If you've ever had to document an API, chances are you've used Swagger (OpenAPI) for it. But what IS that, exactly?
In this session we'll dive underneath the covers of OpenAPI. We'll cover documenting an ASP.NET Core API, but we won't stop there: we'll also learn how OpenAPI can help with API test generation and code generation
Serverless Security: Doing Security in 100 millisecondsJames Wickett
Talk on serverless security with a brief history of cloud, containers and now serverless. This talk also features serverless patterns, and security considerations needed in this new environment. This talk was given at AppSecUSA 2016.
Presentation from Cloud Expo Asia Hong Kong covering the rationale for "Compliance as Code" and how InSpec may be applied to servers, cloud platforms, and much more to keep track of your compliance everywhere.
A Hitchhikers Guide to Cloud Native API GatewaysQAware GmbH
O'Reilly Software Architecture Conference Europe, November 2019, Berlin: Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware)
=== Please download slides if blurred! ===
Abstract: Good APIs are the centerpiece of any successful digital product. But for complex systems with many API consumers, the proper management of these APIs is of utmost importance. The API gateway pattern is well established to handle concerns like routing, versioning, rate limiting, access control, or diagnosability in a cloud native application architecture. Mario-Leander Reimer guides you to cloud native API gateways.
You’ll take a closer look at the cloud native API gateway ecosystem: Ambassador, Gloo, Tyc, KrakenD, etc., and find out which one of these is right for your next project. Leander explains the API gateway pattern with its possible usage scenarios and defines a criteria catalog with essential characteristics in order to compare the current ecosystem. And he puts some of them to the test and demonstrates their usage live and uncut.
Jakarta Tech Talk: How to develop your first cloud-native Application with JavaNiklas Heidloff
Slides used in this webinar: https://www.meetup.com/jakartatechtalks_/events/262259197/
Webinar recording: https://youtu.be/kp6tm8gdjTc?t=77
Cloud Native Starter for Java EE based Microservices on Kubernetes and Istio
Code: https://github.com/ibm/cloud-native-starter
Documentation: https://github.com/ibm/cloud-native-starter#documentation
apidays LIVE Hong Kong 2021 - Multi-Protocol APIs at Scale in Adidas by Jesus...apidays
apidays LIVE Hong Kong 2021 - API Ecosystem & Data Interchange
August 25 & 26, 2021
Multi-Protocol APIs at Scale in Adidas
Jesus de Diego, API Evangelist at Adidas
Serverless Security: Doing Security in 100 millisecondsJames Wickett
Talk on serverless security with a brief history of cloud, containers and now serverless. This talk also features serverless patterns, and security considerations needed in this new environment. This talk was given at AppSecUSA 2016.
Presentation from Cloud Expo Asia Hong Kong covering the rationale for "Compliance as Code" and how InSpec may be applied to servers, cloud platforms, and much more to keep track of your compliance everywhere.
A Hitchhikers Guide to Cloud Native API GatewaysQAware GmbH
O'Reilly Software Architecture Conference Europe, November 2019, Berlin: Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware)
=== Please download slides if blurred! ===
Abstract: Good APIs are the centerpiece of any successful digital product. But for complex systems with many API consumers, the proper management of these APIs is of utmost importance. The API gateway pattern is well established to handle concerns like routing, versioning, rate limiting, access control, or diagnosability in a cloud native application architecture. Mario-Leander Reimer guides you to cloud native API gateways.
You’ll take a closer look at the cloud native API gateway ecosystem: Ambassador, Gloo, Tyc, KrakenD, etc., and find out which one of these is right for your next project. Leander explains the API gateway pattern with its possible usage scenarios and defines a criteria catalog with essential characteristics in order to compare the current ecosystem. And he puts some of them to the test and demonstrates their usage live and uncut.
Jakarta Tech Talk: How to develop your first cloud-native Application with JavaNiklas Heidloff
Slides used in this webinar: https://www.meetup.com/jakartatechtalks_/events/262259197/
Webinar recording: https://youtu.be/kp6tm8gdjTc?t=77
Cloud Native Starter for Java EE based Microservices on Kubernetes and Istio
Code: https://github.com/ibm/cloud-native-starter
Documentation: https://github.com/ibm/cloud-native-starter#documentation
apidays LIVE Hong Kong 2021 - Multi-Protocol APIs at Scale in Adidas by Jesus...apidays
apidays LIVE Hong Kong 2021 - API Ecosystem & Data Interchange
August 25 & 26, 2021
Multi-Protocol APIs at Scale in Adidas
Jesus de Diego, API Evangelist at Adidas
apidays LIVE Paris 2021 - Getting started with Event-Driven APis by Hugo Guer...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Getting started with Event-Driven APis
Hugo Guerrero, APIs & Messaging Developer Advocate at Red Hat
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...Matt Raible
In this session, you'll learn about recommended patterns for securing your backend APIs, the infrastructure they run on, and your SPAs and mobile apps.
The world is no longer a place where you just need to secure your apps’ UI. You need to pay attention to your dependency pipeline and open source frameworks, too. Once you have the app built, with secure-by-design code, what about the cloud it runs on? Are the servers secure? What about the accounts you use to access them?
If you lock all that sh*t down, how do you codify your solution so you can transport it cloud-to-cloud, or back to on-premises? This session will explore these concepts and many more!
Looking at the full API Product Lifecycle, from defining an API and implementing the API, to launching with a solid developer site and experience, let’s see the newest tools - and potentially upcoming opportunities - to automate the creation of a solid developer experience.
Creating a successful API requires a proper process from concept and design, through development, and into ongoing maintenance and responsive developer support. As developer expectations for better-quality APIs increase, tools have made it easier to implement this well. Thanks to standards like OpenAPIs, it’s easier to create a quality API, developer site, and overall experience. Many of us create API documentation or code libraries automatically from an OpenAPI spec, but there’s a lot more coming along to make our lives easier, and to make our APIs look better. In reviewing the full API Product Lifecycle to design an API people will use, let’s see the newest tools - and potentially upcoming opportunities - to better automate the creation of a compelling developer program.
The Secret Recipe for Automating Android Malware Analysis - Lorenzo Cavallaro...Codemotion
Rapid advent of Android platforms has dawned an era of sophisticated malware that attacks these systems. To better understand this slew of threats, in this talk, I will first introduce CopperDroid, an automatic VMI-based dynamic analysis system to reconstruct the behaviors of Android malware. I will then discuss the efficacy of such behavioral profiles to differentiate between families of malware. Finally, in a departure from traditional classification techniques, I further show how a statistical machine learning evaluation facilitates near-perfect accuracy by considering prediction sets.
How to develop your first cloud-native Applications with Java - 30 MinutesNiklas Heidloff
Cloud Native Starter for Java EE based Microservices on Kubernetes and Istio
Code: https://github.com/nheidloff/cloud-native-starter
Documentation: https://github.com/nheidloff/cloud-native-starter#documentation
RESHMI KRISHNA SENIOR CLOUD APPLICATION & PLATFORM ARCHITECT, PIVOTAL
VINAY UPADHYA ADVISORY PLATFORM ARCHITECT, PIVOTAL
TDD introduced many improvements into the development process with the biggest advantage relating to code design. As we move to a microservices based architecture, TDD becomes hard to implement across teams building different codebases. Consumer driven contracts (CDC) is like TDD but applied at the API level and is becoming more relevant in the world of microservices. It is a pattern for specifying and verifying interactions between different modules of an application. Spring Cloud Contract provides support for Consumer Driven Contracts and service schemas in Spring applications, covering a range of options for writing tests, publishing them as assets, asserting that a contract is kept by producers and consumers, for HTTP and message-based interactions. In this session, you will learn how we can implement TDD in microservices based architecture using Spring Cloud Contracts.
Security in the Delivery Pipeline - GOTO Amsterdam 2017James Wickett
Security testing is often relegated to the end of software delivery to the detriment of quality and safety. Often security gets aligned with compliance timelines or other long-cycle process inside an organization. This session is complete reversal of the status quo and we will cover modern approaches to security in your CI/CD pipelines.
You will gain experience with some of the testing tools and processes needed to make this happen. We will also cover some advice for dealing with compliance and security engineers as you make a transition to TDD-style approach to security.
As software teams transition to cloud-based architectures and adopt more agile processes, the tools they need to support their development cycles will change. In this session, we'll take you through the transition that Amazon made to a service-oriented architecture over a decade ago. We will share the lessons we learned, the processes we adopted, and the tools we built to increase both our agility and reliability. We will also introduce you to AWS CodeCommit, AWS CodePipeline, and AWS CodeDeploy, three new services born out of Amazon's internal DevOps experience.
Automated Infrastructure Security: Monitoring using FOSSSonatype
Madhu Akula, Automation Ninja
We can see attacks happening in real time using a dashboard. By collecting logs from various sources we will monitor & analyse. Using data gleaned from the logs, we can apply defensive rules against the attackers. We will use AWS for managing and securing the infrastructure discussed in our talk.
For most network engineers who monitor the perimeter for malicious content, it is very important to respond to an imminent threat originating from outside the boundaries of their network. Having to crunch through all the logs that the various devices (firewalls, routers, security appliances etc.) spit out, correlating that data and in real time making the right choices can prove to be a nightmare. Even with the solutions already available in the market.
As I have experienced this myself, as part of the Internal DevOps and Incident Response Teams, in several cases, I would want to create a space for interested folks to design, build, customise and deploy their very own FOSS based centralised visual attack monitoring dashboard. This setup would be able to perform real time analysis using the trusted ELK stack and visually denote what popular attack hotspots exist on a network.
Enterprise DevOps Series: Using VS Code & ZoweDevOps.com
Imagine onboarding a next-generation developer with no mainframe experience who successfully debugs COBOL code on their first day. By equipping them with mainframe-specific extensions to common tools like Visual Studio Code combined with the Zowe framework, new talent can be productive immediately - all without disrupting colleagues using traditional tools.
Join this session to learn how mainframe application development is merging with enterprise IT toolchains and processes, including CI/CD pipelines. The presentation will include a demonstration of a mainframe developer cockpit designed for productivity and ready for shift-left automation. Make “Day 1 Debug” a reality.
JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...Wouter Bloeyaert
Do you know that 90% of all vulnerabilities can be prevented by introducing security in every step of your software development lifecycle (SDLC)? Get ready to join Wouter on his journey on how he introduced security into the SDLC at a company.
During his talk, Wouter will introduce you to how development, operations and security can be fitted together into “SecDevOps”.
The talk uses practical examples so that you will be able to experiment with “SecDevOps” yourself and know what you should pay attention to when implementing this into your own SDLC.
Pragmatic Security Automation for CloudPriyanka Aash
Everything in cloud computing is automated and API-enabled, giving security teams a big opportunity to build and embed security into infrastructures. From continuous guardrails to automated "afterburners" to speed up complex processes, this advanced session leverages the latest software-defined security techniques and shows how to integrate automation. Be prepared for demos, design patterns and a little code.
(Source: RSA Conference USA 2018)
With Apache Kafka’s rise for event-driven architectures, developers require a specification to design effective event-driven APIs. AsyncAPI has been developed based on OpenAPI to define the endpoints and schemas of brokers and topics. For Kafka applications, the broker’s design to handle high throughput serialized payloads brings challenges for consumers and producers managing the structure of the message. For this reason, a registry becomes critical to achieve schema governance. Apicurio Registry is an end-to-end solution to store API definitions and schemas for Kafka applications. The project includes serializers, deserializers, and additional tooling. The registry supports several types of artifacts including OpenAPI, AsyncAPI, GraphQL, Apache Avro, Google protocol buffers, JSON Schema, Kafka Connect schema, WSDL, and XML Schema (XSD). It also checks them for validity and compatibility.
In this session, we will be covering the following topics:
● The importance of having a contract-first approach to event-driven APIs
● What is AsyncAPI, and how it helps to define Kafka endpoints and schemas
● The Kafka challenges on message structure when serializing and deserializing
● Introduction to Apicurio Registry and schema management for Kafka
● Examples of how to use Apicurio Registry with popular Java frameworks like Spring and Quarkus
Micro-serviços em Python usando Pyramid, Cornice e muito amorÉrico Andrei
Relato da experiência com Pyramid, Python e micro-serviços na Briefy.
Esta palestra foi apresentada em 11/11/2017 no encontro do GruPy-SP.
Baseada na apresentação "From Legacy To a Microservices Architecture" ministrada por Rudá Porto na Plone Conference 2017
apidays LIVE Paris 2021 - Getting started with Event-Driven APis by Hugo Guer...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Getting started with Event-Driven APis
Hugo Guerrero, APIs & Messaging Developer Advocate at Red Hat
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...Matt Raible
In this session, you'll learn about recommended patterns for securing your backend APIs, the infrastructure they run on, and your SPAs and mobile apps.
The world is no longer a place where you just need to secure your apps’ UI. You need to pay attention to your dependency pipeline and open source frameworks, too. Once you have the app built, with secure-by-design code, what about the cloud it runs on? Are the servers secure? What about the accounts you use to access them?
If you lock all that sh*t down, how do you codify your solution so you can transport it cloud-to-cloud, or back to on-premises? This session will explore these concepts and many more!
Looking at the full API Product Lifecycle, from defining an API and implementing the API, to launching with a solid developer site and experience, let’s see the newest tools - and potentially upcoming opportunities - to automate the creation of a solid developer experience.
Creating a successful API requires a proper process from concept and design, through development, and into ongoing maintenance and responsive developer support. As developer expectations for better-quality APIs increase, tools have made it easier to implement this well. Thanks to standards like OpenAPIs, it’s easier to create a quality API, developer site, and overall experience. Many of us create API documentation or code libraries automatically from an OpenAPI spec, but there’s a lot more coming along to make our lives easier, and to make our APIs look better. In reviewing the full API Product Lifecycle to design an API people will use, let’s see the newest tools - and potentially upcoming opportunities - to better automate the creation of a compelling developer program.
The Secret Recipe for Automating Android Malware Analysis - Lorenzo Cavallaro...Codemotion
Rapid advent of Android platforms has dawned an era of sophisticated malware that attacks these systems. To better understand this slew of threats, in this talk, I will first introduce CopperDroid, an automatic VMI-based dynamic analysis system to reconstruct the behaviors of Android malware. I will then discuss the efficacy of such behavioral profiles to differentiate between families of malware. Finally, in a departure from traditional classification techniques, I further show how a statistical machine learning evaluation facilitates near-perfect accuracy by considering prediction sets.
How to develop your first cloud-native Applications with Java - 30 MinutesNiklas Heidloff
Cloud Native Starter for Java EE based Microservices on Kubernetes and Istio
Code: https://github.com/nheidloff/cloud-native-starter
Documentation: https://github.com/nheidloff/cloud-native-starter#documentation
RESHMI KRISHNA SENIOR CLOUD APPLICATION & PLATFORM ARCHITECT, PIVOTAL
VINAY UPADHYA ADVISORY PLATFORM ARCHITECT, PIVOTAL
TDD introduced many improvements into the development process with the biggest advantage relating to code design. As we move to a microservices based architecture, TDD becomes hard to implement across teams building different codebases. Consumer driven contracts (CDC) is like TDD but applied at the API level and is becoming more relevant in the world of microservices. It is a pattern for specifying and verifying interactions between different modules of an application. Spring Cloud Contract provides support for Consumer Driven Contracts and service schemas in Spring applications, covering a range of options for writing tests, publishing them as assets, asserting that a contract is kept by producers and consumers, for HTTP and message-based interactions. In this session, you will learn how we can implement TDD in microservices based architecture using Spring Cloud Contracts.
Security in the Delivery Pipeline - GOTO Amsterdam 2017James Wickett
Security testing is often relegated to the end of software delivery to the detriment of quality and safety. Often security gets aligned with compliance timelines or other long-cycle process inside an organization. This session is complete reversal of the status quo and we will cover modern approaches to security in your CI/CD pipelines.
You will gain experience with some of the testing tools and processes needed to make this happen. We will also cover some advice for dealing with compliance and security engineers as you make a transition to TDD-style approach to security.
As software teams transition to cloud-based architectures and adopt more agile processes, the tools they need to support their development cycles will change. In this session, we'll take you through the transition that Amazon made to a service-oriented architecture over a decade ago. We will share the lessons we learned, the processes we adopted, and the tools we built to increase both our agility and reliability. We will also introduce you to AWS CodeCommit, AWS CodePipeline, and AWS CodeDeploy, three new services born out of Amazon's internal DevOps experience.
Automated Infrastructure Security: Monitoring using FOSSSonatype
Madhu Akula, Automation Ninja
We can see attacks happening in real time using a dashboard. By collecting logs from various sources we will monitor & analyse. Using data gleaned from the logs, we can apply defensive rules against the attackers. We will use AWS for managing and securing the infrastructure discussed in our talk.
For most network engineers who monitor the perimeter for malicious content, it is very important to respond to an imminent threat originating from outside the boundaries of their network. Having to crunch through all the logs that the various devices (firewalls, routers, security appliances etc.) spit out, correlating that data and in real time making the right choices can prove to be a nightmare. Even with the solutions already available in the market.
As I have experienced this myself, as part of the Internal DevOps and Incident Response Teams, in several cases, I would want to create a space for interested folks to design, build, customise and deploy their very own FOSS based centralised visual attack monitoring dashboard. This setup would be able to perform real time analysis using the trusted ELK stack and visually denote what popular attack hotspots exist on a network.
Enterprise DevOps Series: Using VS Code & ZoweDevOps.com
Imagine onboarding a next-generation developer with no mainframe experience who successfully debugs COBOL code on their first day. By equipping them with mainframe-specific extensions to common tools like Visual Studio Code combined with the Zowe framework, new talent can be productive immediately - all without disrupting colleagues using traditional tools.
Join this session to learn how mainframe application development is merging with enterprise IT toolchains and processes, including CI/CD pipelines. The presentation will include a demonstration of a mainframe developer cockpit designed for productivity and ready for shift-left automation. Make “Day 1 Debug” a reality.
JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...Wouter Bloeyaert
Do you know that 90% of all vulnerabilities can be prevented by introducing security in every step of your software development lifecycle (SDLC)? Get ready to join Wouter on his journey on how he introduced security into the SDLC at a company.
During his talk, Wouter will introduce you to how development, operations and security can be fitted together into “SecDevOps”.
The talk uses practical examples so that you will be able to experiment with “SecDevOps” yourself and know what you should pay attention to when implementing this into your own SDLC.
Pragmatic Security Automation for CloudPriyanka Aash
Everything in cloud computing is automated and API-enabled, giving security teams a big opportunity to build and embed security into infrastructures. From continuous guardrails to automated "afterburners" to speed up complex processes, this advanced session leverages the latest software-defined security techniques and shows how to integrate automation. Be prepared for demos, design patterns and a little code.
(Source: RSA Conference USA 2018)
With Apache Kafka’s rise for event-driven architectures, developers require a specification to design effective event-driven APIs. AsyncAPI has been developed based on OpenAPI to define the endpoints and schemas of brokers and topics. For Kafka applications, the broker’s design to handle high throughput serialized payloads brings challenges for consumers and producers managing the structure of the message. For this reason, a registry becomes critical to achieve schema governance. Apicurio Registry is an end-to-end solution to store API definitions and schemas for Kafka applications. The project includes serializers, deserializers, and additional tooling. The registry supports several types of artifacts including OpenAPI, AsyncAPI, GraphQL, Apache Avro, Google protocol buffers, JSON Schema, Kafka Connect schema, WSDL, and XML Schema (XSD). It also checks them for validity and compatibility.
In this session, we will be covering the following topics:
● The importance of having a contract-first approach to event-driven APIs
● What is AsyncAPI, and how it helps to define Kafka endpoints and schemas
● The Kafka challenges on message structure when serializing and deserializing
● Introduction to Apicurio Registry and schema management for Kafka
● Examples of how to use Apicurio Registry with popular Java frameworks like Spring and Quarkus
Micro-serviços em Python usando Pyramid, Cornice e muito amorÉrico Andrei
Relato da experiência com Pyramid, Python e micro-serviços na Briefy.
Esta palestra foi apresentada em 11/11/2017 no encontro do GruPy-SP.
Baseada na apresentação "From Legacy To a Microservices Architecture" ministrada por Rudá Porto na Plone Conference 2017
Spec-first API Design for Speed and SafetyAtlassian
Spec-first API design dramatically tightens and improves the development feedback loop without wasting effort on artifacts that can't be used.
The Jira Software team has used this approach very successfully to build APIs that we expose to both internal and external consumers.
In this session, James Navin will walk you through the spec-first approach and demonstrate the benefits that it brings. He will also highlight some tools that can be used to implement a spec-first development approach.
apidays LIVE London 2021 - Getting started with Event-Driven APIs by Hugo Gue...apidays
apidays LIVE London 2021 - Reaching Maximum Potential in Banking & Insurance with API Mindset
October 27 & 28, 2021
The future API stack : GraphQL, gRPC and API specifications
Getting started with Event-Driven APIs
Hugo Guerrero, APIs & Messaging Developer Advocate at Red Hat
Content Strategy and Developer Engagement for DevPortalsAxway
Slides from Write the Docs Ottawa Meet Up at Shopify HQ in Canada, June 24, 2019
We’ll walk through 5 scenarios and concrete ways of reaching a developer community for frictionless and increased engagement.
Depending on your use cases you may need to access your databases which different patterns and technologies (CRUD+UI, batch, reactive, IoT, ...).
At DataStax, the developer advocates team implements reference applications for developers. We had the chance to implement multiple approaches and can provide feedback. KillrVideo.com is one of this application, it has been written in 3 languages (Java, C# and Node) and implement API with REST, Grpc and GraphQL.
Though live session, browsing real code, you will see implementation details, lessons learnt and get working source code in Github as takeaway.
apidays Paris 2022 - The 12 Facets of the OpenAPI Specification, Steve Sfartz...apidays
apidays Paris 2022 - APIs the next 10 years: Software, Society, Sovereignty, Sustainability
December 14, 15 & 16, 2022
The 12 Facets of the OpenAPI Specification
Steve Sfartz, Principal Architect at Cisco
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Deep dive into the API industry with our reports:
https://www.apidays.global/industry-reports/
Subscribe to our global newsletter:
https://apidays.typeform.com/to/i1MPEW
When to use Serverless? When to use Kubernetes?Niklas Heidloff
Slides of a session that I have given/will give at various developer conferences in H1 2018.
Niklas Heidloff
http://twitter.com/nheidloff
http://heidloff.net
Summary Article
http://heidloff.net/article/when-to-use-serverless-kubernetes
OpenWhisk
https://openwhisk.apache.org
https://github.com/ibm-functions/composer
https://github.com/nheidloff/openwhisk-debug-nodejs
Kubernetes
https://kubernetes.io
https://istio.io
IBM Cloud
http://ibm.biz/nheidloff
Abstract
There is a lot of debate whether to use Serverless or Kubernetes to build cloud-native apps. Both have their advantages and unique capabilities which developers should take into consideration when planning new projects. We will throw some light on the topics ease of use, maturity, types of scenarios, developer productivity and debugging, supported languages, DevOps and monitoring, performance, community and pricing. Cloud-native architectures shift the complexity from within an application to orchestrations of Microservices. Both Kubernetes and Serverless have their strengths which we will discuss. Besides the core development topics, developers should also understand operational aspects how complicated it is to maintain your own systems versus using managed platforms.
apidays LIVE Hong Kong 2021 - Event-driven APIs & Schema governance for Apach...apidays
apidays LIVE Hong Kong 2021 - API Ecosystem & Data Interchange
August 25 & 26, 2021
Event-driven APIs & Schema governance for Apache Kafka
Hugo Guerrero, APIs & Messaging Developer Advocate at Red Hat
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
[apidays LIVE HONK KONG] - OAS to Managed API in SecondsWSO2
A robust and effective API-driven business requires a smoothly running CI/CD pipeline for business APIs. WSO2 API Manager delivers the tools you need to make this a reality and bring your APIs into production as quickly as feasible. In this workshop, These slides will go over how to set up a Git-based CI/CD pipeline for deploying your OAS as a Managed API in production with ease.
by Nick Brandaleone, Solutions Architect AWS
Join us to learn about continuous integration, continuous delivery, and DevOps. The AWS Developer Tools have been designed based on the tools used by Amazon engineers to rapidly and reliably deliver products and features to customers. We’ll provide overviews of the services and best practices followed by a hands-on workshop to help you learn how to automate your software release processes, deploy application code, and monitor your application and infrastructure performance.
.NET Fest 2019. Kevin Dockx. OpenID Connect In DepthNETFest
You've used OpenID Connect. You know a thing or two about OAuth. But have you ever wondered how to achieve Single Sign-On between Angular & ASP.NET Core MVC apps, and automated Single Sign-Out? How, and why, to work with reference tokens? How to create a custom grant, and for what use case that might be a good idea?
In this in-depth session we'll cover all of these topics, extensively using IdentityServer4 in the process. Note that some previous knowledge on securing ASP.NET Core applications with OpenID Connect is a must.
Basic deck for API Best practices intro. What I use when introducing API strategies into engineering and PM organizations. I usually start with this and add content to suit each consulting engagement.
Dennis Brennan, Director at Capital One Labs, gave an update on the history and the trajectory of the Open API Initiative and the OpenAPI Specification. March 29, 2016
Containers are rapidly being adopted by many organizations. Developers gain huge advantages from fast prototyping, quick development cycles, and a purpose-built environment for their applications. But when these new apps go into production, those responsible for operations and security may find them difficult to manage.
In this webinar we will discuss some of the pitfalls that we have seen when moving container-based apps through the continuous integration pipeline from development to production, and introduce Anchore, a set of open-source tools designed to provide visibility and transparency into your container environment.
.NET Fest 2019. Николай Балакин. Микрооптимизации в мире .NETNETFest
Что делать, если все, что можно уже закэшировано, а код всё ещё тормозит? В этом докладе мы обсудим, как работают некоторые низкоуровневые механизмы .NET и как мы с их помощью можем выиграть драгоценные секунды, когда счет идет на отдельные такты процессора.
.NET Fest 2019. Сергей Калинец. Efficient Microservice Communication with .NE...NETFest
The move to microservice infrastructure exposes new challenges, that are not typical for classic monolithic applications. Deployment, security, monitoring -- this list is far from complete.
In this talk Serhiy will speak about how to establish a fast and reliable communication channels between microservices. What patterns, protocols and data formats are available. How to enforce a backwards compatibility and strict contract between services and their clients. When we should use sync or async communication style, and so on.
Come to this session and hopefully you will come out with new ideas of how to build your stuff even better.
В сентябре 2019 года выходит новая версия .NET Core 3. Я расскажу о преимуществах .NET Core перед .NET Framework, о том, что нового становится доступным в последней версии .NET Core и о планах Майкрософт по поводу будущего всех .NET фреймворков.
.NET Fest 2019. Оля Гавриш. Машинное обучение для .NET программистовNETFest
А Вы знали, что практически для каждого проекта можно применить машинное обучение? И теперь для этого не нужно изучать новый язык программирования (как Python или R) и осваивать численные методы. В этом докладе я расскажу об основах машинного обучения и о том, как легко начать использовать его в своих .NET проектах с помощью ML.NET и других решений от Microsoft.
In these days, automation is the key to reduce the effort in governing complex system. Also, it reduces mistakes of manual, repetetive, operations. Despite the standardization of common approaches using text-based Infrastructure-as-code definitions, as YAML or JSON, I will suggest to write your provisioning templates using C# and .NET, against Microsoft Azure.
In this demo-only session, we'll see the Azure Fluent Management Libraries in action to create a multi-tenant environment with strong-typed objects and compile-type-safe provisioning code.
.NET Fest 2019. Halil Ibrahim Kalkan. Implementing Domain Driven DesignNETFest
“Domain Driven Design is an approach to software development for complex needs by connecting the implementation to an evolving model.”
While there are many resources on the web about the DDD, they are generally theoretical rather than useful practical guides. One reason is that a DDD implementation quite varies depending on your domain and culture. However, it is still possible to provide some explicit rules those can help you while designing your code base.
This talk starts by introducing the DDD and providing a layering model based on the DDD and the Clean Architecture. It then introduces the core building of an application built on the DDD principles.
In the second part of the talk, it shows some strict coding rules for the core building blocks with real code examples and suggestions. These rules are essential to build a large scale application implements DDD patterns & practices.
While the solution structure and code samples are based on .NET and C#, the talk is useful for developers and architects working with any server side technology.
.NET Fest 2019. Сергій Бута. Feature Toggles: Dynamic Configuration at WirexNETFest
Я розповім про еволюцію фіча тоглів у компанії та наш досвід їх використання. Пройдемось покроково в їх розвитку:
Від файлу конфігурації зі звичайним kill-switch для ввімкнення меінтенансу, який вмикав/вимикав доступ до сервісів одразу всім користувачам. До гнучкої системи з набору правил з пріоритетами з гранулярністю від країни, штату до окремого користувача.
Від редагування через базу даних до панелі адміністратора та автоматизованих змін залежно від подій в системі.
А також розповім про actions - комбінацію фіча тоглів та правил бізнес-логіки для динамічного інтерфейсу клієнтів на основі доступних дій користувачу.
.NET Fest 2019. Michael Staib. Hot Chocolate: GraphQL Schema Stitching with A...NETFest
GraphQL is a great way to expose your APIs and it has changed the way we think about consuming data over HTTP. With GraphQL we want to have one schema that provides all the data to us in a consistent way, enabling us to drill into the graph and fetch with one request what we actually want instead of having to issue multiple requests.
In the real world, however, we more often build small services that serve certain use cases. Simpler services are easier to maintain and can be deployed more rapidly. Moreover, we often also want to use external services that are not built by us. Ultimately, we will end up with multiple APIs again.
The solution for this dilemma is schema stitching. This talk will explore the schema stitching capabilities on ASP.Net Core with Hot Chocolate. We will show how you can set up a Hot Chocolate GraphQL gateway in under 5 minutes and move on to the various stitching scenarios.
This talk introduces simple auto-stitching scenarios and goes on to demonstrate how you can rewrite your GraphQL APIs into something truly new.
.NET Fest 2019. Андрей Литвинов. Async lifetime tests with xUnit and AutoFixtureNETFest
В этом выступлении Андрей расскажет о внутренностях базового сервиса, написанного с использованием паттерна CQS, который обрабатывает входящие запросы команд и публикует события, описывающие переходы состояния системы. После этого он опишет общие способы тестирования такого сервиса и объяснит плюсы и минусы существующих подходов. Затем он расскажет про AutoFixture и покажет, как она может сделать тесты намного чище, а конфигурацию - более удобной, путем инъекции параметров в метод теста, объяснит существующие проблемы с инициализацией и очистке данных в асинхронных тестах и покажет, как с этим справляться с помощью некоторой легковесной интеграции между xUnit и AutoFixture.
.NET Fest 2019. Анатолий Колесник. Love, Death & F# TestsNETFest
.NET developers who want to learn some more programming techniques usually come to F# world. But then find it hard to use it in day-to-day work. I will show how you can utilize F# language without risks of putting something new and not-so-reliable directly to production.
.NET Fest 2019. Алексей Голуб. Монадные парсер-комбинаторы в C# (простой спос...NETFest
Все когда-либо писали парсеры, но многие так и не знают как спарсить HTML без регулярных выражений. Очень длительное время концепция парсинга языков с рекурсивной грамматикой для меня была черной магией, а люди которые занимаются разработкой компиляторов и предметно-ориентированных языков вовсе казались волшебниками. Но это оказалось не так и сложно. В моем докладе я хочу вам рассказать о том что такое парсеры в целом, зачем они нужны и какие они бывают, а самое главное -- покажу как перейти от традиционных методик их написания к более удобному и понятному функциональному способу. В ходе презентации мы также напишем рабочий JSON парсер в качестве proof of concept.
.NET Fest 2019. Roberto Freato. Azure App Service deep diveNETFest
Believing it is the most powerful PaaS service of the entire public cloud, I will share with you all the most interesting features of App Service and the good tips from the field, to see how to properly use it in production and focus on applications, instead of governance.
I will dig into the architecture, the deployment options, the runtimes, the secrets management, logging and troubleshooting and into some advanced high-scale scenarios. If you never used this, you will say ""ok, how did I survive without it?"".
.NET Fest 2019. Леонид Молотиевский. DotNet Core in productionNETFest
Во время доклада, я поделюсь с Вами опытом, который мы получили, используя микросервисы в прод K8S кластере. Также, обозначу основные проблемы, с которыми столкнулась наша команда на этапе их диагностики. И, самое главное - что мы сделали чтобы избежать их в будущем. Отвечу на вопросы: Почему мы мигрировали в облако? Почему dotNet Core 2.2 вызвал кучу проблем? Данный доклад сохранит сотни часов вашим разработчикам и DevOps команде, жизнь которой может напоминать кошмар.
.NET Fest 2019. Александр Демчук. How to measure relationships within the Com...NETFest
The majority of companies are struggling with an issue of growth where they started from handful group of people and reached 1000+ employees. In case of small groups the relationships remind family’s connections so everyone knows each other personally and the atmosphere is warm and charm whereas starting from 500+ to 1k keep it as family is tough and most of the companies come up with processes on one hand and culture on other. There ain’t no silver bullet how to manage it and in the end of the day they are balancing working a lot about good atmosphere in company and setting up relationships between teams. The issue isn’t new however tools and approaches evolved a lot this is where .NET Core and ML.Net comes in handy. These days AI/ML take over the world and bots as one of implementations are already a part of our life therefore our entuthiastic team created a bot using latest .NET Bot Framework v4 who helps managers to “measure” atmosphere in teams and crucial to socialize teams leveraging the power of ML.NET.
.NET Fest 2019. Anna Melashkina та Philipp Bauknecht. Dragons in a Mixed Real...NETFest
In this session we'll demonstrate how to bring dragons or any other 3D model to life using Microsoft's Azure Spatial Anchors, HoloLens and mobile phones. You will learn what is augmented reality, we will introduce you Hololens, we will teach you what is Azure Spatial Anchor, how they work and how you can use them in your apps. This cross-device experience might be usable for all kind of applications.
.NET Fest 2019. Alex Thissen. Architecting .NET solutions in a Docker ecosystemNETFest
You must have noticed how Docker and containers is playing a more and more important part in .NET development. Docker support is everywhere, so it should be easy to build solutions based on container technology, right? But, it takes a bit more to architect and create a .NET solution that use Docker at its core. Many questions arise: How do you design a solution architecture that fits well with containers? Would I use .NET or .NET Core? What is a proper way to migrate to such an architecture? What changes in the .NET implementation from pre-Docker solutions with micro-services? Where do container orchestrators fit in and how do I build and deploy my solutions on a Docker container cluster, such as Azure Kubernetes Service?
These and many other questions will be answered in this session. You will learn how to design and architect your .NET solutions and get a flying start to create, build and run Docker-based containerized applications.
.NET Fest 2019. Stas Lebedenko. Practical serverless use cases in Azure with ...NETFest
Serverless technology is trending, but in-depth details are missing. How does it fit with non-serverless components? What are the practical use cases? Should you fight vendor lock-in? And what about limits and pitfalls with Azure? I will answer those questions, share a few tricks and short demo.
I'll cover serverless usage scenarios with Azure, what problems can be solved, and what is a viable adoption strategy. Then I'm going to talk about technology shortcomings, when to omit it and how to rip all benefits. There are circumstances when a cloud-agnostic approach is beneficial, so I discuss serverless frameworks too and why vendor lock is not that bad. Finally, we'll look at a short demo that illustrates why you have to use specific serverless patterns.
.NET Fest 2019. Сергей Медведев. How serverless makes Integration TDD a reali...NETFest
Do you recall those buzz words like TDD, BDD? Yep, but we know their problems as well!
TDD is too granular. BDD is too coarse-grained.
Unit tests are too chatty. BDD is too abstract.
TDD requires knowledge of implementation details. BDD does not care about implementation at all.
What is in the middle? Integration tests. Let's be Integration driven then! OK, then how to build infrastructure to run Integration tests? Should we start with IaaS first? How to speed up the development and take into account non-foundational requirements like scaling, security borders, isolation, etc. from the very beginning? To answer the questions, we would combine Integration test-based development with serverless (AWS) to solve a typical business task. Based on the example, we would show how to create a solid foundation for further refactoring/refining of the overall solution and concreting it with Unit tests.
Acceptance tests would be left for home exercise ;)
.NET Fest 2019. Сергей Корж. Natural Language Processing in .NETNETFest
Задачи по обработке естественного языка сейчас встречаются практически в любом проекте. К сожалению, до недавнего времени, платформа .NET не сильно подходила для решения подобных задач. С выходом ML.NET ситуация стала меняться к лучшему, но все еще далека от идеала.
На этом докладе я расскажу про основные задачи, которые решаются методами Natural Language Processing и какие существуют способы решения этих задач на платформе .NET (сервисы, библиотеки, фреймворки).
.NET Fest 2019. Eran Stiller. Create Your Own Serverless PKI with .NET & Azur...NETFest
A Public Key Infrastructure (PKI) is the basis of modern system authentication; X.509 certificates are at the core of modern cryptography. Building your own PKI is not for the faint of heart, so we usually buy our certificates from an external Certificate Authority or operate a 3rd-party off-the-shelf PKI.
But what can you do if you need to issue your own certificates while keeping your costs low? What if, for example, you're in the business of manufacturing millions of IoT devices and you need to issue a certificate to each and every one of them? And to top it off - you want to do it in a Serverless manner?
Join me in this session, as we build a Serverless PKI system with Azure Functions & Key-Vault and learn all about Key-Vault's capabilities in regards to X.509 certificates along the way.
The Roman Empire A Historical Colossus.pdfkaushalkr1407
The Roman Empire, a vast and enduring power, stands as one of history's most remarkable civilizations, leaving an indelible imprint on the world. It emerged from the Roman Republic, transitioning into an imperial powerhouse under the leadership of Augustus Caesar in 27 BCE. This transformation marked the beginning of an era defined by unprecedented territorial expansion, architectural marvels, and profound cultural influence.
The empire's roots lie in the city of Rome, founded, according to legend, by Romulus in 753 BCE. Over centuries, Rome evolved from a small settlement to a formidable republic, characterized by a complex political system with elected officials and checks on power. However, internal strife, class conflicts, and military ambitions paved the way for the end of the Republic. Julius Caesar’s dictatorship and subsequent assassination in 44 BCE created a power vacuum, leading to a civil war. Octavian, later Augustus, emerged victorious, heralding the Roman Empire’s birth.
Under Augustus, the empire experienced the Pax Romana, a 200-year period of relative peace and stability. Augustus reformed the military, established efficient administrative systems, and initiated grand construction projects. The empire's borders expanded, encompassing territories from Britain to Egypt and from Spain to the Euphrates. Roman legions, renowned for their discipline and engineering prowess, secured and maintained these vast territories, building roads, fortifications, and cities that facilitated control and integration.
The Roman Empire’s society was hierarchical, with a rigid class system. At the top were the patricians, wealthy elites who held significant political power. Below them were the plebeians, free citizens with limited political influence, and the vast numbers of slaves who formed the backbone of the economy. The family unit was central, governed by the paterfamilias, the male head who held absolute authority.
Culturally, the Romans were eclectic, absorbing and adapting elements from the civilizations they encountered, particularly the Greeks. Roman art, literature, and philosophy reflected this synthesis, creating a rich cultural tapestry. Latin, the Roman language, became the lingua franca of the Western world, influencing numerous modern languages.
Roman architecture and engineering achievements were monumental. They perfected the arch, vault, and dome, constructing enduring structures like the Colosseum, Pantheon, and aqueducts. These engineering marvels not only showcased Roman ingenuity but also served practical purposes, from public entertainment to water supply.
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
3. KEVINDOCKX
MARVIN
COMING UP
Why use OpenAPI to document your API?
Clearing up the terminology confusion
The importance of ApiExplorer
Producing correct response types
Analyzers to the rescue
Advanced content negotiation & schema variation
by media type
3
4. KEVINDOCKX
MARVIN
WHY USE SWAGGER / OPENAPI TO DOCUMENT
YOURAPI?
4
Public APIs need documentation, but so do in-company APIs
Documentation leads to knowledge leads to adoption
Clear documentation saves time and money
7. KEVINDOCKX
MARVIN
OPENAPI COMPONENTS AND TOOLS
7
Full specification
https://bit.ly/2yuDTKX
OpenAPI 3 is the current version
“Swagger” can be used, but “OpenAPI” is the preferred term
8. KEVINDOCKX
MARVIN
CLEARING UP THE TERMINOLOGY CONFUSION
8
OpenAPI specification and Swagger specification are the same
thing
Swagger is a set of open-source built around that OpenAPI
specification
9. KEVINDOCKX
MARVIN
Swagger Editor
helps with creating
the specification
Swagger UI renders
a documentation UI
from the
specification
Swagger Codegen
consists of a set of
tools that help with
generating client
classes, tests, …
from the
specification
SWAGGER IN DETAIL
10. KEVINDOCKX
MARVIN
CLEARING UP THE TERMINOLOGY CONFUSION
10
OpenAPI specification and Swagger specification are the same
thing
Swagger is a set of open-source built around that OpenAPI
specification
Swashbuckle.AspNetCore helps with working with OpenAPI in
ASP.NET Core
15. KEVINDOCKX
MARVIN
THE IMPORTANCE OFAPIEXPLORER
15
Swashbuckle uses the metadata ApiExplorer exposes to
generate an OpenAPI specification
ApiExplorer is enabled by default
It’s registered when calling services.AddMvc() (AddControllers in
Core 3)
16. KEVINDOCKX
MARVIN
PRODUCING CORRECT RESPONSE TYPES
16
An OpenAPI specification should include all possible
response types (404, 422, …) for a method/resource URI
Allows consumers to act accordingly
Our specification must match the reality of our API
20. KEVINDOCKX
MARVIN
Use API Analyzer, but don't
rely on it to give you full
coverage
You (should ) know better
how your API should
behave than a tool
20
28. KEVINDOCKX
MARVIN
SCHEMAVARIATION BY MEDIATYPE
Supported since OpenAPI 3
Swashbuckle doesn’t support this out of the box at the moment
"responses":{
"200":{
"description":"Returnstherequestedbook",
"content": { "application/vnd.marvin.book+json":{
"schema":{"$ref": "#/components/schemas/Book"
}},
"application/json":{
"schema":{"$ref": "#/components/schemas/Book"
}},
"application/vnd.marvin.bookwithconcatenatedauthorname+json":{
"schema":{"$ref": "#/components/schemas/BookWithConcatenatedAuthorName"
}}}}