./gradlew bootRun only dependencies
tl;dr build.gradle: ... configurations { bootRunOnly } depencencies { ... bootRunOnly group: 'org.bouncycastle', name: 'bc-fips', version: '2.0.0' bootRunOnly group: 'org.bouncycastle', name: 'bcpkix-fips', version: '2.0.7' } bootRun { classpath = sourceSets.main.runtimeClasspath + configurations.bootRunOnly } Background We’ve got a project requiring FIPS compliant crypto, so, instead of having to wrangle java.secrity files and the related JARs on each project, we created a base image that contains these depencencies. However, we still need to be able to run the projects locally (not necessarially in FIPS mode), but we don’t want any conflicting JARs to end up in the final Immage. ...
Startups as an experiment to the a hypothesis
One useful way I find of thinking about startups, and their pace of iteration, experimentation, morphing, and pivoting, is that they are an experiment to test the hypothesis of a product <-> market <-> business-model relationship. As such, we can treat them with the scientific method, and bring to bare the tools we’ve learnt from other scientific endeavours. A hypothesis exists within a network of supporting hypotheses, many of which are just accepted as assumptions, but all of which are subject to scrutiny and testing. ...
Kickstart GraphQL Spring Boot Resolution Error Misdirection
Using com.graphql-java-kickstart:graphql-spring-boot-starter:14.1.0 I was refactoring some code to switch Strings for enums and I got the following error. Caused by: graphql.kickstart.tools.SchemaError: Type 'Integration' is declared as an enum in the GraphQL schema but is not a Java enum! I double checked, and Integration was in the GraphQL correctly, and was also a proper Java enum. GraphQL: enum Integration { STRIPE } input IntegrationCriteria { integration: Integration identifier: String } Java enum: ...
Initialise H2GIS with Spring Boot JPA
TL;DR spring: jpa: generate-ddl: true properties: javax: persistence: schema-generation: database: action: drop-and-create create-source: script-then-metadata create-script-source: init.sql init.sql CREATE ALIAS IF NOT EXISTS H2GIS_SPATIAL FOR "org.h2gis.functions.factory.H2GISFunctions.load"; CALL H2GIS_SPATIAL(); CREATE DOMAIN POINT AS GEOMETRY(POINT); CREATE DOMAIN POLYGON AS GEOMETRY(POLYGON);
GCloud CLI Container as a Different User
TL;DR The key is to start the container with the HOME environment variable set to something writeable, such as /tmp/gcloud. docker run --rm -it --user 1001 -e HOME=/tmp/gcloud gcr.io/google.com/cloudsdktool/cloud-sdk Details The GCP tools automatically setup a GCP config directory which includes a log of all the commands that are run. Typically this is in ~/.config/gcloud/. Out of the box, the container has a user with UID=0 and UID=1000 root:x:0:0:root:/root:/bin/bash ... cloudsdk:x:1000:1000::/home/cloudsdk:/bin/bash Which means, if you either run it by default you end up with UID=0, which exists and has a writeable home, or you are the only user on your system, and start the container with --user 1000, you also end up with a writeable home, and everything works. ...
Codecov Troubleshooting
No such file or directory If you, for instance, download the alpine version of Codecov within a non-alpine linux container such as node:14.20.0-bullseye, then you’ll get bash: ./codecov: No such file or directory Double check you are using the correct flavour. Can’t find project If you are using a container that does not have git installed, then the default Codecov will not be able to detect the project. You’ll need to use ...
Hibernate Survival Diaries
I’ve been developing with Hibernate since approximately 2005. In that time I’ve spoken with many other experienced developers and compared notes on how they use and don’t use Hibernate. This is a brief summary of some key learnings. Many of the topics discussed here could be considered defects, and in a lot of cases there are tickets, but I haven’t compiled a list here. Some may have actually been fixed (please let me know), but as far as I know this is accurate as of Hibernate 5.4.33. ...
Reclaiming "Amateur"
It’s not uncommon for someone to be dismissed as “an amateur”, as if they are of less credibility and a shiny “professional”. Putting aside whether the intent is deserved, I want to take a minute to reflect on the literal meaning of “amateur” doing something for pleasure or interest, not as a job Oxford dictionary The truly best in any field are likely to be both amateurs and professionals, in the same field. Simply because a true interest or love of the field will be required to develop the depth of understanding required to be at the top, rather than what is required to simple perform adequately. ...
Using NVM Node from XCode
If you try to use an nvm install of node from XCode, for instance in React Native using Sentry, you will likely get the following build error: env: node: No such file or directory This is because XCode uses a sanitised version of the PATH, and your .profile will not be used, so anything in there to adjust your PATH will not work. /usr/local/bin is on your path, so my solution to this is to create a node script that uses the default version, or the one in .nvmrc if available. ...
CSRF for Stateless SSO APIs
TL;DR In Spring CSRF generates a new token for each new session. If you have http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) then there is a new session triggered for each request. This means we need a different mechanism to calculate the CSRF token, otherwise it’ll be rotated with every request, and you’ll end up with a race condition where your UI will have its token changed mid-request (at least in Angular 12). The solution here is to derive a hash from the SSO session. ...