-
Smart Screen & EV Code Signing
Recently our QA team started to get “Windows protected your PC” messages from the Windows SmartScreen. They saw that message each time they launch the app I’m working on at the moment. That warning message even didn’t display the Publisher correctly. We were able to make Smart Screen to show Publisher correctly by signing our application by the SHA-256 code signing certificate (we used SHA-1 originally). As for the warning message itself, we had to buy Extended Validation Code Signing Certificate to get rid of it. I want to note that you can keep using signtool.exe to sign binaries. But you can’t do that from the automated build scripts because you have to provide a password. That’s why we had to update our deployment strategy to make this to work. We added manual intervention step (we are using Octopus by the way) which allows us to sign binaries (by running a script and providing password). More details at stackoverflow Also mage.exe didn’t play well with EV Code Signing certificate - it didn’t ask for the password. As a result manifest was not signed correctly. Just in case here’s the warning message we were getting:
…<strong>Windows protected your PC</strong> Windows SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk App: {OurAppName}.exe Publisher: Unknown
-
Front-End development
I did some research lately on ECMAScript 6 and ES6 Module Loader Polyfill and I’m very exited! That’s pretty cool how easy it is to use latest technologies (ES2015 or TypeScript) to develop browser applications and let the tools to transform latest & greatest into the JavaScript understood by the browser. Things such as jspm… that’s all so exiting! …
-
Consul - REST service discovery
If you didn’t hear about Consul I encourage you to read a nice introduction to it. It looks really interesting
- Service Discovery
- Failure Detection
- Multi Datacenter
- Key/Value Storage
-
Sauce labs
Last week I came across a really efficient way on UI testing automation. Just imagine you don’t need anymore to configure all those VMs and devices to test your product! Source Labs allows:
- Automated Cross Browser testing using Selenium for web apps on desktop and mobile browsers
- Automated Mobile testing for native & hybrid mobile apps
- Even Manual testing is possible on over 500 browser and platform configurations
-
Best practices for DevOps, data storage, high availability, and more
Just read Building Cloud Apps with Microsoft Azure. It’s available as a free ebook on Microsoft Virtual Academy. I’d like to say that it was a really interesting reading! In my opinion most of the patterns and ideas described in the book could be (and should be!) applied in on-premises as well. For example
- Octopus allows you to setup a very nice DevOps workflow on-premises.
- In any .NET application you will benefit from using Async/Await approach.
- Any big application should have a good Monitoring and telemetry. I'm personally very happy with Serilog and Metrics.Net
- Using Cache is a great idea for most of the applications. I'm a big fan of Redis
- Dependency Injection is also a must have in most of applications. I like Simple Injector very much.
- Queue-centric work pattern also could be applied in on-premises scenario. You would use RabbitMQ, Redis, Service Broker, etc. for that purpose
-
Service Broker in a nutshell
Lately I was looking into different Queuing Technologies to choose the best fit for the upcoming project. In that post I just want to summarize my finding. I was already familiar with Azure Service Bus and Rabbit MQ. But we didn’t need advanced routing capabilities they both provide, hence I decided to look into alternative solutions. By the way here’s a very nice Service Bus for Windows Server & RabbitMQ comparison. We were already using MS SQL Server to persist the data. So using Service Broker was an appealing choice from the very beginning. Advantages
- Very easy to backup/restore
- Sequential Delivery & Related Messages Locking (plus it allows to access internal Sequence ID & Sequence Number)
- To en-queue message you should have a conversation first. It means you en-queue message into one queue and listen for messages to appear on another queue
- Index fragmentation then Dealing with Large Queues
-
Meteor got Cordova support!
I never mention it on the blog, but I really like Meteor framework it’s a really exciting way to build single page JavaScript application (running on NodeJS).
Meteor is an open-source platform for building top-quality web apps in a fraction of the time, whether you're an expert developer or just getting started https://www.meteor.com/
Today I was really excited to read that they are working on Cordova support. Supported Platform(s)- Android
- iOS
-
Structured Logging
On weekends I was reading latest Technology Radar from Thought Works. It’s really interesting! Some of things they mentioned we are already using here at Compellotech (such as HAL, Angular JS, Nancy, TypeScript, etc.) Others are good not know about, for example Structured Logging. Structured Logging Lately I was thinking on the best approach to enabled monitoring in our distributed system. The goal is to have some universal solution which will allow us to release something in 1 or 2 sprints (we use one week sprint). I did some research and I suppose it’s a way to go for us.
- Allows to enable monitoring in all the components without significant changes
- Allow to setup Alerts for different things (if they appear in the log)
- Allow to search for issues for example by Customer ID. Just imagine you type CustomerID=”777” and you see all the events in the system related to that customer!
…db.log.find( { customerId: “777”, application: “PaymentGateway” } )
-
Command Query Responsibility Segregation (CQRS) pattern
Time flies, it’s more than two years since I discovered CQRS pattern. If it’s first time you hear about CQRS, there is a great A Journey into CQRS talk on Channel 9. Today we are using CQRS actively at Compellotech. We are using it as a high level architecture on some components. In the same time we are using it inside of our systems to make internal design better. The approach we are using is Very similar to the one described by Steven on .NET Junkie. I really encourage you to check his articles out. By the way he’s the author of easy, flexible, and fast dependency injection framework - Simple Injector. …
-
MSSQL Activity Monitoring
At Compellotech we were using Sp_GetWhoIsActive for some time now. It’s VERY convenient for activity monitoring. It was created by very bright guy, but it’s too heavy sometimes (might impact a production performance). So from now on we are using newer query which uses DMO views and does not have any impact on the database performance.
…-- Currently executing batches, with text and wait info SELECT dm_tran_locks.request_session_id, dm_tran_locks.resource_database_id, DB_NAME(dm_tran_locks.resource_database_id) AS dbname, CASE WHEN resource_type = 'OBJECT' THEN OBJECT_NAME(dm_tran_locks.resource_associated_entity_id) ELSE OBJECT_NAME(partitions.OBJECT_ID) END AS ObjectName, partitions.index_id, indexes.name AS index_name, dm_tran_locks.resource_type, dm_tran_locks.resource_description, dm_tran_locks.resource_associated_entity_id, dm_tran_locks.request_mode, dm_tran_locks.request_status FROM sys.dm_tran_locks LEFT JOIN sys.partitions ON partitions.hobt_id = dm_tran_locks.resource_associated_entity_id LEFT JOIN sys.indexes ON indexes.OBJECT_ID = partitions.OBJECT_ID AND indexes.index_id = partitions.index_id WHERE resource_associated_entity_id > 0 AND resource_database_id = DB_ID() ORDER BY request_session_id, resource_associated_entity_id