CodeIsGo.com

Ever wanted to store a blob of custom data on a database record? The data we want to store might be complex too, made up of multiple fields and even lists. When the data is stored using Ecto there are several ways we can do it. This article explores two paths and discusses some of the pros and cons for each approach. By Mark Ericksen.

Ecto is Elixir’s database wrapper. If you want to use a database with Elixir, you need to know Ecto.

defmodule Core.GameSaves.GameSave do
  use Ecto.Schema

  schema "game_saves" do
    # ...
    field :data, :map, default: %{}, required: true

    belongs_to :account, Core.Accounts.Account
    timestamps()
  end
end

The article main content covers:

• Our custom data
• Path one: Store data as a map
• Path Two: Store data as an Erlang encoded binary
• Security considerations
• Version the data!

Together we’ve peered down the two paths a bit and hopefully now we can quickly determine which path we want next time we come to this fork in the road. Good read!

How GraphQL might be a better fit for your next project than RESTful APIs. By plainenglish.io.

With the shift away from monolithic apps, REST APIs have been the go-to approach to standardize how the different moving parts in a system work together and share data. However, REST is also an inflexible, often ambiguous standard (it’s only a set of guidelines) with several architectural and implementation issues, and has proven to scale poorly with modern client needs - which are data-intensive and rapidly changing.

The article then guides you through:

• How GraphQL improves on REST APIs
• So where does StepZen fit in?
• Case Study: Migrating a REST API to GraphQL via StepZen
• The Best Of Both Worlds

GraphQL is incredibly powerful and flexible, and StepZen - with its powerful CLI tool, a plethora of features, pre-made schemas for a huge number of data sources, and extensive documentation - makes it incredibly easy to implement GraphQL and get the best of both worlds for all your development needs. Good read!

Kurun is a multi-tool to help Kubernetes developers. We can summarize one of its features in a short sentence: just like go run main.go but executed inside Kubernetes with one command. By Sándor Lovász.

Ideally, the operator runs inside the cluster, so the admission controllers send the admission requests to the operator directly. However, during development, it is more practical to keep your operator on your local machine (for debugging and other reasons), but unfortunately, admission controllers cannot access your operator this way. Applications running inside Kubernetes usually cannot open connections to your local workstation, partly for security reasons, but mostly because of IPv4 NAT.

Proxying requests through a WebSocket tunnel might seem easy, but it’s trickier than you think. Originally, WebSockets are handling bidirectional traffic without state. Hence, when you want to proxy HTTP calls over WebSockets you have two options. Create a new WebSocket connection for every single request, which is trivial but not efficient.

The article then guides reader through step by step example configuration with a sample application to try out kurun port-forward feature in a sandbox environment. The complexity of example might be frightening for beginners, but starting to develop webhook based applications will make familiar all the things above. We think kurun is a useful developer tool which we actively use it in everyday work. We hope it will also make your work easier as a Kubernetes developer. Good read!

Most organizations today deploy web applications across multi-cloud and hybrid environments. However, existing models for application security are obsolete and no longer up to the task of providing high-grade, consistent, and frictionless application security across clouds. By Eyal Arazi.

Organizations are no longer migrating to the cloud; they’re already there. According to IBM’s Turbonomic State of Multi-Cloud 2021 report, 96% of organizations deploy at least one public cloud environment.

The article then focuses on comparing:

• Existing appsec solutions can’t keep up
• What’s needed for modern, cross-cloud application security
• Radware’s new security architecture

Radware SecurePath™ is a new API-based, cloud application security architecture designed from the ground up to optimally protect applications deployed across any cloud and data center — on-premise, private cloud, and all public cloud environments – while improving security, uptime, and performance. Good read!

This tutorial will show you how to develop a secure e-commerce store using SuperTokens authentication in a React.js app. We’ll use a modern stack that includes React, Hasura GraphQL, and SuperTokens. By Ankur Tyagi.

SuperTokens is an open-source AuthO alternative that allows you to set up authentication in less than 30 minutes.

The source code for the App we’re working on is available to view in this GitHub repo. SuperTokens provides authentication, and Hasura exposes a single GraphQL endpoint that you use on the frontend to send GraphQL queries and access data. Because it is a public API by default, SuperTokens will make it secure or private.

The article then dives into:

• What is SuperTokens?
• Why use SuperTokens?
• What is Hasura?
• Create a managed service with SuperTokens

The article contains all the code needed for React frontend and database implementation together with screengrabs for better understanding. You will integrate SuperTokens with Hasura. Tokens generated from SuperTokens will be sent from the UI side in request headers to Hasura, where they will be validated. Nice one!

Storing data like JSON logs in DynamoDB is a great idea as DynamoDB is very scalable. In addition, it is easier to transfer data into a DynamoDB table using for example Lambda and AWS SDK. Also, it makes analyzing the logs easier for example the AWS Console offers great filtering options to search for specific so-called table items. By Martin Mueller.

This all sounds very good but there is one hitch and that is the cost. As the number of items increases, so does the cost. So it would be advisable to delete the DynamoDB data from the table after a certain time, e.g. 30 days, and import it into an S3. The costs for S3 are much lower and it would even be possible to reduce them if you use a cheaper S3 tier like Glacier.

DynamoDB Streams invokes a Lambda, which writes the deleted item away to S3. In author’s example, the DynamoDB items are JSON logs with few properties. In your case, the DynamoDB item can look different. You can find the code in this GitHub repo. But the basic concept should still the same!

What is pretty cool is that DynamoDB Streams provides a batching feature. The Lambda can then process the deleted items as a batch. That reduces the number of Lambda calls and therefore the costs. The default DynamoDB default batching is not quite ideal for our use case here so author used AWS Console and the Lambda call metrics to optimize it. The batchSize with 10000 and the maxBatchingWindow are chosen maximally to call a Lambda really only every 5 minutes. Nice one!

There is a regular requirement and a big use case for both admins and developers, as they need to easily debug and surface issues in an app that is accessible for end users. Robust logging functionality is an essential part of the puzzle – even better if it can be customized to meet the needs of your specific organisation. By Atlas Can.

For anyone implementing or supporting an application, you’ve probably realized that no system is perfect. At some point, errors or issues can (and likely will) occur – this could be due to bugs, user errors, or issues with external integrations, among other things.

The Salesforce platform provides some out-of-the-box functionality for basic logging. This is available to admins via the Salesforce Developer Console, and provides information about exceptions, database operations, callouts, and more. However, there are some major considerations when using the Salesforce platform. These limits can make it difficult to rely solely on Salesforce’s logging to troubleshoot issues, especially if it’s an inconsistent issue, or if the user does not know how to recreate the issue.

Logging is an important part of the day-to-day functioning of a Salesforce org. Most enterprise systems use event monitoring and have a logging framework designed for their specific use. However, you can use Nebula Logger to quickly solve your logging needs – it’s customizable and built around best practices. You can also add additional functionality on your own. Good read!

This blog post shows how to optimize the performance of AWS Lambda functions written in Java, without altering any of the function code. It shows how Java virtual machine (JVM) settings affect the startup time and performance. You also learn how you can benchmark your applications to test these changes. By Benjamin Smith and Mark Sailes.

Source: https://aws.amazon.com/blogs/compute/optimizing-aws-lambda-function-performance-for-java/

When a Lambda function is invoked for the first time, or when Lambda is horizontally scaling to handle additional requests, an execution environment is created. The first phase in the execution environment’s lifecycle is initialization (Init). For Java managed runtimes, a new JVM is started and your application code is loaded. This is called a cold start. Subsequent requests then reuse this execution environment. This means that the Init phase does not need to run again. The JVM will already be started. This is called a warm start.

The article then explains:

• How can you improve cold start latency?
• Language-specific environment variables
• Customer facing APIs
• Applying the optimization
• Other use cases

Changing the tiered compilation level can help you to reduce cold start latency. By setting the tiered compilation level to 1, the JVM uses the C1 compiler. This compiler quickly produces optimized native code but it does not generate any profiling data and never uses the C2 compiler. Tiered compilation is a feature of the Java virtual machine (JVM). It allows the JVM to make best use of both of the just-in-time (JIT) compilers. The C1 compiler is optimized for fast start-up time. The C2 compiler is optimized for the best overall performance but uses more memory and takes a longer time to achieve it.

In this post, you learn how to improve Lambda cold start performance by up to 60% for functions running the Java runtime. Thanks to the recent changes in the Java execution environment, you can implement these optimizations by adding a single environment variable. You can explore the code for this example in the GitHub repo. Excellent read!

The Go 1.18 release adds support for generics. Generics are the biggest change we’ve made to Go since the first open source release. By Robert Griesemer and Ian Lance Taylor.

In this article we’ll introduce the new language features. We won’t try to cover all the details, but we will hit all the important points. Generics are a way of writing code that is independent of the specific types being used. Functions and types may now be written to use any of a set of types.

Generics adds three new big things to the language:

• Type parameters for function and types
• Defining interface types as sets of types, including types that don’t have methods
• Type inference, which permits omitting type arguments in many cases when calling a function

Functions and types are now permitted to have type parameters. A type parameter list looks like an ordinary parameter list, except that it uses square brackets instead of parentheses.

We can make a function generic - make it work for different types - by adding a type parameter list. In this example we add a type parameter list with a single type parameter T, and replace the uses of float64 with T.

import "golang.org/x/exp/constraints"

func GMin[T constraints.Ordered](x, y T) T {
    if x < y {
        return x
    }
    return y
}

Generics are a big new language feature in 1.18. These new language changes required a large amount of new code that has not had significant testing in production settings. That will only happen as more people write and use generic code. You will also find video of talk at GopherCon 2021 in the article. Good read!

We wanted our technology choices to support our mission: a greener modern world, supported by a cleaner modern web. To do that, we decided to take a chance on two novel inventions: Rust for our serverless back-end, and PlanetScale for an enterprise-quality database. By Thomas.

Rust is a memory-safe systems programming language that has secured the title of most beloved language on StackOverflow’s annual developer survey for the past six years running. It’s not just hype. Programs written in Rust can run as fast as the processor, with no VM or garbage collector taking up cycles. Then there’s PlanetScale, which provides small teams with exceptional cloud database features (like sharding and size-balancing) under a progressive pricing structure.

For the purpose of this guide, we’ll be developing a profile API, or org-service … using PlanetScale, Rust, the Rocket web-framework, and the Diesel ORM. You can view the finished project on GitHub.

The article then covers step by step:

• Creating a database
• Our first migration
• Building the API service
• Deploying the API service

All the steps are accompanied by the well explained code and you will also learn to package the service into a Docker image. From there, you could easily deploy it to Google Cloud Run (or AWS, or Azure)! Nice one!