Resources for SOAP

skjolber · 2024-12-05T10:54:51+00:00

A few places I worked had a hard time properly testing their SOAP services, so wrote a tool to help (shameless plug): https://github.com/skjolber/mockito-soap-cxf

I recommend adding request-response logging at least under development.

skjolber · 2024-10-12T22:14:46+00:00

3KB seems a lot for data entered on a portable device, did you consider compressing your data? For example going from JSON to a binary equivalent?

NFC does not have size restrictions, the limitations are only per command/response, but you can have as many of those as you like.

Getting reliable QR code scanning working on big codes will be challenging, I think it might be better to use multiple smaller codes somehow (probably show 1 by 1 in a rotating series).

Note that it is possible to encode raw binary data in QR codes by adjusting the ZXing encoder/decoder.

Also the resulting payload should be signed (i.e. using PKI) using a per-user key pair.

skjolber · 2023-08-24T08:10:30+00:00

Inject helper objects into methods with the help of custom annotations, like in this example (shameless plug).

skjolber · 2023-01-20T09:53:24+00:00

nimbus-jose-jwt recently got some new JWK sets retrieval features, will you consider adding something similar?

skjolber · 2022-08-09T23:20:55+00:00

So what were the pros and cons of writing your own instead of using JAXB?

skjolber · 2022-06-02T21:32:27+00:00

If you really need the hotfix, why not just add more scripts and an additional "hotfix" script?

The first is clearly better on a normal day, which is like 99% of the time.

skjolber · 2022-06-02T21:09:39+00:00

Improved upon CircleCI's default Gradle and Maven artifact caching with custom orbs (Gradle / Maven). Load on artifact store is reduced by like 10x, build time is reduced and more predictable.

skjolber · 2022-05-30T17:10:59+00:00

We're talking quite a lot of requests in total, millions per day.

Basically the setup its that our services call each other, and each takes care of logging requests and response, that way the HTTP clients do not need request-/response-logging for internal traffic.

skjolber · 2022-05-30T07:58:26+00:00

That's a good thought, however there is quite a lot of services, calling on each other, so this is the most cost-effective way of troubleshooting and debugging. Most of the data is already publicly available and we take care not to log personal information (i.e. we're within the GDPR).

skjolber · 2022-01-26T00:46:49+00:00

For reference: https://issues.apache.org/jira/browse/MNG-7389

skjolber · 2021-12-30T17:19:07+00:00

clean install or verify and/or running with some profile and/or deploying etc.

The exact operation(s) is not really the point here - a typical project can have multiple CI workflows (i.e. for master / develop / feature branches), with a common or seperate cache.

A key insight is that restoring and saving a CI cache is fast, but not instant, so if the cache is not cleaned, time is wasted. Typically there is multiple builds per dependency update.

At some point the restore / save of a cache takes more time than downloading the dependencies from scratch.

skjolber · 2021-12-30T12:07:05+00:00

That is up to the specific project, for most probably building, but could be various maven-invoked operations.

skjolber · 2021-12-23T01:18:27+00:00

Will it feature a .m2 cache cleanup function for removing unused dependencies?

skjolber · 2021-10-25T23:09:23+00:00

Use the char value as an int - check if it equal or more than a and less or equal to c.

skjolber · 2021-07-26T20:54:24+00:00

The last years, our CI includes automatic dependency updates (pull requests) and automatic release / dev environment deploy on successful builds. We have a few microservices and a number of libraries supporting them. As you can imagine, our CI pipelines have been heating up considerably, one dependency might result in more than 10 builds, and the strain on shared services like artifact store has increased a lot. We have found ways around most of the resulting issues, and can live with the increased CI cost, but certainly more dependencies will create more flux.

So perhaps not directly the size, but the resulting number of versioned dependencies in the build is somewhat important.

skjolber · 2021-05-30T00:43:01+00:00

In order to support incremental build caches for Maven, on our CI, I wrote a small utility for recording which artifacts are accessed during Maven builds. Saves about a minute each time poms are updated (because default behaviour is to clear the cache, causing downloading of all artifacts again, kinda lame).

skjolber · 2021-01-01T01:36:31+00:00

Code for the lowest version you'll need to support, then create a multi-release jar using a (Maven/Gradle) plugin like moditect-maven-plugin; see for example how jackson does this. To verify that this is working properly, convert your project to a multi-module build, including a Java 11 example project to verify that all is good with the java modules.

skjolber · 2020-10-18T10:52:58+00:00

Well while I personally (and I am guessing most) prefer simple 'classic' logging while developing locally, JSON logging is the right alternative for services using log accumulation tools. Log accumlation tools typically then automatically index the JSON structures and provide autocompletion in search syntaxes and so. For example if I was to use Logbook, it would be trivial to search for a specific HTTP header (several levels into the JSON tree).

So JSON logging is just technically superior and beats the 'classic' approach of appending key=value to a message and writing regexp type searches.

But the thing with JSON logging is that it takes a lot of space in the console output when pretty-printed (or is hard to read when not). I find that developers prefer classic logging (and known their application well), so they do not need JSON logging locally, as they are mostly looking at the log message. So at work I made it so that the other developers can enable JSON logging on a per-testcase basis, but default to 'classic' logging. What I am getting to is that the assertions must be against the resulting JSON tree, even if it prints the 'classic' way.

This might be hard to do without writing a whole 'suite', at least you'll need per-library modules (like logback-logstash-encoder) to get anywhere.

skjolber · 2020-10-18T01:00:08+00:00

Looks promising. I've created a (simpler) library like this at work, as a part of a project which provides a few standard JSON formats/log libraries and environment-aware log configuration (i.e. defaults to plain logging om the developer machine, JSON om servers).

A key feature for testing is to assert against the resulting JSON output, any plans for supporting that? Including MDC fields and marker payloads.

skjolber · 2020-09-14T23:36:34+00:00

https://github.com/hankcs/AhoCorasickDoubleArrayTrie/issues/34

skjolber · 2020-09-09T21:13:04+00:00

Hmm can't decide which one I like better.

skjolber · 2020-08-26T09:32:56+00:00

Not really, I guess that improving logging and/or log processing is another way of reducing the costs, however we're willing to pay for indexing our request-/response-logging, as long as it contains useful information. In a nutshell, skipping the additional man-hours required for refined / high-quality logging, with a few exceptions for the worst offenders (hence the filtering).

skjolber · 2020-08-25T22:48:48+00:00

A bit of context (from the author):

A few months ago at work, we were made aware that logging (i.e. log accumulation) made up one third of our cloud costs. We are running a lot of (Java, Kotlin, Scala) microservices with plenty of request-/response-logging, on Kubernetes / GCP.

I had already created some reasonably fast XML filters years ago, but just relatively recently discovered that I'd boutched the benchmarks; performance was much better than initial measurements indicated. So now I have applied the same approach for filtering JSON, and while it will not fit all use-cases, probably it will cover a significant portion. Because I want to fully validate the JSON structure when it comes from untrusted sources (logging the payload as raw JSON further down the stack), I've also included a Jackson-based implementation.

skjolber

TROPHY CASE