Archive for Programmer’s Mindset

Jenkin’s Build Pipeline

I watched a great video of a presentation by @adamculp about Jenkins. I have been setting up a Jenkin’s build server for a while, but this thing can be both easy and complicated at times. The video, while great, left me wanting more of the specifics of the setup, not just “look at what this can do”. I wanted, “This is how you do this”.

I reached out to Adam on the twittersphere and he told me which plugins I needed. The one I really wanted was the Build Pipeline Plugin, and when I finally took a second to scroll down on the plugins page, things started to click. Specifically “views”. I hadn’t used them before.

Even with the instructions, I missed the key point. It says to add a new build pipeline view, so I kept clicking on New Item and not finding it. I read a little closer and looked at the picture, and it was clear… Click the “+” to create a new view.

 

Laravel Repository Pattern Experience

I am always trying to learn, and lately I’ve been working on the repository pattern via Laravel.  I found myself WAY overcomplicating this, and it turned into a mess.

With that said, I think I got myself to a very happy point.  All of the examples on the Internet that I have found ultimately return Eloquent models.  Which, if your controller is ONLY accessing the data, is fine.  But I found myself then relying on Eloquent, which defeated the purpose of the repository.

Introducing domain objects.  I was trying so hard to use active record objects, that it ended up causing me issues.  In the end, I want controllers to be very small and ask a domain object for the data it needs to pass back to the requestor (Web visitor, or API consumer).

The domain object is responsible for all logic (not data).  The domain object should interact with the repositories, and ask for data, or send data.

The repositories are only responsible for retrieving data or saving data.  They should return either arrays or plain old php objects (popo), not Eloquent, Mongo, Redis, etc… models.

Controllers ask the domain to DO something.  The domain asks the repositories for data it may need to do said something.  The domain asks the repositories to store some data.

Once I started following these rules, things started making sense to me.

/** @todo: show examples */

 

Asterisk astobj2.c: bad magic number for object 0x7ff6ac021888. Object is likely destroyed.

Recently we had 2 asterisk servers that were segfaulting, and of course when that happened, all current calls were lost.  This was very frustrating for our customers, our customer service reps, and of course for the us developers.  It was very hard to explain, there was not silver bullet saying “X” is responsible.

So, my boss Kevin and I spent time going through log files, analyzing time lines, researching on the Internet, etc…

Our conclusion is still dumbfounding.

We recently added a new outbound sip provider.  We started only giving them a small percentage of our overall traffic.  During this time we saw 0-1 segfaults each day.  But we didn’t even know about some of them because asterisk started right back up, and unless there was a complaint, we wouldn’t know.

Of course we got the occasional complaint, but we didn’t have an answer.  All of a sudden the last couple of days was showing 4-5 segfaults per day.  Some happening within 20 minutes of each other.  This was very unacceptable and we spent a lot of time trying to narrow down the issue.  It so happened that 2 days ago, we ramped up the amount of traffic this new provider was receiving, subsequently increasing the odds of segfaulting.

At this point, we still don’t know what actually caused the segfault.  We just know that removing that carrier has so far stopped them from happening.

Ugggg… what a PITA.

 

AngularJS + Phonegap Works In Browser Not On Device

I was going crazy for the past 2 days trying to get an Angular app running on my phone.  I had it working in Chrome the way I wanted for testing purposes, and just couldn’t get it onto the device.

Basically I would see the index page, but the app would never bootstrap and get going.  I tried with test apps, and it worked fine.  I tried a very basic app with just 2 way binding and that worked.

Solution ended up being not to use absolute urls.  For example <script src=”/js/index.js”></script> does not work.  You must us <script src=”js/index.js”></script>

The reason is that on the device, everything is accessed as a file, so file:///js/index.js does not exist.

Hope this helps someone not spend so damn long looking for an answer like I did.

 

Being a 1099 Contractor And Working From Home

I am very lucky in the fact that I get to work remotely from home.  This comes with pros and cons, but for me the pros far outweigh the cons.

I have a very supportive wife that understands that when I am in my office (at work), that I am working and not just hanging out at the house.  She doesn’t ask me to do chores, try to make small talk, or bother me in any way.  I hear from far too many developers that they couldn’t work from home because their significant other wouldn’t treat it like a job.

At the same time, you have to make an effort to separate work/home life.  You have to walk away for some time to clear your head and have family time.  Some people that work at home feel like they are ALWAYS at work, and get burnt out.

I am employed as a 1099 contractor, and wanted to share some things to consider for people new to it.

1. Make sure your pay level is equivalent to what  you feel it should be.  You will be responsible for additional taxes that you have not had to pay in the past.

2. Make sure your pay is high enough to cover your benefits.  As a 1099 contractor, you will probably not have any benefits being provided to you, such as health insurance, retirement, etc…

3. Talk to a tax professional right away.  Don’t wait for the following tax season, otherwise you will probably be faced with some penalties.  As a contractor, you have to pay estimated taxes 4 times a year.

4. Speaking of, make sure to put enough money aside to pay your taxes.  The pay you receive has not been taxed, so take time to put some money into another account automatically, so when if comes time to pay them, you are not caught off guard.  I have heard from some people that didn’t do this and they are paying penalties to the IRS years later.

 

 

Chrome Not Displaying All Flash Objects On My Page

So, I had a very strange thing happening only in chrome.  Phoneburner.com has a way for people to record voicemail messages that they want to leave while making phone calls.  On the page that lists them for the members to listen to before using, we do a simple object embed of a small flash player.

This has worked flawlessly for a long time.  All of a sudden, we noticed in Chrome that some would randomly not show.  In this one account, there are about 20 of these embedded flash players and only 3-5 would show up.  The weird part is that if I refreshed, a different mix of 3-5 would show.  Some would disappear, others would appear.

There were no errors in the Developer Console.  I played with the flash plugins and noticed if I disabled both, reloaded the page, and then enabled the plugins all would show up…

Debugging things that don’t make sense is VERY difficult.  So I went to the javascript console and decided to use jQuery to hide them all and then reshow.  Sometimes that worked.  Ok… getting closer, CSS may be the answer.  I then tried just showing, not hiding first.  Most would show, but not always all of them.  But if I ran it a few times, they would eventually all show up.  WTF?!?!??!!

So I added a dirty hack to make it work.

$().ready(function()
{
$(“object”).css(‘display’, ‘inline’);
$(“object”).css(‘display’, ‘inline’);
$(“object”).css(‘display’, ‘inline’);
$(“object”).css(‘display’, ‘inline’);
$(“object”).css(‘display’, ‘inline’);
$(“object”).css(‘display’, ‘inline’);
});

 

Encryption: Trust The Experts, Don’t Roll Your Own

I recently practiced my Tek13 presentation at my SDPHP user group.  What I really like about user groups is the interaction and discussion that often ensues about the given topic.  At the time, one of the members asked me about trying to outdo your adversary with what amounts to “Security by obscurity”.  He was asking about MD5 hashing multiple times to throw off an attacker.  My response was not a good enough reason, but it was the best I had at the time, which was “it’s not a good idea, it won’t do you any good.”

After thinking about it, I have a good reason why now.  I will try to put it into words here.

First, security algorithms are all about best practices and trusting the experts.  Meaning, everything we use today is open source and has been tested by the brightest. Encryption algorithms are very hard to understand, so we shouldn’t try to do it ourselves.

Now for the real explanation.  Hashing just gives us a value, also called a digest.  At the end of the day, at least when it comes to passwords, attackers just want access to the system, not necessarily the password.  Sure, they would love to have that as well, but it’s not necessary.  Attackers can also rely on hashing collisions to give them access.  Let me try to demonstrate.

A hash collision is when two different strings give you the same digest.  So trying to secure your passwords by obscuring the method used, doesn’t really help you here.  All I need to do is find any string that when hashed gives me the proper value.

In the end, follow best practices and use bcrypt now.  Don’t try to make md5 or sha1 work for you in this scenario.  Trust the experts… rolling your own is a bad idea in this area.

 

Tek13: My Goals Realized

I just left Chicago after attending my favorite conference, php|tek.  This is an event that has become near and dear to me, and I am so grateful that the musketeers have stepped in to make sure that it continues running.

I first attended back it 2010, and have continued to grow ever since then.  When I say grow, most people will immediately assume that I have become a better developer, and while that is true, I have grown in more important ways.  I have become less introvert (notice I did not say that I have become an extrovert).  But I have learned to not shy away nearly as much.  I have grown to respect myself enough to know that I am more than I think I am.

In 2010, I decided that I wanted to speak at a conference one day.  I feel I did it the right way by starting off with my local user group.  I didn’t jump right in and try to tackle a conference.  Starting with the user group gives you a great intermediary step.  You probably know many of the members in the group, and it is usually smaller than a conference.

I was privileged enough to give two presentations this year at tek.  My first one, which I felt more prepared for was a little shaky, and I knew it.  :(  I did not take any offense to some of the criticism that I received.  I blame it partially on being the first time I have used a mic, and hearing yourself and knowing that I did not want to over modulate, I tended to speak more monitonely.  I am upset with that fact… I also tended to go through my slides faster than I should have.  I just needed to take more deep breaths and slow myself down.  Overall, I am pleased with the results, and on a scale of 1 (I passed out) to 10 (I knocked it out of the park), I would give myself a 5.1.  I know there is a ton of room for improvement in my public speaking, and I will do that.

My second talk was much better for the most part.  I did no use a mic this time, as the room and number of people were much smaller.  I am very happy that Beth Tucker-Long, joined in for a couple of reasons.  She was the only one to tell me that I needed to speak up.  It’s very easy to start off talking strong and projecting, only to end up trailing off into a conversational voice.  My overall energy level during this talk was much better, and I felt like I was having a conversation.  I hope I was less monotone, and better paced.  What I really like about presenting is the ability to have a conversation with the entire group where I get to learn as much as I may have taught.  If there is one thing I know, it’s that everyone has something to share.  Just because you go to a class to learn, there is probably something you know that can help the entire class (including the teacher).

I set some of my personal goals down on paper last year, and at this point have realized almost all of them.  I have been published in a PHP magazine (twice I may add), I have lost a bunch of weight (2 pounds to reach the goal I set), I spoke at a conference, among others.  Time to break out the pen and write some more down.  Beth and I discussed this and she mentioned maybe adding “book author” to the list…  Intriguing.

Thank you Musketeers.

 

Learn To Know What You Don’t Know

One of the greatest lessons I have learned over the last few years was to “Learn to know what I don’t know”.

This seems like an impossibility on the surface, but digging into the details I found that it didn’t mean to learn everything at once.  The important piece is to know what is out there in general.  It’s important to immerse yourself in your community and keep your ears open.  Listen to what people are talking about, so that in the future, those little snippets may help you.

I’ve attended many user group presentations, and while I don’t always get it completely, afterwards I at least have a clue.  I attended a presentation about Continuous Integration once.  The presentation was over my head at the time, and I wasn’t in a place to put that topic into practice.  A few months later, I knew I was ready to make a change and I remembered the basic principles of continuous integration.  Because I knew about it, I was able to do the research to truly learn about it and put it into practice.

Without having heard that presentation, I may still have been in the dark and would not have been able to implement that simple piece of tech.

 

Should Website Authentication Really Require Email Addresses?

At SDPHP we are starting an open source project (grouptopics) for user groups, but that is for another post.

We are setting up oAuth authentication with Google, Twitter, and Facebook.  While doing so, the developer that did the initial integration stopped with the Twitter integration because they do not give you an email address, and he is steadfast that an email address should be required for a user.

I have thought a lot about this lately, and I am of the personal belief that an email address is not required.  While I would like to have one for communication, the main goal is authentication.  Having the email address does nothing to accomplish this authentication, it just serves our greedy desire to send emails that are probably unwanted.

I have not given any final direction towards the group.  What are your thoughts?  Do I listen to him and require it, or go with my gut and say that it shouldn’t be required?