Tag: quality

Docker image checks: Quality, security, up-to-dateness, layers and inheritance

Docker images have become the valuta franca in the cloud and container platform world. Although on the path to vendor-neutral standardisation (e.g. with OCI also being in Docker Hub for a year now), developers for now have settled on plain Docker as de-facto standard due to the vast ecosystem of base images and dependency images which speed up the rapid prototyping of complex scalable applications. From a production-grade DevOps perspective, a key concern is then to be assured that the containers used are of high quality, not infected by security vulnerabilities, and still containing the latest features available. In this blog post, a novel approach to visualise the situation around a particular container image is presented.

Continue reading

Introducing the Docker Compose Validator

When cloud application developers are working with docker-compose to combine multiple microservices into a single manageable entity, they can make some easy mistakes. To prevent these mistakes, they can rely on internal validation logic, which however does not catch many of the typical issues. Therefore, researchers at the Service Prototyping Lab at Zurich University of Applied Sciences wrote a dedicated quality check and assessment tool targeting developers, but also students trying to learn the technology, which has a wider range of checks. The DCValidator tool is available as a web application (see demo instance) or command-line interface. This blog post describes how to check that docker-compose files are free of issues.

docker-compose validator Web interface
Continue reading

Reflections on software artefact quality tutorial

Our work in the Service Prototyping Lab at Zurich University of Applied Sciences consists of applied research, prototype development and conveying knowledge to industry. In this context, we have worked hard over the previous two years to gather educational and hands-on material, including our own contributions, for increasingly valuable tutorials. From single lectures to half-day and eventually full-day tutorials, we aim at both technology enthusiasts and experienced engineers who are open for new ideas and sometimes surprising facts. In this reflective blog post, we report on this week’s experience of giving the full-day tutorial on microservice artefact observation and quality assessment.

Continue reading

Summer school on software evolution – Summary

From September 2 to 4, 2019, Tampere University hosted the INFORTE.fi-supported summer school on Software Evolution: From Monolithic to Cloud-Native. The Service Prototyping Lab at Zurich University of Applied Sciences contributed with five lectures (and one coincidental serverless meetup talk) to increase theoretic knowledge and practical skills of Finnish doctoral students and developers on microservices and software engineering for the cloud. All presentations are available online but as usual the slides do not capture discussions and industry relevance, so read on to get to know more about this.

Continue reading

Review of Azure Blockchain meetup

As reported before, we investigate quality characteristics of decentralised applications in analogy to the usual assessment of microservice artefacts. We are happy to report on how we shared the intermediate results at the most recent Azure Blockchain meetup in Zurich, apart from reporting on the event itself.

Continue reading

Quality analysis of dapps: Just like cloud apps?

Looking into a possible post-cloud world, we see mentions of different computing paradigms, many of them based on decentralised structures to overcome scalability and user control limitations. Among them is blockchain-as-a-service (BCaaS or BaaS), mimicking the platform-as-a-service (PaaS) user experience for both application providers and consumers. In PaaS, providers first sign up and subscribe to the platform, then design and build their applications and deploy them to the platform where it is executing either permanently or upon incoming network requests or other event triggers. Additionally, developers may advertise their apps at technology-specific hubs such as AWS SAR or Helm Hub. Consumers then adhere to the application terms, which might require a sign-up at the provider site, before being able to invoke and make use of the application.

Continue reading