conference schedule app that freezes up when everyone opens it right after the first day’s keynotes? Ever played a mobile game that was so popular that its backend couldn’t keep up with real-time multiplayer interaction? If you’re an app developer, chances are that you’re looking for a better mobile backend architecture that can effectively match user demand at the exact moment it’s needed while taking advantage of new per-request cost models promised by serverless technologies.
The Apache OpenWhisk project (supported by IBM, Adobe, Red Hat, and others) provides a polyglot, autoscaling environment for deploying cloud-native applications driven by data, message, and REST API call events. Daniel Krook explains why serverless architectures are great for cloud workloads and when to consider OpenWhisk in particular for your next web, mobile, IoT, bot, or analytics project.
DevOps is a set of practices that automates the processes between software development and IT teams, in order that they can build, test, and release software faster and more reliably.
Microservices Practitioner Summit Jan '15 - Don't Build a Distributed Monolit...Ambassador Labs
Ben Christensen of Facebook, Netflix, and author of Hystrix.
In pursuit of ease and obedience to the DRY ("don't repeat yourself") axiom, it is common to build a distributed monolith instead of the intended decoupled microservice architecture. This talk will explore the common pitfalls, the pain they cause, and approaches to connecting microservice permitting the promised separation of concerns that allows varied architectures, platforms, languages, timelines, and incremental rewrites of a microservice system.
Full video here: http://www.microservices.com/ben-christensen-do-not-build-a-distributed-monolith
Using Data Science & Serverless Python to find apartment in TorontoDaniel Zivkovic
See how Ian Whitestone (Data Scientist at Shopify) created Domi – #Toronto Apartment Finder app, using #Serverless Framework #Zappa for #Python on #AWS, #PostGIS, #Slack, and some #Regression Techniques: https://www.youtube.com/watch?v=JE_zEqe7M_8
http://ServerlessToronto.org thanks https://www.linkedin.com/company/trend-micro for catering, https://www.linkedin.com/company/myplanethq for hosting, and https://www.linkedin.com/company/manning-publications-co for book giveaways!
IoT Service Bus - High availability with Internet of Things (IoT)/ API Rest/ ...Alexandre Brandão Lustosa
No dias 16 de novembro/2016, representando a Stone Pagamentos no cenário de desenvolvimento, o Gestor de TI e Arquiteto de Sistemas Alexandre Brandão ministrou uma importante palestra no evento CompusulMT na UFMT - Universidade Federal do Estado do Mato Grosso na cidade de Rondonópolis abordando o seguinte tema: IoT Service Bus - High availability with Internet of Things (IoT)/ API Rest/ Message Broker
Are you considering a microservices architecture for your project? In this slides I've collected a list of aspects to take into account when approaching the ms world.
These slides have been presented to the Microscope event yield in Madrid on Jan 1st, 2016.
VisualWeb - Building a NodeJS Server Meshwork and Full-Javascript Stack Frame...itsatony
A series of slides about building a one-page-webapp framework and api called VisualWeb. We run two independent services on this full-javascript stack: meinunterricht.de and mylinkcloud.com .
we use nodejs, socket.io. hook.io, connect and mongodb to build hyperdynamic, desktop-like web experiences.
Modern Release Engineering in a Nutshell - Why Researchers should Care!Bram Adams
Invited talk at the Leaders of Tomorrow Symposium of the 23rd IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2016).
The presentation (and its accompanying paper, see http://mcis.polymtl.ca/publications/2016/fose.pdf) explain the basics of release engineering pipelines, common challenges industry is facing as well as pitfalls software engineering researchers are falling into.
Speakers are Bram Adams (MCIS, http://mcis.polymtl.ca) and Shane McIntosh (McGill University, http://shanemcintosh.org).
A video-taped version of the talk will be available soon at https://www.youtube.com/channel/UCL8yG6qpHk7V66l1Jt3aZrA/featured.
There’s a lot of exciting new stuff in .NET Core, and more on the way! We’ll take a look at some top features in 3.1, including Blazor, desktop support (WPF and Windows Forms), single file executables, language features, and more. We'll also take an early look at what's on the way in .NET 5, and how you can start planning for it today.
How to Build Advanced Voice Assistants and ChatbotsCisco DevNet
Learn more about the CodeMotion Voice Machine and Cisco DevNet Chatbot. Understand what a typical bot journey is and where to go to get more information about Cisco Spark and Tropo.
Chasing the RESTful Trinity - Client CLI and DocumentationRoberto Cortez
The learning curve for REST API security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, and almost seem designed to deliberately confuse. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 with and without JWT for user identity; AWS-style security for B2B with API keys; and OAuth 2.0 Proof of Possession, which merges both into two-factor bliss. Using a baseline microservice architecture, the presentation compares them, with a heavy focus on the wire, showing actual HTTP messages and analyzing their impact on load and security. Starting with basic authentication and a brief intro to hashing and signing, this is the perfect session to align the whole team.
GraalVM and MicroProfile - A Polyglot Microservices SolutionRoberto Cortez
Microservices need to support many programming languages, requiring both a language-agnostic network protocol and a polyglot runtime environment. In addition, microservices written in one language may need to use APIs written in some other language.
Using a traditional CRUD application implemented as a polyglot solution (Java, JavaScript, Python and Ruby) on GraalVM, this presentation demonstrates how MicroProfile JWT, MicroProfile Metrics, MicroProfile Rest Client, MicroProfile Health Check, and more can provide architecture-level interoperability across concerns.
CocoaConf: The Language of Mobile Software is APIsTim Burks
We’re all excited about using the same language to write our mobile apps and cloud services, but as we do, we’ll still need to work with a few things that aren’t written with Swift. Fortunately, there are some great patterns that we can use for doing that. In this session we’ll talk about two technologies that you can use to make your app speak with APIs written in any language: OpenAPI and Protocol Buffers, and then we’ll see how to use them from clients and servers that are written in Swift.
Presented Friday November 4, 2016 in San Jose.
Materials for the Serverless APIs with Apache OpenWhisk session at OSCON on July 19, 2018
https://conferences.oreilly.com/oscon/oscon-or/public/schedule/detail/67393
Ever been frustrated with a conference schedule app that freezes up when everyone opens it right after the first day’s keynotes? Ever played a mobile game that was so popular that its backend couldn’t keep up with real-time multiplayer interaction? If you’re an app developer, chances are that you’re looking for a better mobile backend architecture that can effectively match user demand at the exact moment it’s needed while taking advantage of new per-request cost models promised by serverless technologies.
The Apache OpenWhisk project (supported by IBM, Adobe, Red Hat, and others) provides a polyglot, autoscaling environment for deploying cloud-native applications driven by data, message, and REST API call events. Daniel Krook explains why serverless architectures are great for cloud workloads and when to consider OpenWhisk in particular for your next web, mobile, IoT, bot, or analytics project.
DevOps is a set of practices that automates the processes between software development and IT teams, in order that they can build, test, and release software faster and more reliably.
Microservices Practitioner Summit Jan '15 - Don't Build a Distributed Monolit...Ambassador Labs
Ben Christensen of Facebook, Netflix, and author of Hystrix.
In pursuit of ease and obedience to the DRY ("don't repeat yourself") axiom, it is common to build a distributed monolith instead of the intended decoupled microservice architecture. This talk will explore the common pitfalls, the pain they cause, and approaches to connecting microservice permitting the promised separation of concerns that allows varied architectures, platforms, languages, timelines, and incremental rewrites of a microservice system.
Full video here: http://www.microservices.com/ben-christensen-do-not-build-a-distributed-monolith
Using Data Science & Serverless Python to find apartment in TorontoDaniel Zivkovic
See how Ian Whitestone (Data Scientist at Shopify) created Domi – #Toronto Apartment Finder app, using #Serverless Framework #Zappa for #Python on #AWS, #PostGIS, #Slack, and some #Regression Techniques: https://www.youtube.com/watch?v=JE_zEqe7M_8
http://ServerlessToronto.org thanks https://www.linkedin.com/company/trend-micro for catering, https://www.linkedin.com/company/myplanethq for hosting, and https://www.linkedin.com/company/manning-publications-co for book giveaways!
IoT Service Bus - High availability with Internet of Things (IoT)/ API Rest/ ...Alexandre Brandão Lustosa
No dias 16 de novembro/2016, representando a Stone Pagamentos no cenário de desenvolvimento, o Gestor de TI e Arquiteto de Sistemas Alexandre Brandão ministrou uma importante palestra no evento CompusulMT na UFMT - Universidade Federal do Estado do Mato Grosso na cidade de Rondonópolis abordando o seguinte tema: IoT Service Bus - High availability with Internet of Things (IoT)/ API Rest/ Message Broker
Are you considering a microservices architecture for your project? In this slides I've collected a list of aspects to take into account when approaching the ms world.
These slides have been presented to the Microscope event yield in Madrid on Jan 1st, 2016.
VisualWeb - Building a NodeJS Server Meshwork and Full-Javascript Stack Frame...itsatony
A series of slides about building a one-page-webapp framework and api called VisualWeb. We run two independent services on this full-javascript stack: meinunterricht.de and mylinkcloud.com .
we use nodejs, socket.io. hook.io, connect and mongodb to build hyperdynamic, desktop-like web experiences.
Modern Release Engineering in a Nutshell - Why Researchers should Care!Bram Adams
Invited talk at the Leaders of Tomorrow Symposium of the 23rd IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2016).
The presentation (and its accompanying paper, see http://mcis.polymtl.ca/publications/2016/fose.pdf) explain the basics of release engineering pipelines, common challenges industry is facing as well as pitfalls software engineering researchers are falling into.
Speakers are Bram Adams (MCIS, http://mcis.polymtl.ca) and Shane McIntosh (McGill University, http://shanemcintosh.org).
A video-taped version of the talk will be available soon at https://www.youtube.com/channel/UCL8yG6qpHk7V66l1Jt3aZrA/featured.
There’s a lot of exciting new stuff in .NET Core, and more on the way! We’ll take a look at some top features in 3.1, including Blazor, desktop support (WPF and Windows Forms), single file executables, language features, and more. We'll also take an early look at what's on the way in .NET 5, and how you can start planning for it today.
How to Build Advanced Voice Assistants and ChatbotsCisco DevNet
Learn more about the CodeMotion Voice Machine and Cisco DevNet Chatbot. Understand what a typical bot journey is and where to go to get more information about Cisco Spark and Tropo.
Chasing the RESTful Trinity - Client CLI and DocumentationRoberto Cortez
The learning curve for REST API security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, and almost seem designed to deliberately confuse. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 with and without JWT for user identity; AWS-style security for B2B with API keys; and OAuth 2.0 Proof of Possession, which merges both into two-factor bliss. Using a baseline microservice architecture, the presentation compares them, with a heavy focus on the wire, showing actual HTTP messages and analyzing their impact on load and security. Starting with basic authentication and a brief intro to hashing and signing, this is the perfect session to align the whole team.
GraalVM and MicroProfile - A Polyglot Microservices SolutionRoberto Cortez
Microservices need to support many programming languages, requiring both a language-agnostic network protocol and a polyglot runtime environment. In addition, microservices written in one language may need to use APIs written in some other language.
Using a traditional CRUD application implemented as a polyglot solution (Java, JavaScript, Python and Ruby) on GraalVM, this presentation demonstrates how MicroProfile JWT, MicroProfile Metrics, MicroProfile Rest Client, MicroProfile Health Check, and more can provide architecture-level interoperability across concerns.
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, offer endless extensions, and almost seem designed to deliberately confuse. With an eye on architectural impact, actual HTTP messages, and aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. It then explores a competing Amazon-style approach called HTTP Signatures, ideal for B2B APIs. Finally, it discusses a new internet draft launched this year that combines them both into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios.
Lightweight Enterprise Java With MicroprofileRoberto Cortez
I laugh at people that tell me that Java is slow, heavyweight and cumbersome. Maybe it was true when we had EJB2. I will prove to you that we can develop Enterprise Applications with just a few lines of code that can run in a Raspberry PI. If it runs in a PI, I think we can safely say it would run anywhere! To be able to do it, I'm going to use a new platform called Microprofile. Microprofile optimizes Enterprise Java for a Microservices Architecture and delivers application portability across multiple runtimes. You can use a subset of the Java EE specifications to develop Microprofile applications, with JAX-RS, CDI and JSON-P. Join me for this live coding session and help me spread the word that Java is actually great for the Enterprise.
Cluster your MicroProfile Application using CDI and JCacheRoberto Cortez
Microprofile is a new platform definition that optimizes Enterprise Java for a microservices architecture and delivers application portability across multiple runtimes. You can use a subset of the Java EE spec to develop Microprofile applications, with JAX-RS, CDI and JSON-P. Now you need to make it highly available and scalable across a large number of machines. The session will feature a live coding demo where we will turn this Microprofile application, into a fully clustered application using a CDI extension and producers to integrate Hazelcast as a JCache provider. Finally, to show you how light it is, we will run the entire cluster in a set up of Raspberry PI's.
The last few years have been pretty exciting for Java with new versions of EE and SE platforms. Java EE, introduced a new API to build WebSockets; a new API to parse, process and generate JSON; a new Client API in JAX-RS to invoke REST services, and finally the Batch Processing API to build batch applications. Java SE brought us the long awaited Lambda expressions; the powerful Streams API to perform operations like filtering, mapping or sorting in a very easy and fluent way, and a brand new Date Time API, to deal with the complexities of Timezones and Periods. This session will combine all of these elements together and show you how to easily develop an application using Java SE 8 with Java EE 7, with live coding and samples.
This session will explore the usage of the new Java 8 API's, combined with some of the new and existing features of Java EE. It will mostly be a live coding session where I plan to combine Java 8 Lambdas, Streams and DateTime API's with JPA, CDI, REST, Websockets and Batch.
The interesting thing about this session is about how to adjust your coding style and learn where you can use all these awesome Java 8 feature when developing a standard Enterprise application.
Love it or hate it (and a lot of people seem to hate it), Maven is a widely used tool. We can consider that Maven has been the de-facto standard build tool for Java over the last 10 years. Most experienced developers already got their share of Maven headaches. Unfortunately, new developers are going through the same hard learning process, because they don't know how to deal with Maven particularities. "Why is this jar in my build?", "I can’t see my changes!", "The jar is not included in the distribution!", "The artifact was not found!" are common problems. Learn to tame the Maven Beast and be in complete control of your build to save you countless hours of pain and frustration.
The latest version of the Java EE plataform had three major goals. First, improve developer productivity by introducing more annotations and removing boilerplate code to simplify integration with the plataform. JMS 2 is the perfect example; Second, add first-class support for web standards, including a new API to build WebSockets, a new API to parse, process and generate JSON and a new Client API in JAX-RS 2 to invoke RESTful services; Third, meet the enterprise demands. The long awaited Batch Processing API is now available to build batch processing applications using all the capabilities of the platform itself. The Concurrency Utilities API provides you with asynchronous capabilities. This session will explore all the new features introduced in Java EE 7 and share information to learn, develop and contribute.
Are you still stuck in Java EE 5? Eager to move and boost developer productivity with all the cool things introduced in Java EE 7? Attend this session to hear about some of the solutions Tomitribe had to implement to completely migrate an application called Segurnet from Java EE 5 to Java EE 7. Expect a very technical session that delves into the details. Segurnet is a platform held by APS (Portuguese Insurance Association) that has served as an integration network for the insurance sector in Portugal for the last 20 years, with more than 33,000 active users.
We all enjoy to hear a good success story, but in the software development industry the life of a developer is also made up of disasters, disappointments and frustrations. Have you ever deleted all the data in production? Or maybe you just run out of disk space and your software failed miserably! How about crashing your server with a bug that you introduced in the latest release? We can learn with each others with the mistakes we made. Come to this BOF and share with us your most horrific development story and what did you do to fix it.
The 5 People in your Organization that grow Legacy CodeRoberto Cortez
Have you ever looked at a random piece of code and wanted to rewrite it so badly? It’s natural to have legacy code in your application at some point. It’s something that you need to accept and learn to live with. So is this a lost cause? Should we just throw in the towel and give up? Hell no! Over the years, I learned to identify 5 main creators/enablers of legacy code on the engineering side, which I’m sharing here with you using real development stories (with a little humour in the mix). Learn to keep them in line and your code will live longer!
Java EE 7 Batch processing in the Real WorldRoberto Cortez
This talk will explore one of the newest API for Java EE 7, the JSR 352, Batch Applications for the Java Platform. Batch processing is found in nearly every industry when you need to execute a non-interactive, bulk-oriented and long running operation task. A few examples are: financial transactions, billing, inventory management, report generation and so on. The JSR 352 specifies a common set of requirements that every batch application usually needs like: checkpointing, parallelization, splitting and logging. It also provides you with a job specification language and several interfaces that allow you to implement your business logic and interact with the batch container. We are going to live code a real life example batch application, starting with a simple task and then evolve it using the advanced API's until we have a full parallel and checkpointing reader-processor-writer batch. By the end of the session, attendees should be able to understand the use cases of the JSR 352, when to apply it and how to develop a full Java EE Batch Application.
Geecon 2014 - Five Ways to Not Suck at Being a Java FreelancerRoberto Cortez
Do you ever wanted to have a freelance experience, but don't know how to get started? Do you think that becoming a freelancer is too much of a risk to trade with your stable job and steady income? Do you want to control and steer every aspect of your professional career without relying on someone else doing it for you? Maybe you feel unhappy with what you are doing and need a change? Or maybe you're just adventurous enough and willing to try something different! Come to my lightning talk where I'll discuss a few major points about doing freelance based on my own personal experience in the Java world, and hopefully this will help you clear up your mind and make your own decision about trying to freelance someday.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
7. LISTEN TO OUR STORYLISTEN TO OUR STORY
This talk is about our journey…
… through a Microservices architecture
We’ll progressively build a MS architecture
Going from problem, to solu on…
… to problem, to solu on…
… to problem
And end‐up building a (basic) distributed applica on
2 . 4
18. WHAT DO PEOPLE MEAN BY MICROWHAT DO PEOPLE MEAN BY MICRO
SERVICES ?SERVICES ?
3 . 2
19. PROMISE, WE WON’T TALK ABOUT PIZZAS !PROMISE, WE WON’T TALK ABOUT PIZZAS !
3 . 3
20. SO, WHY MICROSERVICES ?SO, WHY MICROSERVICES ?
Business focused (bounded context)
Deliver new features quicker
Smaller, more agile teams
Scale services independently
Address unpredictable loads
Cloud
3 . 4
21. LET’S START SIMPLELET’S START SIMPLE
We have one Number API Microservice
We have one Angular client
We use 2 PIs
How do we deploy and make this run?
4 . 1
23. SEVERAL WAYS TO DEVELOPSEVERAL WAYS TO DEVELOP
MICROSERVICESMICROSERVICES
Dropwizard
Lagom
Vert.x
Spring Boot
MicroProfile
4 . 3
24. WHAT IS MICROPROFILE?WHAT IS MICROPROFILE?
Comes from Java EE (Jakarta EE)
JAX‐RS + CDI + JSON‐P
Extensions
Configura on
Security
Health Check
Fault tolerance
Metrics
4 . 4
27. RUNNING ON WILDFLY SWARMRUNNING ON WILDFLY SWARM
Comes from Wildfly (RedHat)
Open source
Modular
Small frac ons
Executable Jar
Now known as Thorntail
4 . 7
30. OPEN APIOPEN API
Open API Specifica on
API documenta on
What do you call?
What are the parameters?
What are the status code?
Contract wri en in JSon (or Yaml)
Swagger is one implementa on
4 . 10
31. SWAGGER ANNOTATIONSSWAGGER ANNOTATIONS
@Path("numbers")
@Produces(MediaType.TEXT_PLAIN)
@Api(value = "numbers", description = "Generating all sorts of num
public class NumberResource {
@GET
@Path("book")
@ApiOperation(value = "Generates a book number.", response =
public Response generateBookNumber() {
log.info("Generating a book number");
return Response.ok("BK-" + Math.random()).build();
}
}
4 . 11
34. SWAGGER CODE GENSWAGGER CODE GEN
Generates code from a Swagger contract
Client stubs
Several languages
Including TypeScript for Angular
$ swagger-codegen generate -i
swagger.json -l typescript-angular2 -o
src/app/shared
4 . 14
35. THE GENERATED TYPESCRIPT SERVICETHE GENERATED TYPESCRIPT SERVICE
@Injectable()
export class NumbersApi {
protected basePath = 'http://localhost:8084/number-api/api';
public generateBookNumber(extraHttpRequestParams?: any): Obse
return this.generateBookNumberWithHttpInfo(extraHttpReque
.map((response: Response) => {
if (response.status === 204) {
return undefined;
} else {
return response.text() || "";
}
});
}
4 . 15
56. SEVERAL TO CHOOSE FROMSEVERAL TO CHOOSE FROM
By hand
Apache HTTP Client
JAX‐RS Client API
Ne lix Feign
5 . 4
57. WHAT IS FEIGN?WHAT IS FEIGN?
Feign is a Java to HTTP client
Inspired by Retrofit, JAXRS‐2.0, and WebSocket
Reducing the complexity of HTTP APIs calls
Jersey or CXF
Clients for REST or SOAP services
5 . 5
59. BOOK APIBOOK API
@Path("books")
@Api(value = "books", description = "Operations for Books.")
public class BookResource {
@Inject
private NumbersApi numbersApi;
@Inject
private BookRepository bookRepository;
@GET
@Path("/{id : d+}")
public Response findById(@PathParam("id") final Long id) {
log.info("Getting the book " + id);
return ofNullable(bookRepository.findById(id))
map(Response::ok)
5 . 7
60. RUNNING ON TOMEERUNNING ON TOMEE
TomEE = Tomcat + Java EE
Comes from Apache
Open source
Supported by Tomitribe
Executable Fat‐Jar
5 . 8
61. NUMBER API SWAGGER CONTRACTNUMBER API SWAGGER CONTRACT
{
"swagger" : "2.0",
"info" : {
"description" : "Generates all sorts of numbers",
"version" : "02",
"title" : "Numbers API"
},
"host" : "localhost:8084",
"basePath" : "/number-api/api",
"tags" : [ {
"name" : "numbers",
"description" : "Generating all sorts of numbers."
} ],
"schemes" : [ "http", "https" ],
"paths" : {
"/numbers/book" : {
5 . 9
64. THE GENERATED JAVA FEIGN CLIENTTHE GENERATED JAVA FEIGN CLIENT
public class ApiClient {
private String basePath = "http://localhost:8084/number-api/ap
public NumbersApi buildNumberApiClient() {
return Feign.builder()
.logger(new Slf4jLogger(NumbersApi.class))
.logLevel(Logger.Level.FULL)
.target(NumbersApi.class, basePath);
}
}
5 . 12
65. PRODUCING THE FEIGN CLIENTPRODUCING THE FEIGN CLIENT
@ApplicationScoped
public class NumbersApiProducer {
@Produces
@RequestScoped
public NumbersApi createNumbersApi() {
return new ApiClient().buildNumberApiClient();
}
}
5 . 13
66. INVOKING THE NUMBER API WITH FEIGNINVOKING THE NUMBER API WITH FEIGN
CLIENTCLIENT
@Path("books")
@Api(value = "books", description = "Operations for Books.")
public class BookResource {
@Inject
private NumbersApi numbersApi;
public Response create(@ApiParam(value = "Book to be created"
String isbn = numbersApi.generateBookNumber();
book.setIsbn(isbn);
5 . 14
88. SEVERAL TO CHOOSE FROMSEVERAL TO CHOOSE FROM
Environment variable
Property files
XML, JSon, Yaml
Database
JNDI in Java EE
Spring Config
MicroProfile Configura on
7 . 4
90. BOOK API INVOKING NUMBER APIBOOK API INVOKING NUMBER API
public class ApiClient {
public interface Api {
}
private String baseHost = "http://localhost:8084";
private String basePath = "/number-api/api";
public NumbersApi buildNumberApiClient() {
final Config config = ConfigProvider.getConfig();
config.getOptionalValue("NUMBER_API_HOST", String.class)
.ifPresent(host -> baseHost = host);
return Feign.builder()
.logger(new Slf4jLogger(NumbersApi.class))
.logLevel(Logger.Level.FULL)
target(NumbersApi class baseHost + basePath);
7 . 6
98. SERVICE REGISTRATION AND DISCOVERYSERVICE REGISTRATION AND DISCOVERY
Think of it as DNS resolu on
A service registers with a name
Another service looks for it by name
Several instances of the same service
8 . 3
99. SEVERAL TO CHOOSE FROMSEVERAL TO CHOOSE FROM
JNDI
Apache Zookeeper
Ne lix Eureka
HashiCorp Consul
8 . 4
100. WHAT IS CONSUL?WHAT IS CONSUL?
Solu on to connect and configure applica ons
Distributed, highly available, and data center aware
Dynamic Service Discovery
Run me Configura on
8 . 5
101. REGISTER WITH CONSULREGISTER WITH CONSUL
Consul consul = Consul.builder().withUrl(consulHost + ":" + consu
agentClient = consul.agentClient();
final ImmutableRegistration registration = ImmutableRegistration.b
.id("number-api")
.name(NUMBER_API_NAME)
.address(numberApiHost)
.port(numberApiPort)
.check(http(numberApiHost + ":" + numberApiPort + "/numb
.build();
agentClient.register(registration);
8 . 6
103. DISCOVER WITH CONSULDISCOVER WITH CONSUL
final Consul consul = Consul.builder().withUrl(consulHost + ":" +
final HealthClient healthClient = consul.healthClient();
final List<ServiceHealth> nodes = healthClient.getHealthyServiceI
final Service service = nodes.iterator().next().getService();
final String baseHost = service.getAddress() + ":" + service.getP
return Feign.builder()
.logger(new Slf4jLogger(NumbersApi.class))
.logLevel(Logger.Level.FULL)
.target(NumbersApi.class, baseHost + basePath);
8 . 8
114. CIRCUIT BREAKERCIRCUIT BREAKER
Services some mes collaborate when handling
requests
When invoked synchronously, there is always the
possibility of being unavailable
(or high latency)
The failure of one service can poten ally cascade to
others
Client should invoke a remote service via a proxy
If consecu ve failures, the circuit breaks
10 . 3
115. SEVERAL TO CHOOSE FROMSEVERAL TO CHOOSE FROM
Build your own (CDI)
JRugged
MicroProfile Fault‐Tolerance
Ne lix Hystrix
10 . 4
118. NUMBER API FAILINGNUMBER API FAILING
@GET
@Path("book")
@ApiOperation(value = "Generates a book number.", response = Stri
public Response generateBookNumber() throws InterruptedException
final Config config = ConfigProvider.getConfig();
config.getOptionalValue("NUMBER_API_FAKE_TIMEOUT", Integer.cl
log.info("Waiting for " + numberApiFakeTimeout + " seconds");
TimeUnit.SECONDS.sleep(numberApiFakeTimeout);
return Response.ok("BK-" + Math.random()).build();
}
10 . 6
119. BOOK API FALLING BACKBOOK API FALLING BACK
public NumbersApi buildNumberApiClient() {
// Get host from Consul
// This instance will be invoked if there are errors of any k
NumbersApi fallback = () -> {
return "FALLBACK ISBN";
};
return HystrixFeign.builder()
.logger(new Slf4jLogger(NumbersApi.class))
.logLevel(Logger.Level.FULL)
.target(NumbersApi.class, baseHost + basePath, fallba
}
10 . 7
125. CLIENT-SIDE LOAD BALANCINGCLIENT-SIDE LOAD BALANCING
Several instances of same service registered
The client gets all the registered instances
Then choose from among these instances
Following certain criterias
Capacity, round‐robin, cloud‐provider availability‐
zone awareness, mul ‐tenancy
11 . 3
126. SEVERAL TO CHOOSE FROMSEVERAL TO CHOOSE FROM
Amazon Elas c Load Balancing (ELB)
Apache H pd
Nginx
Ne lix Ribbon
11 . 4
127. WHAT IS RIBBON?WHAT IS RIBBON?
Ne lix implementa on of Client‐Side Load
Balancing
Fault tolerant
Mul ple protocols (HTTP, TCP, UDP) support
Synchronous, asynchronous and reac ve model
Caching and batching
Integrates with Feign using Feing Ribbon
11 . 5
128. REGISTER SEVERAL NUMBER APIS INREGISTER SEVERAL NUMBER APIS IN
CONSULCONSUL
final ImmutableRegistration registration =
ImmutableRegistration.builder()
.id(UUID.randomUUID().toString())
.name(NUMBER_API_NAME)
.address(numberApiHost)
.port(numberApiPort)
.check(http(numberApiHost + ":" + numberA
.build();
agentClient.register(registration);
11 . 6
129. BOOK API REGISTERS THE RIBBON LOAD-BOOK API REGISTERS THE RIBBON LOAD-
BALANCERBALANCER
private void registerLoadBalancer(final Consul consul) {
try {
final DefaultClientConfigImpl clientConfig = getClientCon
clientConfig.set(NFLoadBalancerClassName, "com.netflix.lo
clientConfig.set(NFLoadBalancerRuleClassName, "com.netflix
clientConfig.set(ServerListRefreshInterval, 10000);
final DynamicServerListLoadBalancer dynamicServerListLoad
(DynamicServerListLoadBalancer) registerNamedLoad
dynamicServerListLoadBalancer.setServerListImpl(new Numbe
dynamicServerListLoadBalancer.enableAndInitLearnNewServer
} catch (final ClientException e) {
e.printStackTrace();
}
}
11 . 7
130. BOOK API GETS THE REGISTEREDBOOK API GETS THE REGISTERED
INSTANCESINSTANCES
final HealthClient healthClient = consul.healthClient();
final List<ServiceHealth> nodes =
healthClient.getHealthyServiceInstances("CONSUL_NUMBER_API").
final List<Server> servers = nodes.stream()
.map(serviceHealth -> new Serve
URI.create(serviceHealth.ge
serviceHealth.getService().
.collect(toList());
11 . 8
131. BOOK API LOAD-BALANCES WITH FEIGNBOOK API LOAD-BALANCES WITH FEIGN
return HystrixFeign.builder()
.logger(new Logger.JavaLogger())
.logLevel(Logger.Level.FULL)
.target(LoadBalancingTarget.create(NumbersApi.class, "http://
11 . 9
138. SEVERAL TO CHOOSE FROMSEVERAL TO CHOOSE FROM
Amazon API Gateway
Apigee Gateway
Tribestream Access Gateway
12 . 4
139. WHAT IS TRIBESTREAM ACCESS GATEWAY?WHAT IS TRIBESTREAM ACCESS GATEWAY?
API Security For Microservices
OAuth 2
JWT
H p Signatures
Route Microservices
Load Balancer
12 . 5
140. JSON WEB TOKENJSON WEB TOKEN
Lightweight token
Contains « some » data (claims)
Base64
Can be Encrypted
Passed in the HTTP Header
Sent at each request
12 . 6
144. ASKING FOR A TOKENASKING FOR A TOKEN
@Injectable()
export class AuthService {
private _jwt: string;
login(login: string, password: string): Observable<any> {
var headers: Headers = new Headers();
headers.append('Content-Type', 'application/x-www-form-urlenc
var body = `username=${login}&password=${password}`;
return this.http
.post(this.basePath, body, requestOptions)
.map((response: Response) => {
if (response.status !== 200) {
return undefined;
12 . 10
145. PASSING THE TOKEN AROUNDPASSING THE TOKEN AROUND
public _deleteWithHttpInfo(id: number, extraHttpRequestParams?: a
const path = this.basePath + '/books/${id}'.replace('${' + 'id
let queryParameters = new URLSearchParams();
var jwt = this.authService.jwt;
if (jwt != null) {
this.defaultHeaders.set('Authorization', jwt);
}
let requestOptions: RequestOptionsArgs = new RequestOptions({
method: RequestMethod.Delete,
headers: headers,
search: queryParameters,
withCredentials:this.configuration.withCredentials
});
return this http request(path requestOptions);
12 . 11