Infrastructure as Code in Clojure - Eno Compton & Tyler van Hensbergen

When building systems in Clojure, we have a great choice for backend applications (Clojure or ClojureScript), frontend applications (ClojureScript), and the CLI (Clojure or ClojureScript). When it comes to creating infrastructure, though, we must put down our favorite language and turn to CloudFormation and YAML, or as an alternative, we might use tools like AWS Cloud Development Kit (CDK) to write infrastructure as code, but we would be using another language and not Clojure. At Stedi, we found ourselves wanting to spin up new Clojure applications without having to resort to endless lines of YAML or another language.

#vs code #clojurescript #code in clojure

What is GEEK

Buddha Community

Infrastructure as Code in Clojure - Eno Compton & Tyler van Hensbergen

Infrastructure as Code in Clojure - Eno Compton & Tyler van Hensbergen

When building systems in Clojure, we have a great choice for backend applications (Clojure or ClojureScript), frontend applications (ClojureScript), and the CLI (Clojure or ClojureScript). When it comes to creating infrastructure, though, we must put down our favorite language and turn to CloudFormation and YAML, or as an alternative, we might use tools like AWS Cloud Development Kit (CDK) to write infrastructure as code, but we would be using another language and not Clojure. At Stedi, we found ourselves wanting to spin up new Clojure applications without having to resort to endless lines of YAML or another language.

#vs code #clojurescript #code in clojure

Tyrique  Littel

Tyrique Littel

1604008800

Static Code Analysis: What It Is? How to Use It?

Static code analysis refers to the technique of approximating the runtime behavior of a program. In other words, it is the process of predicting the output of a program without actually executing it.

Lately, however, the term “Static Code Analysis” is more commonly used to refer to one of the applications of this technique rather than the technique itself — program comprehension — understanding the program and detecting issues in it (anything from syntax errors to type mismatches, performance hogs likely bugs, security loopholes, etc.). This is the usage we’d be referring to throughout this post.

“The refinement of techniques for the prompt discovery of error serves as well as any other as a hallmark of what we mean by science.”

  • J. Robert Oppenheimer

Outline

We cover a lot of ground in this post. The aim is to build an understanding of static code analysis and to equip you with the basic theory, and the right tools so that you can write analyzers on your own.

We start our journey with laying down the essential parts of the pipeline which a compiler follows to understand what a piece of code does. We learn where to tap points in this pipeline to plug in our analyzers and extract meaningful information. In the latter half, we get our feet wet, and write four such static analyzers, completely from scratch, in Python.

Note that although the ideas here are discussed in light of Python, static code analyzers across all programming languages are carved out along similar lines. We chose Python because of the availability of an easy to use ast module, and wide adoption of the language itself.

How does it all work?

Before a computer can finally “understand” and execute a piece of code, it goes through a series of complicated transformations:

static analysis workflow

As you can see in the diagram (go ahead, zoom it!), the static analyzers feed on the output of these stages. To be able to better understand the static analysis techniques, let’s look at each of these steps in some more detail:

Scanning

The first thing that a compiler does when trying to understand a piece of code is to break it down into smaller chunks, also known as tokens. Tokens are akin to what words are in a language.

A token might consist of either a single character, like (, or literals (like integers, strings, e.g., 7Bob, etc.), or reserved keywords of that language (e.g, def in Python). Characters which do not contribute towards the semantics of a program, like trailing whitespace, comments, etc. are often discarded by the scanner.

Python provides the tokenize module in its standard library to let you play around with tokens:

Python

1

import io

2

import tokenize

3

4

code = b"color = input('Enter your favourite color: ')"

5

6

for token in tokenize.tokenize(io.BytesIO(code).readline):

7

    print(token)

Python

1

TokenInfo(type=62 (ENCODING),  string='utf-8')

2

TokenInfo(type=1  (NAME),      string='color')

3

TokenInfo(type=54 (OP),        string='=')

4

TokenInfo(type=1  (NAME),      string='input')

5

TokenInfo(type=54 (OP),        string='(')

6

TokenInfo(type=3  (STRING),    string="'Enter your favourite color: '")

7

TokenInfo(type=54 (OP),        string=')')

8

TokenInfo(type=4  (NEWLINE),   string='')

9

TokenInfo(type=0  (ENDMARKER), string='')

(Note that for the sake of readability, I’ve omitted a few columns from the result above — metadata like starting index, ending index, a copy of the line on which a token occurs, etc.)

#code quality #code review #static analysis #static code analysis #code analysis #static analysis tools #code review tips #static code analyzer #static code analysis tool #static analyzer

Wiley  Mayer

Wiley Mayer

1603976400

Infrastructure as Code vs. Infrastructure as Software

Infrastructure as Code has been the hottest trend in cloud-native application development in recent years. By transforming infrastructure management into simple coded runtimes and routines, Infrastructure as Code or IaC allows developers to be more involved in the deployment part of their CI/CD pipelines. Even the most complex cloud infrastructure can be created with several lines of code.

IaC also means that server management, resource provisioning, and even long-term maintenance of complex cloud infrastructures are entirely simplified. Tools like Terraform certainly make maintaining a production environment that is both capable and efficient easy, even when there is no dedicated infrastructure team to handle the associated tasks.

A new trend that we’re seeing right now is further simplification of IaC, mainly known as Infrastructure as Software or IaS. Now that cloud services and the providers behind them are easier to access and control using tools and software, it is not impossible for the entire cloud infrastructure to be provisioned and managed as software libraries.

How does Infrastructure as Code differ from Infrastructure as Software? Which approach is better? We are going to answer these questions, and several others about these two trends, in this article.

IaC and IaS

The two approaches have some stark differences, but we are going to take a closer look at each of them first before we start differentiating the two. Infrastructure as Code is obviously the older approach of the two, and it has been very popular among developers. Using tools designed for managing infrastructure through lines of code, you can either manage the configurations of your cloud infrastructure or manage the provisioning of cloud resources; or both.

Terraform, a popular tool used by millions of developers, applies the second approach. The tool is not just handy for managing multiple configurations and making sure that key infrastructure variables are coded properly; it is also capable of provisioning resources and automating server deployment as needed. Terraform is very extensive in this respect.

Upon close inspection, Infrastructure as Software performs similar⁠—if not the same⁠—tasks using similar tools. You can deploy new server instances or configure the entire architecture using a few lines of codes. You can also automate provisioning and management, and you can still integrate IaS with your existing CI/CD pipelines.

Services that are available today support both approaches in most cases. The tools that fall into these two categories basically use the same API calls and available cloud resources to perform their runtimes, but they take different approaches when it comes to management. That actually brings us to our next point.

IaC vs. IaS

Now that we know how the two approaches are relatively similar, it is time to get the obvious out of the way. Infrastructure as Code and Infrastructure as Software has one huge difference, and that difference lies in the programming languages used by the tools. The easiest way to understand this difference is by comparing Terraform with Pulumi, which is a popular IaS tool.

Terraform requires you to use its native programming language. The HCL language is used for low-level programming. While the language is also used by other tools, the way it is used by Terraform is not always as straightforward as it seems. Terraform also supports JSON syntax but parsing and generating can quickly become bottlenecks as you try to organize massive cloud infrastructure environments.

Pulumi, on the other hand, uses programming languages you are already familiar with. It actually supports many of them, including Python, Go, and JavaScript. Don’t forget that loops and the programming structure of these familiar languages are carried over, so you define your cloud infrastructure the way you code functions in your cloud-native apps.

Since the programming language being used carries its own best practices and things like package management, you can implement the same set of elements into your IaS routine. No need to worry about having difficulties pushing infrastructure modules or doing plenty of adjustments in order for the configuration to be deployed at all.

#blog #code #continuous delivery #continuous integration #ci/cd pipeline #infrastructure as code #infrastructure as software #pulumi #terraform

Samanta  Moore

Samanta Moore

1621137960

Guidelines for Java Code Reviews

Get a jump-start on your next code review session with this list.

Having another pair of eyes scan your code is always useful and helps you spot mistakes before you break production. You need not be an expert to review someone’s code. Some experience with the programming language and a review checklist should help you get started. We’ve put together a list of things you should keep in mind when you’re reviewing Java code. Read on!

1. Follow Java Code Conventions

2. Replace Imperative Code With Lambdas and Streams

3. Beware of the NullPointerException

4. Directly Assigning References From Client Code to a Field

5. Handle Exceptions With Care

#java #code quality #java tutorial #code analysis #code reviews #code review tips #code analysis tools #java tutorial for beginners #java code review

Houston  Sipes

Houston Sipes

1604088000

How to Find the Stinky Parts of Your Code (Part II)

There are more code smells. Let’s keep changing the aromas. We see several symptoms and situations that make us doubt the quality of our development. Let’s look at some possible solutions.

Most of these smells are just hints of something that might be wrong. They are not rigid rules.

This is part II. Part I can be found here.

Code Smell 06 - Too Clever Programmer

The code is difficult to read, there are tricky with names without semantics. Sometimes using language’s accidental complexity.

_Image Source: NeONBRAND on _Unsplash

Problems

  • Readability
  • Maintainability
  • Code Quality
  • Premature Optimization

Solutions

  1. Refactor the code
  2. Use better names

Examples

  • Optimized loops

Exceptions

  • Optimized code for low-level operations.

Sample Code

Wrong

function primeFactors(n){
	  var f = [],  i = 0, d = 2;  

	  for (i = 0; n >= 2; ) {
	     if(n % d == 0){
	       f[i++]=(d); 
	       n /= d;
	    }
	    else{
	      d++;
	    }     
	  }
	  return f;
	}

Right

function primeFactors(numberToFactor){
	  var factors = [], 
	      divisor = 2,
	      remainder = numberToFactor;

	  while(remainder>=2){
	    if(remainder % divisor === 0){
	       factors.push(divisor); 
	       remainder = remainder/ divisor;
	    }
	    else{
	      divisor++;
	    }     
	  }
	  return factors;
	}

Detection

Automatic detection is possible in some languages. Watch some warnings related to complexity, bad names, post increment variables, etc.

#pixel-face #code-smells #clean-code #stinky-code-parts #refactor-legacy-code #refactoring #stinky-code #common-code-smells