Maven Multi-Module Builds with Centralized Version Management

Are you building Java software using a Maven multi-module structure, and using mvn versions:set to update the version-numbers on each release? If so, there is a much better way.

Book Review: Accelerate (Capabilities, Culture and Metrics)

The book “Accelerate: Building and Scaling High Performing Technology Organisations” is best known for its four “DevOps metrics” Lead Time for Change, Deployment Frequency, Mean Time to Restore, and Change Fail Rate. However there is quite a lot of other interesting content in the book too, addressing software development and deployment at mid-to-low management level.

I’ve written up my opinions of the book here (mostly positive), and would be interested in what you think..

OAuth2 and OIDC

I’ve written the occasional OAuth2 client application over the years but never really understood what was going on with client-ids, secrets, grants, scopes, and so forth. However I’m currently involved in a project to migrate a large IT system to using OAuth2 and OpenID Connect, so it is clearly time to learn this stuff properly.

After some long research, I have written an architectural introduction to OAuth2 and OpenID Connect summarizing what I have learned - mainly for myself, but maybe you will find it helpful too. Warning: it is pretty long (17,000 words)!

Learning Kotlin

I’ve finally got around to learning Kotlin, a popular language best known for running on the JVM and competing with Java.

Not only is Kotlin a “better Java”, it is also the recommended language for writing programs for the Android platform. It can also be compiled to Javascript, ie can compete with things like Typescript as a “type-safe language for browser-hosted code”. Interestingly, it is also working on “native” support for compiling to various machine-codes (eg x86, ARM). Most interestingly of all, it is working on compiling to WebAssembly for high-performance cross-platform applications.

My personal notes on Kotlin are available, but they are probably not of interest to anyone but me.

What might be interesting is that I recently converted a demo Spring/JPA program from Java to Kotlin.

  • Java SLOC: 1368
  • Kotlin SLOC: 1075

Change: (1075 - 1368)/1368 = 21% fewer lines of code

That’s not world-changing, but definitely worth having.

In general, I found the Kotlin version of this app easier to read, and less likely to have bugs. Programming was also more fun. I’ll be using Kotlin where possible in the future.

A bunch of stuff - Docker Repos, VPNs, Feature Toggles and Thunderbird

Creating a Demo Database with Postgresql and Docker

A useful discovery I made recently: if you need a relational database for demo or testing purposes, then Postgres publishes a really convenient official Docker image. What it not immediately clear is that this image has a mechanism for running arbitrary SQL scripts on startup - which is great for defining tables.

It is therefore trivial to create an image that others (eg developers or sales) can quickly deploy, that contains not only a database server but also whatever initial schema you need.

Spring Transactions and Exceptions

Question: does the following Java/Spring-Data code actually throw a DuplicateAccount exception when a DB uniqueness constraint is violated?

public Account addAccount(..) throws DuplicateAccount {
  try {
    Account account = ...;
  } catch(DataIntegrityViolationException e) {
    throw new DuplicateAccount();

The answer is - it depends.

Email Validation - SPF, DKIM and DMARC

I run my own email-server - and it is rather a complicated business. For those interested, I have recently documented my research on the topic of email validation using SPF, DKIM and DMARC - or in other words, how to block incoming spam and how to avoid having outgoing email be blocked by others.