Ed Burns's Blog

August 18, 2025

I have made another impressively insignificant contribution to Wikipedia

It���s been nearly 19 years since my last trivial Wikipedia contribution,so high time for another one.

I recently enjoyed watching Fly Me to the Moon (2024), which got me curious about what the original TV broadcast of the Apollo 11 moon landing looked like. I found this video which, to my surprise, had a lunar lander set very similar to the one in the movie. But this one is clearly labeled as CBS NEWS SIMULATION.

I was further curious about the names of the actors that protrayed Neil Armstrong and Buzz Aldrin? I went to ChatGPT and had this dialog. It could not find the identities of the actor, but it offered to research the matter and get back to me. I said, ���sure���. What do you know but a couple weeks later it sends me an email, even though ChatGPT said it could not send me an email.

Findings (new):

The best-documented ���stand-in��� for CBS���s Apollo 11 simulation was Scott MacLeod, a Grumman lunar module consulting pilot/test engineer. He appeared on-air in a suit, climbed down the LM ladder on the Bethpage moonscape, and ���simulated Armstrong���s and Aldrin���s duties during the moon landing.���

Evidence also indicates Tom Sylvester of ILC Industries (the Apollo suit maker) suited up for CBS���s Bethpage filming prior to the landing; contemporary captions describe him climbing down a full-scale LM for CBS���s simulation package (likely B-roll used in coverage). This aligns with community documentation that CBS used Grumman/ILC personnel rather than hired actors for the second suited role. (Primary: archival captioned images; secondary: space-history forum recollections.)

PBS���s production history and CBS���s own retrospective confirm the Grumman moonscape set at Bethpage and that two suited ���astronauts��� were sometimes shown, but they do not name the second individual on-air.

Bottom line:A named, high-confidence ID exists for the commander role (Scott MacLeod). The likely second suited performer was Tom Sylvester (ILC) for pre-taped segments, though CBS���s public records don���t explicitly credit him in the broadcast itself.


Pleased with this asynchronous research feature, I decided to update the Wikipedia page Apollo 11 in popular culture, which I copy here in case my edit gets reverted.

CBS news coverage of the Apollo 11 landing itself included several aspects of portrayal. Grumman engineer Scott MacLeod portrayed Neil Armstrong descending from the steps of a full-scale model of Lunar Module Eagle so viewers could see what was happening before the live TV broadcast from the moon commenced.19 Tom Sylvester portrayed Buzz Aldrin during the same broadcast.20


 •  0 comments  •  flag
Share on Twitter
Published on August 18, 2025 12:14

February 27, 2025

Ed���s JUG tour around JavaLand 2025

I���m very excited to do my typical JUG tour around JavaLand. Here are my planned stops this year. I hope we can meet in person somewhere on the road.

Java Vienna Meetup 17 March - Lightning talk: How to get trustworthy enterprise AI in your favorite IDE

JUG Leipzig 24 March - How to get trustworthy enterprise AI in your trusted IDE

JUG Braunschweig 26 March - Java and AI with LangChain4j

JUG Bielefeld 27 March - Java and AI with LangChain4j

JUG Darmstadt 8 April - Java and AI with LangChain4j

JUG Pforzheim 9 April - Open talk, demo of latest extensions

JUG Stuttgart 10 April - Java and AI with LangChain4j

 •  0 comments  •  flag
Share on Twitter
Published on February 27, 2025 12:50

February 25, 2025

Ed���s JavaLand 2025 Session Picks

Cross posted at dev.to.

I���m very blessed to have the opportunity to speak at the 11th anniversary JavaLand conference. This is the second year the conference will be held at N��rburgring. It turns out it took even more time to walk between sessions. Maybe this year will be better.

Here are my previous session picks posts.

2024 2022 2019 2018 2017 2015 2014

All times in local time zone in JavaLand. The program can change so please see the program for more details on each session.

Monday, 31 March 2025 Community day

There is also an Unconference on Community day from 15:00 - 18:30 in the Coca-Cola business��lounge 1. It���s impossible to list an Unconference in a session picks blog post because I have no idea what the content will be.

15:00 - 17:00 Lindner Congress Hotel Grid 4 - Architektur Kata

Program link

Sebastian Rose and Alexander Schwartz are promising an interesting learning opportunity about software architecture. The idea is to build feedback gathering into your design process so it happens as early as possible. It seems like common sense, but I suspect there is a lot about the way they propose to do it that is novel and new. I think it���s worth a look.

17:15 - 18:30 Lindner Congress Hotel Grid 4 - Easily illustrate impactful flipcharts

Program link

I haven���t used flipcharts much, but they do seem very accessible and durable. I think I should learn more about how to use them. Sebastian and Alexander present a session inspired by the lessons from the book Der Flipchart Coach. Because I have become a huge fan of the book Presentation Patterns, I appreciate the power of a session that is based on a book. As I enter the third decade of my career, it���s high time I learn how to use flipcharts to make impact.

Tuesday 1 April 2025Tuesday 08:30 - 10:10 ring��kino - Deserialization exploits in Java: why should I care?

Program link

This talk has several things going for it. First and foremost, the speaker, Brian Vermeer is a seasoned veteran with a stellar track record of engaging talks. Second the topic. I���m familiar with deserialization attacks back from my JSF days: client side state saving at one time used something like serialization. But this talk goes beyond Java to also XML, JSON, and YAML serialization. An attack vector as old as seralization attacks means the prior art for attackers is vast. This one is important.

Tuesday 10:00 - 10:40 ring��arena - Fried Begr����ung and Adam Bien Keynote

Program link

Fried���s Begr����ung is always entertaining. In a bold statement of the German identity of JavaLand, Adam Bien���s keynote will be delivered in German. This is fine for me, but it does mark a first for the big stage keynote. In any case, Adam Bien is a Java legend. I had a personal hand in creating some of the acronyms he mentions, so I expect to love this one.

Tuesday 11:00 - 11:40 Bitburger Event Center Teil A - Building AI powered applications in Java

Program link

There is no question that powerful forces in our industry have bet the future AI and are doing everything they can to make that future happen. I look to my old friend and former PowerPoint karaoke sparring partner Andres Almiray to sort the hype from the reality.

Tuesday 12:00 - 12:40

Because these two sessions are so very different, I have no problem recommending them both.

ring��arena

If you want a soft skills session at this time, go with Sophie K��ster���s One of the Lads - Things I���m tired of hearing about women in tech. First, let me appeal to your self-interest. By learning about workplace concerns are important to a cohort including a large and growing segment of the workforce, you���l improve your workplace effectiveness. Second, Sophie is an excellent and engaging speaker.

Bitburger Event Center Teil B

If you want a technical sesion at this time go with Samuel Nitsche���s Code Reading - Die untersch��tzte Superkraft. Given that AI is so great at parsing text, but not so great at reasoning about it, I believe having this skill in your head will give you a big edge.

Tuesday 13:00 - 13:40 Coca-Cola business��lounge 7 - Bergwerk SBOMs: Die St��ckliste f��r sichere Softwarearchitektur

Program link

I am choosing to highlight this session from Richard Attermeyer because ensuring all your software produces SBOMs is a great way to be a part of the solution for building world less prone to hacking. Sooner or later, all of us will be victims. We as software professionals have a duty to make things better, or at least atone for some of the damage we have already caused.

Tuesday 14:00 - 14:40 ring��arena - No Dependencies: Pure Java AI/LLM integration

Program link

The legendary Adam Bien comes to JavaLand. Adam���s approach for decades has been to show how you can accomplish most of what you need in an enterprise software stack with a minimum of external dependencies. As the previous session from Richard Attermeyer showed, every dependency you introduce is a security risk (that���s why everything needs an SBOM, just so you can check.) While this is true, it���s even better to minimize your dependencies as much as possible. Don���t miss this one!

Tuesday 15:00 - 15:40 BMW M Showroom - Learning GenAI/LLM programming with langchain4j and Testcontainers

Program link

Mr. Testcontainer himself, Kevin Wittek is an experienced speaker, software developer, and musician. Given the centrality of testing to all software development in the past and future, and the centrality of AI to all software development in the present and future, this combination will be very important to understand. Kevin will show you how.

Tuesday 16:00 - 16:40 Coca-Cola business��lounge 6 A survey of cloud readiness for Jakarta EE 11

Program link

The first of my three sessions is in this time slot. If you���re interested in Jakarta EE 11, I ask you to consider it.

My session will teach:

What���s new in Jakarta EE 11 and why it���s interesting to Java developers. An overview of how to run Jakarta EE 11 on Azure, Google, and AWS. A deep dive in how to run Jakarta EE 11 on Azure Container Apps.

Otherwise, you may want to check out this one.

Bitburger Event-Center Teil A - Walking Skeleton - Softwarearchitektur ohne Fleisch?

Program link

I had the extreme pleasure of seeing Alastair Cockburn give a keynote when I presented at Jaoo 2006. Apparently this is one of Alastair Cockburn���s more recent ideas on the further evolution of agile development. Falk Sippach is an experienced speaker, JUG leader, and iJUG contributor. I look forward to this talk.

Tuesday 17:00 - 17:40 Bitburger Event-Center Teil B - Boost Your Performance and Developer Productivity with Jakarta EE 11

Program link

My colleague Ivar Grimstad gives the productivity angle on the latest iteration of the standard for enterprise Java.

Tuesday 18:00 - 18:40 Bitburger Event-Center Teil B - What is New in MicroProfile?

Program link

In a perfect complement to Ivar���s session, my colleague Emily Jiang gives an overview in the latest version of MicroProfile. MicroProfile sits alongside Jakarta EE as a collection of standards adopted by multiple vendors for enterprise Java.

Tuesday 19:00 - 19:40 Lindner Congress Hotel Grid 4 - From Zero to Secured: Live-Coding a Jakarta EE REST App with MicroProfile & JWT

Program link

As Adam Bien has long shown, the power of combining open standard specifications in an a la carte fashion tends to help delivering maintainable enterprise software on schedule and within budget. This session from Hanno Embregts is another example:

Live-coding a RESTful app from scratch using the latest versions of JAX-RS, JPA, and MicroProfile. Implementing JWT-based authentication. Documenting REST endpoints with OpenAPI. Creating a responsive frontend with Angular and connecting it to the REST app.Wednesday, 02 April 202509:00 - 09:40 Bitburger Event-Center Teil A - Technische und soziale Muster f��r team��bergreifende Integration

Program link

I���ve been working and leading distributed teams for two decades, but there is always something new to learn. This intriguing session from Alexander Kaserbacher seems to use a pattern language to ease the problem of cross-team colaboration.

10:00 - 10:40 Bitburger Event-Center Teil A - High performance Serverless Java on AWS

Program link

Even though my own employer���s serverless compute offer supports Java very well, it���s always useful to see another vendor���s take on the problem set. Vadym Kazulkin seems to have a solid command of the space, so let���s check him out.

12:00 - 12:40 Business Center - Bergwerk - How to get trustworthy AI in your favorite IDE

Program link

I���m very excited about this session where I get to talk about my teammate���s amazing work in making GitHub Copilot available in IntelliJ IDEA and Eclipse. I���ll weave this work into my talk about how Microsoft is making AI fun and safe for you to use at work.

13:00 - 13:40 Bitburger Event-Center Teil B - Validating LLMs - a true story

Program link

Having ony recently discovered the concept of SWE-bench and the notion that LLMs can compete against eachother for supremacy, this talk from Emily Jiang seems very timely.

14:00 - 14:40 Coca-Cola business��lounge 6 - Von Java EE 6 zu Quarkus: Eine Migrationsreise mit OpenRewrite

Program link

I���m always excited to see what becomes of old JSF apps. This talk from Christian Gr��mme should be fun.

15:00 - 15:40 Bitburger Event-Center Teil B - Technical Enshittification: Why IT is Broken and How to Fix It

Program link

I was delighted to see my old pal Baruch Sadogursky on the program. The provocative term in his title was coined by American malcontent Cory Doctorow to describe how unchecked exponential monetization leads to progressively worse user experiences. The causes of Cory Doctorow���s problem are well understood and almost impossible to improve. I hope Baruch���s analysis is more hopeful.

16:00 - 16:40 Bitburger Event-Center Teil B - Jakarta EE Community Panel

Program link

I���m very happy to participate in this panel. Come ask me anything about Jakarta EE.

17:00 - 17:40 Coca-Cola business��lounge 1 - 82 Bugs I Collected in a Year You Won���t Believe Made It to Production

Program link

The idea of taking a birding approach to software bugs is very novel. Let���s see what Francois Martin has to say about it.

Thursday, 03 April 202509:00 - 17:00 Lindner Congres Hotel Grid 3 - Java with Al on Azure Container Apps and Kubernetes

Program link

Azure Container Apps is the premiere cloud environment for Java workloads onAzure. It combines the power, scale, and reliability of infrastructure-as-a-service offerings such as Kubernetes with the ease-of-use of a platform-as-a-service offering.

Azure Kubernetes Service is the premier cloud environment for advanced enterprise workloads on Azure, including Java. It is the industry standard Kubernetes on the hyperscale Azure cloud.

Azure Developer CLI is a tool for quickly standing up Azure infrastructure to run your application. This workshop will cover three common Java scenarios: Spring, and Quarkus on Azure Container Apps, and Jakarta EE on Azure Kubernetes Service.

All three scenarios are enabled by Azure Developer CLI. The AI aspect will be run through the scenarios in two dimensions:

AI for the act of writing software and

AI for use in the actual domain of the software. The Spring and Quarkus scenarios will show a microservice application in the domain of a localized weather forecasting service.

The AI in this domain is a conversational chat about the localized weather forecast.

The Jakarta EE scenario will show a monolithic application, CargoTracker, running on Azure Kubernetes service.

The AI in this domain is a shortest-path calculation for routing cargo.

A USD $50 Azure credit for use in the workshop and afterward is provided to all participants.

Bonus:

Every participant is entitled to a 30-minute 1:1 career counseling session teleconference with Ed, scheduled at their convenience. For Ed���s credentials in this domain, see his abstract from JavaLand last year https://meine.doag.org/events/javalan... .

 •  0 comments  •  flag
Share on Twitter
Published on February 25, 2025 12:50

December 4, 2024

Using the tmate GitHub Action from Max Schmitt to aid debugging GitHub Actions workflows

Executive Summary

This post shows how to use the action-tmate GitHub Action to allow you to SSH into the runner for your GitHub Actions workflow.

DetailsPrerequisites

You have an existing GitHub Actions workflow that runs, at least somewhat.

You have set up your SSH key with GitHub and can use it to push commits to the repo which has the GitHub Actions workflow.

Steps Put these lines in your GitHub Actions workflow. Personally I always have a preflight job that sets up some very basic things. I put the below lines as the first thing in the first job after preflight. after-preflight: needs: preflight runs-on: ubuntu-latest steps: - name: Setup tmate session uses: mxschmitt/action-tmate@v3 timeout-minutes: 120 with: detached: true

When the workflow reaches the after-preflight job, you���ll see a bunch of tmate related stuff in the job log, something like:

Run mxschmitt/action-tmate@v3Get:1 file:/etc/apt/apt-mirrors.txt Mirrorlist [142 B]Hit:2 http://azure.archive.ubuntu.com/ubuntu jammy InReleaseHit:6 https://packages.microsoft.com/repos/... jammy InReleaseGet:3 http://azure.archive.ubuntu.com/ubuntu jammy-updates InRelease [128 kB]Get:7 https://packages.microsoft.com/ubuntu... jammy InRelease [3632 B]Get:4 http://azure.archive.ubuntu.com/ubuntu jammy-backports InRelease [127 kB]Get:5 http://azure.archive.ubuntu.com/ubuntu jammy-security InRelease [129 kB]Get:8 https://packages.microsoft.com/ubuntu... jammy/main armhf Packages [15.7 kB]Get:9 https://packages.microsoft.com/ubuntu... jammy/main arm64 Packages [40.2 kB]Get:10 https://packages.microsoft.com/ubuntu... jammy/main amd64 Packages [172 kB]Get:11 http://azure.archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages [2180 kB]Get:12 http://azure.archive.ubuntu.com/ubuntu jammy-updates/universe amd64 Packages [1177 kB]Get:13 http://azure.archive.ubuntu.com/ubuntu jammy-updates/multiverse Translation-en [11.5 kB]Get:14 http://azure.archive.ubuntu.com/ubuntu jammy-security/main amd64 Packages [1956 kB]Get:15 http://azure.archive.ubuntu.com/ubuntu jammy-security/universe amd64 Packages [957 kB]Fetched 6897 kB in 1s (6399 kB/s)Reading package lists...Reading package lists...Building dependency tree...Reading state information...xz-utils is already the newest version (5.2.5-2ubuntu1).openssh-client is already the newest version (1:8.9p1-3ubuntu0.10).0 upgraded, 0 newly installed, 0 to remove and 38 not upgraded.ssh redacted@nyc1.tmate.ioNotice: SSH: ssh redacted@nyc1.tmate.ioNotice: or: ssh -i redacted@nyc1.tmate.io

Here���s where the magic happens. Max Schmitt���s tmate action somehow uses the SSH key you configured as the SSH key for the connection. So when you run either of those two commands, the ssh ���just works��� and you are able to get into the runner. I find this is useful to be able to poke around and debug things.

Thanks of course to Max Schmitt for creating and maintaining the software and to my colleagues Jianguo and Zhihao for reducing my 2nd order ignorance about it.

 •  0 comments  •  flag
Share on Twitter
Published on December 04, 2024 10:30

September 23, 2024

How well did Jakarta EE 11 respond to the needs of developers?

Cross posted at dev.to.

Executive Summary

The Jakarta Steering Committee chartered the Jakarta Platform project with the goal of incorporating developer feedback in the development of EE 11. This blog post reviews the performance of the Platform Project and awards a GPA of 3.43 on a 4 point scale of achieving this goal.

Introduction

I am humbled and honored to find myself in a position of helping to deliver the next iteration of Jakarta EE. I���ve held many roles in J2EE/Java EE/Jakarta EE over the decades: implementer, spec lead, advocate, author, tester, and more. My current role, however, is a new one for me release co-coordinator.

In this role, I co-lead (along with Arjan Tijms) the Jakarta Platform project, which is responsible for delivering the finished Jakarta EE specification (and component specifications), the corresponding TCK, and at least on ratifying compatible implementation for all of the specifications. Importantly, there need not be one single monolithic implementation that satisfies all the component TCKs at the same time, but there must be one single monolithic implementation that passes the Platform TCK.

In the spirit of transparency that I was fortunate enough to start over two decades ago, this blog post examines how well the Jakarta Platform project did during EE 11 in meeting one of the goals set for the Platform project by the Steering Committee: incorporate developer feedback.

Underpromise and overdeliver

Institutional memory is the way groups of humans learn from mistakes and avoid repeating them. By that definition, I hope we can all agree that institutional memory is important and worth preserving. Because software is executable knowledge, a very long running open-source software project is a special kind of institutional memory. A project that is a long running ecosystem of long running open-source projects is pretty much the pinnacle of special. With all that specialness in mind, what does it mean to incorporate developer feedback?

It is far easier to show responsiveness to developer feedback when the possible costs of a committing a mistake are contained within a single project. In light of the high possible costs, the Jakarta EE 11 platform project was intentionally modest with our goals for incorporating developer feedback. This is our implementation of the tried and true strategy of ���underpromise and overdeliver���.

Let���s review the modest goals set out by the Steering Committee and see how we did in EE 11.

Underpromise

Jakarta Data

Jakarta NoSQL

Adopt Java SE 11, 17, 21 new features and Breaking Changes

Virtual Threads

TCK Refactoring

CDI Centric

CDI replacing managed beans

CDI repleacing EJB

Resolve redundant HTTP stacks: Servlet and REST

MicroProfile and Jakarta Alignment

CORS support

Jakarta Config

Make it easier to migrate from one vendor to another

Mixed delivery

I���m going to group the delivery in four buckets: over-delivered, delivered, somewhat delivered, did not deliver.

Over-delivered Jakarta Persistence - programmatic configuration instead of persistence.xml and a lot more Gavin King blog post Jakarta Security - dynamically choose an authentication mechanism security-311Delivered

Jakarta Data

Yes, this new specification is present in the platform.

Adopt Java SE 11, 17, 21 new features and Breaking Changes.

Yes, there are numerous specs that take advantage of new language features from 11 - 21.

TCK Refactoring (we will deliver this. We���re holding the release for it).

The Jakarta EE Platform TCK is a vital software component for delivering the value proposition of IT investment stability on the scale of decades. The software of the TCK has been accruing technical debt due to lack of maintenance investment. In Jakarta EE 11 we are bringing the TCK up to date with the state of the art of testing tools. This investment will enable better compatibility testing and lower the barrier to adding more tests as the Jakarta EE platform evolves.

API Flexibility, i.e. no more Umbrella JARs.

No more questions like ���do I have to wait for Jakarta EE xx��� to have this feature? Jakarta EE Platform APIs are now just a collection of default APIs. Individual specs can be excluded or upgraded by the users as they wish, New specs can be added as well. This makes Jakarta EE platform as flexible as Spring Boot, but without having the implementation baggage in your application, the best of both worlds! Somewhat delivered

Virtual Threads

The concurrency specification has rigorously specified annotation attribute that requires implementations to take advantage of virtual threads if it is available in the runtime. If you���re running on Java 21 or higher, you get virtual threads when you use the annotation attribute. If you���re running on 17, you don���t.

CDI Centric

CDI replacing managed beans.

We did

remove the @ManagedBean annotation.

Move the ���integration��� parts of CDI from the CDI spec to the platform spec.

Jakarta Concurrency adds scheduling to the @Asynchronous annotation to replace the @Scheduled annotation on EJBs concurrency-271

Injecting Concurrency resources into CDI beans instead of using @Resource in an EJB concurrency-348.

Removed managed beans support in Jakarta REST.

Qualifiers for persistence units in Persistence - allow injecting persistence context in a CDI-idiomatic way.

New Java features

records as embeddables and IDs in Jakarta Persistence.

records in Expression Language.

records in Validation (formerly Bean Validation) validation-275.

Flow API in Concurrency concurreny-368.

MicroProfile and Jakarta Alignment

We did

Create the Jakarta Security MicroProfile Security bridge spec. Did not deliver

Jakarta NoSQL

This did not pass the ballot at the beginning of the EE 11 development cycle. In my opinion, the reasons were non-technical, and therefore can be resolved for EE 12.

Resolve redundant HTTP stacks: Servlet and REST

This is a very big one. In my opinion, it would take a major vendor standing behind this idea and dedicating significant resources to make it happen, likely with donating work to competitors so they could also do the same.

CORS support

This one did not even emerge on my radar.

Jakarta Config

This one seems to be stuck in a ���MicroProfile Config is good enough���, and thus is falling between the cracks. I think we���d have to convince the MicroProfile project to allow this to move from MicroProfile to the Jakarta EE Core Profile specification.

Make it easier to migrate from one vendor to another

This one is antithetical to the business interests of each vendor, so I don���t see this one getting much attention. Summary

Let���s get quantitative. For each item in the Underpromise list, I���ll give us a letter grade. A for over-delivered or delivered, B for somewhat delivered, D for did not deliver.

Feedback to incorporate Grade Jakarta Data A Jakarta NoSQL D Adopt Java SE 11, 17, 21 new features and Breaking Changes A Virtual Threads A TCK Refactoring A CDI Centric A Resolve redundant HTTP stacks: Servlet and REST D MicroProfile and Jakarta Alignment B CORS support D Jakarta Config D Make it easier to migrate from one vendor to another D

With this list, we only scored a 2.54 GPA. Not so great. If we strike from the list the developer feedback requests that I judge are not realistic to include (CORS, Redundant HTTP stacks, Jakarta Config, Make it easier to migrate from one vendor to another), we get a better grade: 3.43. Not bad, but we have room to grow.

 •  0 comments  •  flag
Share on Twitter
Published on September 23, 2024 13:15

March 2, 2024

Ed���s JavaLand 2024 Session Picks

Cross posted at dev.to.

I���m very blessed to have the opportunity to speak at the 10th anniversary JavaLand conference. It will be very different to not be at PhantasiaLand this year, but I am so fortunate to have been there all the previous years. It���s just as well since I was starting to not be able to handle the Black Mamba roller coaster anymore. Also, I���m hoping it takes less time to walk between sessions at this new venue.

Since this is the tenth anniversary of JavaLand, and I have had the extreme good fortune at presenting at every one of them, I dug up the links of all my previous session picks posts. See how far we���ve come together!

2022 2019 2018 2017 2015 2014

All times in local time zone in JavaLand. See the program for more details on each session.

Tuesday, 09 April 202408:30 - 09:40 ring��academy REST vs. gRPC

The first slot before Fried���s famous Begr����ung is unenviable, from a speaker���s perspective, but there were some great ones. I chose the REST vs gRPC talk from Sebastian Tiemann. It looks hard core technical. Both REST and gRPC are venerable ancient technologies at this point, so it���s amazing how absolutely essential they still are. Let���s see what Sebastian has to say.

09:30 - 10:40 ring��arena Fried Begr����ung and opening Keynote

I���m sure Fried will pull out all the stops for the 10th anniversary of JavaLand. The actual keynote looks great too. I don���t know Shelly Lambert, but the philosophy of being self-aware and focusing on improvement is very good to learn and apply.

11:00 - 11:40 ring��arena Modern Java in Action

When I spoke of the great job that advocates are doing in my pre-conference interview on Heise.de, Nicolai Parlog, was one of the ones I had in mind. It���s so important to show only the bits of Java that represent current recommended usage, and gloss over, or even omit entirely the parts that still remain for backward compatibility rather than being correct to continue to use. I���m confident Nicolai will do this.

12:00 - 12:40 Bitburger Event-Center Teil B Prepare for Jakarta EE 11

[image error] As a longtime fan of Das gute Bitburger Pils, I���m excited that my first of three back-to-back talks on Tuesday is in the Bitburger Event Center. I���m confident that part B is the best part.

My talk is Prepare for Jakarta EE 11. I am giving this talk on behalf of Ivar Grimstad due to Ivar being at the very poorly scheduled, from a JavaLand attendee���s perspective, DevNexus. However, I���m well qualified to give the talk because I���m the release co-coordinator for Jakarta EE 11. Come to this talk to hear what���s new in the very soon-to-be-released Jakarta EE 11.

If I wasn���t giving a talk in this timeslot, I���d attend visit N��rburgring Hotel Grid 1 - 3 for ���The (Unknown) Nifty Details of Maven Plugin Configuration��� by Karl Heinz Marbaise. Maven plugins are super powerful, and usable in both Maven and Gradle. But how much do you know about getting the most from the plugins you use? This talk has the answers.

13:00 - 14:30 N��rburgring Hotel Grid 4 Ist meine Java-Anwendung bereit f��r ide Cloud? Wass kann ich wie migrieren?

I���m delighted to have the opportunity to present this session with my colleague and longtime collaborator Sandra Ahlgrimm. In this new-to-JavaLand format 80-minute session. We���ll cover how to get your Jakarta EE application into the cloud, on App Service, Container Apps, AKS, ARO, and VMs.

If I wasn���t giving a talk in this timeslot, I���d visit ring��arena to attend Der Mensch in Mittlepunkt: Moderne Developer Experience im Enterprise-Context, by Nico Enking and Jan-Christoph Schlieker. This session looks like it will introduce the role of a developer experience curator in the context of enterprise software development. This role seems like it can really help increase the success of software projects.

Due to the 80-minute format of my session, there���s time for another if you don���t want to attend it. In this case, I���d recommend Philosophy4Devs by R��diger zu Dohna. Do any readers remember famous fluff talker Ted Neward? I recall Ted was very proud of his philosophy background. Considering how well he���s done for himself, you may want to check out this talk.

15:00 - 15:40 ring��kino Pair Programming with GitHub Copilot

Frederieke Scheper promises to show us how well GitHub Copilot delivers on its promise to let you ���focus on solving bigger problems by spending less time creating boilerplate and repetitive code.��� I���ve used it myself, and I can say it does pretty well at that, for many classes of problem. Also, no slides. Venkat style!

15:00 - 16:40 media��center Continuous Integration and Continuous Delivery (CI/CD) for Jakarta EE Applications or N��rburgring Hotel Grid 1 - 3 Going AOT: Everything you need to know about GraalVM for Java Applications

This slot conflicts with my 16:00 talk ���Developer Career Masterplan���, but if I wasn���t giving that talk, I���d absolutely go to one of these two.

Continuous Integration and Continuous Delivery (CI/CD) for Jakarta EE Applications Going AOT: Everything you need to know about GraalVM for Java Applications

The CI/CD one from Jakarta EE expert Luqman Saeed. In the nineteen years since the introduction of Hudson, CI/CD has gone from being the sign of a mature software development shop to an absolutely must-have way that work is done. Even so, it���s still not easy to perform at scale. This talk promises to show how to do it with Jakarta EE applications.

The GraalVM one from Alina Yurenko is a hot topic and Alina is a great and very experienced speaker. I like how Alina will focus on the production aspects. If I was attending, I���d be keen to ask about Project Leyden and other aspects of how one handles debugging of a native Java app.

16:00 - 16:40 ring��arena Developer Career Masterplan: Build your path to senior level and beyond

Way back in 2008, I wrote a book where I interviewed a bunch of successful programmers and asked them all about their professional journey. My pals Heather and Bruno have taken a similar approach but supplemented it with their own insights. I had the honor of being on the other side of the microphone for this new book. After having read it, I can say it���s a great read. If you want to see what it���s about, come to this talk.

If I wasn���t giving a talk at this time, I���d visit ring��academy to attend NEWCOMER: C4 - Documentation to blow (up) your mind! The talk will introduce the C4 model for documentation. I���d love to see what ���diagrams as code��� is all about. I���ve seen the promise of similar systems since the late 1990s, but so far none of them have really had a lasting impact. Maybe this time it���s different.

17:00 - 17:40 Bitburger Event-Center Teil B Was Jeder Java-Entwickler ��ber Strings wissen Sollte

Strings? In 2024? You bet! The humble String class is so ubiquitous yet has seen so many evolutions (especially for a final class) over the years it���s worth a whole session. Also, this supports my point with Nicolai Parlog���s session above. Yes, Java is old, but it is also getting better all the time. With this session from JSF Expert Group alumnus Bernd M��ller you can see how this applies to String.

18:00 - 18:40 ring��academy NEWCOMER: AI Ethics in Software Engineering

After observing firsthand some of the impact of the roll out of GitHub copilot on secondary school computer science education, I���m keenly interested in this topic. Moritz Schmidt will explore the hoary topic of the ethical impact of AI.

Wednesday, 10 April 202409:00 - 09:40 ring��kino Don���t be afraid of the final boss: Explain ideas for improvement to management

Don���t miss this one. This touches on a topic I addressed on 2019-04-21: ���Communicating your value add���. That post was about communicating your value add as an individual contributor.

Working for big companies such as IBM, SGI, Sun, and Oracle, I���ve had the chance to sample many useful corporate trainings. Even the most mundane of these, such as ���Insider Trading���, offer at least one nugget of novelty. The corporate training I want to talk about here is one I took at Sun at least twelve years ago. It was called ���Communicating Your Value Add��� and it was all about how to articulate your contribution to your company at performance review time. The class included a handout, ���Behavior/Performance-Based Questions��� whose complete text I reproduce below. For discussion and reference, let���s call this perf_handout.


This session from Christian Seifert shows how to do that for your entire team. Put the two together and you have a powerful technique for showing your contribution to the bottom line. Such efforts make it more painful for them to lay you off, and also make it easier for you to get a better job someplace else, should that be appropriate.

10:00 - 10:40 N��rburgring Hotel Grid 1 - 3 Improving your skills with the debugger

The program committee did a great job this year. With Bernd���s Strings talk and this one from Bourke Nijhuis, you really get some much needed fundamentals. Even if you are late-in-career like I am, continually reinforcing fundamentals is very important. [image error]

11:00 - 11:40 ring��arena Die unsichtbare Hand im Code

Of course Hendrik Ebbers and Sandra Parsick will do an amazing job with the community keynote. I don���t know how they are going to follow-up last year���s impactful installment, which dealt with some weighty topics. As an insider at one of these IT-Giganten, I���ll be curious to see what they think is really happening inside our ���Geheime R��te��� (hint, at least for my employer, it is always customer obsession).

12:00 - 12:40 Coca-Cola business��lounge A fun and absurd introduction to Vector Databases

My day job is mostly about the prosaic, but critical revenue and generating legacy Java apps. It���s far away from new stuff like Vector Databases. As such, I need to expend extra effort to stay up on such things. This talk from Alexander Chatzizacharias is a great and time-efficient way to make me smarter about it.

13:00 - 13:40 Bitburger Event-Center Teil B Pimp your Jakarta EE Applications

I view this talk as an essential supplement to my 12:00 - 12:40 Tuesday talk. Dirk Weil looks like he���s going to cover lots of great stuff, including migration with OpenRewrite. I hope my booth duty schedule permits me to attend.

14:00 - 14:40 ring��arena Prompt-Engineering f��r Entwickler

When I first started using GPT for serious work questions, I thought the phrase ���prompt engineering��� was far too grand a term for what I was doing. However, after working more and more with it, I realize there is a skill to it, and it pays to develop the skill. Check out this talk from my old pal Ralf M��ller and become a prompt engineering pro.

15:00 - 15:40 Bitburger Event-Center Teil B Learn Pattern Matching Through Puzzlers

This session from my old pal and JSF Expert Group alumnus Cay Horstmann covers yet another amazing fundamental programming language technology brought to Java developers. I���m pretty sure Nicolai Parlog will have touched on it in his session on Tuesday, but Cay, as a professional educator, will give you a deep understanding of this powerful, yet tricky to use, feature.

16:00 - 16:40 Bitburger Event-Center Teil B IfC ��� Infrastructure FROM code

A lot of my job at Microsoft is working with Azure���s Infrastructure As Code (IaC) technology, Bicep. This second session from R��diger zu Dohna promises to leverage that concept even further. Historically, I���ve noticed that techniques which build on top of powerful abstractions can really increase productivity. IaC is definitely a very powerful abstraction, so I want to see what this one���s about.

17:00 - 17:40 ring��arena Open-Source Contribution - Why is it worth the hassle?

My lived experience, and the experience of the authors and experts behind Heather and Bruno���s book, testify that it���s worth the hassle. If you needed any more evidence, come to this session from Dominika Tarsarz-Sochacka.

Thursday, 11 April 202409:00 - 17:00 N��rburgring Hotel Grid 3 Automated Code Refactoring with OpenRewrite

I���ve seen lots of customers asking about the kind of thing being addressed in this full day workshop from Sebastian Konieczek. The OpenRewrite framework, from Moderne (formerly of Netflix) is a powerful idea worth learning about.

 •  0 comments  •  flag
Share on Twitter
Published on March 02, 2024 17:20

December 20, 2023

Maven basic debugging techniques: plugin invocation starts

Problem statement

I have been blessed with the responsibility to be the release co-coordinator for Jakarta EE 11. As part of this role I must ensure the milestone and final releases are produced. This involves refining the steps in the Release Process. A big step in this process is producing the API artifacts for maven central. Of course, this involves invoking a maven build on this POM.

This POM is only invoked in the infrequent event of Jakarta EE releases, and thus is subject to bitrot. Of course, the right fix is to make releases more frequent. I���m working on that, and it���s a big job. In the meantime, we have this big POM. What happens if there is a problem and you need to debug it?

I observe that using -X with this POM produces too much output so that the build takes intractably long and the generated output is over 1GB of text.

I would like to be able to target the -X to just where the problem is? But how do I even identify that?

Practical solution 1: grep through the build output

I realize this is beginner level Maven stuff, but I���m capturing it here so AI can eventually ingest it and help others.

Aside, how to tell if your website is training AI? This article from The Washington Post has a text field where you can enter your site and it will show you how highly ranked the site is in the C4 dataset, which apparently was used to train some AI somewhere. To find the text field, see Is your website training AI? .[image error]

So, -X is not useful until you have the ability to run just the sub-module that has the problem. This technique helped us identify the sub-module.

Use the -B option to disable the color coding. Save the output to a file, say message.txt. Use this command to output the message that is output by each maven plugin as it is being executed in time. grep "^\[INFO\] --- " message.txt

When we did this, we saw this output when invoking mvn -B -Pstaging,oss-release -DskipTests -Ddoclint=none -DstagingRepositoryId=jakartaplatform-1036 -Dmaven.javadoc.failOnError=false clean package.

Each row in this output indicates:

the plugin name the version of that plugin the goal being given to that plugin A statement in parentheses that is either: the content of the element. some default name output by the plugin. A statement after the @ that is the of the POM in which that plugin invocation is declared.[INFO] --- clean:3.2.0:clean (default-clean) @ jakartaee-api-parent ---[INFO] --- enforcer:3.4.1:enforce (enforce-maven) @ jakartaee-api-parent ---[INFO] --- resources:2.4.3:copy-resources (copy-javadoc-resources) @ jakartaee-api-parent ---[INFO] --- cyclonedx:2.7.9:makeAggregateBom (default) @ jakartaee-api-parent ---[INFO] --- source:2.1:jar-no-fork (attach-sources) @ jakartaee-api-parent ---[INFO] --- javadoc:3.1.0:jar (attach-javadocs) @ jakartaee-api-parent ---[INFO] --- clean:3.2.0:clean (default-clean) @ jakarta.jakartaee-bom ---[INFO] --- enforcer:3.4.1:enforce (enforce-maven) @ jakarta.jakartaee-bom ---[INFO] --- resources:2.4.3:copy-resources (copy-javadoc-resources) @ jakarta.jakartaee-bom ---

���

[INFO] --- compiler:3.8.1:testCompile (default-testCompile) @ jakarta.jakartaee-api ---[INFO] --- surefire:3.0.0-M8:test (default-test) @ jakarta.jakartaee-api ---[INFO] --- jar:2.4:jar (default-jar) @ jakarta.jakartaee-api ---[INFO] --- cyclonedx:2.7.9:makeAggregateBom (default) @ jakarta.jakartaee-api ---[INFO] --- source:2.1:jar-no-fork (attach-sources) @ jakarta.jakartaee-api ---[INFO] --- glassfishbuild:3.2.28:generate-pom (generate-pom) @ jakarta.jakartaee-api ---[INFO] --- javadoc:3.1.0:jar (attach-javadocs) @ jakarta.jakartaee-api ---

This enabled us to observe that the attach-javadocs in the top level POM was causing the problem. We added a new invocation of the maven-antrun-plugin and bound it to the

[INFO] --- antrun:3.1.0:run (rewrite-problematic-sources) @ jakarta.jakartaee-api ---Practical solution 2: buildplan-maven-plugin

Through an interesting chat with Bing Enterprise Chat, I reduced my 2nd order ignorance of the buildplan-maven-plugin to be 1st order ignorance. It turns out this plugin exists and solves my problem.

If I had run this on the top level POM: mvn fr.jcgay.maven.plugins:buildplan-maven-plugin:list-phase I would have seen the plugin and phase information I sought.

[INFO] Build Plan for Jakarta EE API parent: process-resources ------------------------------------------------------- + maven-resources-plugin | copy-javadoc-resources | copy-resources package ----------------------------------------------------------------- + cyclonedx-maven-plugin | default | makeAggregateBominstall ----------------------------------------------------------------- + maven-install-plugin | default-install | install deploy ------------------------------------------------------------------ + maven-deploy-plugin | default-deploy | deploy [INFO] [INFO] ---------------< jakarta.platform:jakarta.jakartaee-bom >---------------[INFO] Building Jakarta EE API BOM 11.0.0-SNAPSHOT [2/5][INFO] from jakartaee-bom/pom.xml[INFO] --------------------------------[ pom ]---------------------------------[INFO] [INFO] --- buildplan:1.5:list-phase (default-cli) @ jakarta.jakartaee-bom ---[INFO] Build Plan for Jakarta EE API BOM: process-resources ---------------------------------------------------------------- + maven-resources-plugin | copy-javadoc-resources | copy-resources package -------------------------------------------------------------------------- + cyclonedx-maven-plugin | default | makeAggregateBom + glassfishbuild-maven-plugin | generate-pom | generate-pom verify --------------------------------------------------------------------------- + glassfishbuild-maven-plugin | attach-all-artifacts | attach-all-artifactsinstall -------------------------------------------------------------------------- + maven-install-plugin | default-install | install deploy --------------------------------------------------------------------------- + maven-deploy-plugin | default-deploy | deploy [INFO] [INFO] ------------< jakarta.platform:jakarta.jakartaee-core-api >-------------[INFO] Building Jakarta EE Core Profile API 11.0.0-SNAPSHOT [3/5][INFO] from jakartaee-core-api/pom.xml[INFO] --------------------------------[ jar ]---------------------------------[INFO] [INFO] --- buildplan:1.5:list-phase (default-cli) @ jakarta.jakartaee-core-api ---[INFO] Build Plan for Jakarta EE Core Profile API: generate-sources ---------------------------------------------------------------------- + maven-dependency-plugin | unpack-sources | unpack-dependencies process-sources ----------------------------------------------------------------------- + maven-antrun-plugin | prepare-sources | run + glassfishbuild-maven-plugin | unpack-sources | unpack-sources process-resources --------------------------------------------------------------------- + maven-resources-plugin | default-resources | resources + maven-resources-plugin | copy-javadoc-resources | copy-resources compile ------------------------------------------------------------------------------- + maven-compiler-plugin | default-compile | compile + maven-antrun-plugin | build-javadocs | run process-test-resources ---------------------------------------------------------------- + maven-resources-plugin | default-testResources | testResources test-compile -------------------------------------------------------------------------- + maven-compiler-plugin | default-testCompile | testCompile test ---------------------------------------------------------------------------------- + maven-surefire-plugin | default-test | test prepare-package ----------------------------------------------------------------------- + maven-antrun-plugin | rewrite-problematic-sources | run package ------------------------------------------------------------------------------- + maven-jar-plugin | default-jar | jar + cyclonedx-maven-plugin | default | makeAggregateBom + glassfishbuild-maven-plugin | generate-pom | generate-pom + maven-source-plugin | attach-sources | jar-no-fork verify -------------------------------------------------------------------------------- + glassfishbuild-maven-plugin | attach-all-artifacts | attach-all-artifactsinstall ------------------------------------------------------------------------------- + maven-install-plugin | default-install | install deploy -------------------------------------------------------------------------------- + maven-deploy-plugin | default-deploy | deploy [INFO] [INFO] -------------< jakarta.platform:jakarta.jakartaee-web-api >-------------[INFO] Building Jakarta EE Web Profile API 11.0.0-SNAPSHOT [4/5][INFO] from jakartaee-web-api/pom.xml[INFO] --------------------------------[ jar ]---------------------------------[INFO] [INFO] --- buildplan:1.5:list-phase (default-cli) @ jakarta.jakartaee-web-api ---[INFO] Build Plan for Jakarta EE Web Profile API: generate-sources ---------------------------------------------------------------------- + maven-dependency-plugin | unpack-sources | unpack-dependencies process-sources ----------------------------------------------------------------------- + maven-antrun-plugin | prepare-sources | run + maven-antrun-plugin | prepare-sources-web | run + glassfishbuild-maven-plugin | unpack-sources | unpack-sources process-resources --------------------------------------------------------------------- + maven-resources-plugin | default-resources | resources + maven-resources-plugin | copy-javadoc-resources | copy-resources compile ------------------------------------------------------------------------------- + maven-compiler-plugin | default-compile | compile + maven-antrun-plugin | build-javadocs | run process-test-resources ---------------------------------------------------------------- + maven-resources-plugin | default-testResources | testResources test-compile -------------------------------------------------------------------------- + maven-compiler-plugin | default-testCompile | testCompile test ---------------------------------------------------------------------------------- + maven-surefire-plugin | default-test | test prepare-package ----------------------------------------------------------------------- + maven-antrun-plugin | rewrite-problematic-sources | run package ------------------------------------------------------------------------------- + maven-jar-plugin | default-jar | jar + cyclonedx-maven-plugin | default | makeAggregateBom + glassfishbuild-maven-plugin | generate-pom | generate-pom + maven-source-plugin | attach-sources | jar-no-fork verify -------------------------------------------------------------------------------- + glassfishbuild-maven-plugin | attach-all-artifacts | attach-all-artifactsinstall ------------------------------------------------------------------------------- + maven-install-plugin | default-install | install deploy -------------------------------------------------------------------------------- + maven-deploy-plugin | default-deploy | deploy [INFO] [INFO] ---------------< jakarta.platform:jakarta.jakartaee-api >---------------[INFO] Building Jakarta EE Platform API 11.0.0-SNAPSHOT [5/5][INFO] from jakartaee-api/pom.xml[INFO] --------------------------------[ jar ]---------------------------------[INFO] [INFO] --- buildplan:1.5:list-phase (default-cli) @ jakarta.jakartaee-api ---[INFO] Build Plan for Jakarta EE Platform API: generate-sources ---------------------------------------------------------------------- + maven-dependency-plugin | unpack-sources | unpack-dependencies process-sources ----------------------------------------------------------------------- + maven-antrun-plugin | prepare-sources | run + maven-antrun-plugin | prepare-sources-web | run + maven-antrun-plugin | prepare-sources-platform | run + glassfishbuild-maven-plugin | unpack-sources | unpack-sources process-resources --------------------------------------------------------------------- + maven-resources-plugin | default-resources | resources + maven-resources-plugin | copy-javadoc-resources | copy-resources compile ------------------------------------------------------------------------------- + maven-compiler-plugin | default-compile | compile + maven-antrun-plugin | build-javadocs | run process-test-resources ---------------------------------------------------------------- + maven-resources-plugin | default-testResources | testResources test-compile -------------------------------------------------------------------------- + maven-compiler-plugin | default-testCompile | testCompile test ---------------------------------------------------------------------------------- + maven-surefire-plugin | default-test | test prepare-package ----------------------------------------------------------------------- + maven-antrun-plugin | rewrite-problematic-sources | run package ------------------------------------------------------------------------------- + maven-jar-plugin | default-jar | jar + cyclonedx-maven-plugin | default | makeAggregateBom + glassfishbuild-maven-plugin | generate-pom | generate-pom + maven-source-plugin | attach-sources | jar-no-fork verify -------------------------------------------------------------------------------- + glassfishbuild-maven-plugin | attach-all-artifacts | attach-all-artifactsinstall ------------------------------------------------------------------------------- + maven-install-plugin | default-install | install deploy -------------------------------------------------------------------------------- + maven-deploy-plugin | default-deploy | deploy
 •  0 comments  •  flag
Share on Twitter
Published on December 20, 2023 10:00

November 23, 2023

Azure DevOps cross organization daily task wrangling

Problem statement

My employer has standardized on Azure DevOps Boards as the issue tracking system of record. I have become fond of this system and immensely respect its capabilities. Due to my role, I end up with a very large number of work items assigned to me across a very diverse number of different Azure DevOps organizations. While an extension exists to support , it has a significant and insurmountable limitation that the accounts being queried must have a uniform ���schema��� for Iteration Path and Area Path. This limitation is a fact of life in my role.

This blog post shows my workaround that gives me the ability:

To see a comprehensive dashboard across the many different Azure DevOps organizations that contain work items assigned to me, so I can know which ones I need to work on in any given day. To check them off task by task when I have done all I intend to do on that particular task today. To reset the ���done for today��� status so I get a fresh dashboard the next day.

It is not very elegant, but works for me. I���m open to suggestions for improvements. Please leave a comment if you have any ideas.

Solution

For each Azure DevOps organization, write and save a query that shows the work items assigned to me.Here are a screen grabs of two such queries.

[image error]

[image error]

Some things to note about these queries:

The Area Path values vary and are specific to the organization. The Iteration Path values vary, but both have @CurrentIteration. The State values vary and are specific to the organization. They both have a funny Tags value: Does Not Contain edburns_done-for-today. This tag is obviously named.

Write an anologous set of queries, but for the last clause the Tags value is Contains edburns_done-for-today.

Use the Daily Links chrome extension to cause all the saved queries in a new browser tab. Install the Daily Links extension from the Chrome web store. This also works in Edge.

[image error]

Daily wrangling

Start of day process.

Select the Daily Links button in the browser.

For each tab:

Decide which of the tasks you will NOT* be able to work on today.

Apply the edburns_done-for-today tag to those issues.

Re-run the query.

End of day process.

Select the Daily Links button in the browser.

For each tab:

Run the analogous ���Contains done for today��� query for that tab.

Use the multi-issue edit feature to remove that tag.

Problems with this solution

You have to write 2N queries.

You pollute the tagspace with information that is only relevant to you.

The act of resetting the ���done for today��� tag is high effort. I suspect there is a way to make a batch process that just does this with one action, but I have not invested in learning how.

The quality of the queries regarding their ability to convey the context of each task is up to the query author. In my implementation, I simply include Parent next te Title in the Column options.

 •  0 comments  •  flag
Share on Twitter
Published on November 23, 2023 20:10

October 24, 2023

macOS Catalina Zoom does not prompt for mic or camera permissions Solved

Problem statement

Somewhere along the line, Zoom on macOS Catalina asked me for permission to use the mic or camera and I may have accidentally said no. How do I get it to prompt me again?

I tried the usual measures of tccutil reset Microphone but this returned a failure message. What���s going on?

This blog post is my record of what I did to resolve the problem on macOS Catalina. Results are not guaranteed.

Root cause

In my case, the root cause was the ownership of the /Users/edburns/Library/Application Support/com.apple.TCC/TCC.db file was incorrect. This file must be owned by me. Instead it was owned by some other user number. I remember making some bulk ownership changes somewhere along the line.

Nutshell solution Do all the stuff that allows you to modify TCC.db. chown the TCC.db to me. Restore all the stuff that prevents you from modifying TCC.db. tccutil reset Microphone Perform the action in Zoom that caused it to prompt for permission. Say Yes.Detailed solutionTemporarily disable System Integrity Protection (SIP) Shut down and reboot in ���Recovery mode���. Shut down. Hold down Command R while powering on. Release when the Apple logo appears. When you get a menu bar, in the Utilities menu select Terminal. The terminal should open as root. csrutil disable. Exit the terminal and quit the Terminal app. Restart.Ensure the TCC.db has the correct ownership

For an apparently very helpful resource on TCC.db see A deep dive into macOS TCC.db.

cd ~Library/Application\ Support/com.apple.TCCIf you can���t do this, grant ���Full disk access��� to your terminal program. Look elsewhere for how to do that. chown the TCC.db file to your userid. cd to get back to your home directory.Run the tccutil command tccutil reset Microphone. If you want to reset other permissions, there is a big schema of names. To reset everything replace Microphone with All. Case is sensitive. You should see a message that indicates success.
 •  0 comments  •  flag
Share on Twitter
Published on October 24, 2023 09:10

July 24, 2023

Diagnose outbound database connection problems with Liberty on Azure

Cross posted at .

This self-contained blog post shows how you to use tcpdump to troubleshoot and diagnose outbound network connections from a local Liberty server to an Azure SQL Database.

I was working on validating the steps in Deploy a Java application with Open Liberty or WebSphere Liberty on an Azure Kubernetes Service (AKS) cluster for use in an upcoming conference workshop. The workshop students would be given access to their own Ubuntu VMs and also their own Azure credits to execute the steps of the workshop. This is a very common pattern I have used many times in the past.

While preparing the VM, the hosting environment for the VM started having trouble connecting to the external Internet, and thus could not access the Azure SQL Database. When starting mvn liberty:run, I observed this error.

[INFO] [ERROR ] CWWJP0015E: An error occurred in the org.eclipse.persistence.jpa.PersistenceProvider persistence provider when it attempted to create the container entity manager factory for the coffees persistence unit. The following error occurred: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.7.11.v20220804-52dea2a3c0): org.eclipse.persistence.exceptions.DatabaseException[INFO] Internal Exception: java.sql.SQLException: The TCP/IP connection to the host rwo010720nxf.database.windows.net, port 1433 has failed. Error: "Connect timed out. Verify the connection properties. Make sure that an instance of SQL Server is running on the host and accepting TCP/IP connections at the port. Make sure that TCP connections to the port are not blocked by a firewall.". DSRA0010E: SQL State = 08S01, Error Code = 0[INFO] Error Code: 0

However, when I ran mvn liberty:run on my local laptop with the same sample app code, I observed it was able to successfully connect to the database. Before concluding it was Somebody Else���s Problem, I wanted to rule out any local firewall configuration on the VM.

This was a matter of asking firewall-cmd to --list-all rules.

# firewall-cmd --list-all target: default icmp-block-inversion: no interfaces: ens192 sources: services: cockpit dhcpv6-client ssh ports: protocols: forward: no masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:

Looks like no rules at all. That���s not it.

Let���s look at outbound traffic on TCP port 1433.

I forget where I found this tip, so I am recording it in this blog post for my own later referral. Yes, it���s obvious: tcpdump. There are probably better and more efficient ways to do this. But I work on so many different things at so many different levels of abstraction, I can���t remember the specifics. I have learned from rock star programmers I know: they accept their limitations and write things down.

tcpdump on the VM

First we need to identify the network interface name. That���s ifconfig -a:

[ibmuser@student java-app]$ ifconfig -adocker0: flags=4099 mtu 1500 inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:14:3c:39:f9 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0ens192: flags=4163 mtu 1500 inet 10.0.10.2 netmask 255.255.255.0 broadcast 10.0.10.255 inet6 fe80::250:56ff:feb4:550c prefixlen 64 scopeid 0x20<link> ether 00:50:56:b4:55:0c txqueuelen 1000 (Ethernet) RX packets 591136 bytes 846561034 (807.3 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 21664 bytes 2609977 (2.4 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0lo: flags=73 mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1000 (Local Loopback) RX packets 41 bytes 2429 (2.3 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 41 bytes 2429 (2.3 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

Good news, that one is obvious. It must be ens192.

Then, run the magic tcpdump -i ens192 port 1433. This will hang indefinitely. This will show nothing untill some traffic appears on port 1433.

In a separate terminal, restart the app with mvn liberty:run. This caused the following output to appear in the tcpdump window.

tcpdump -i ens192 port 1433dropped privs to tcpdumptcpdump: verbose output suppressed, use -v or -vv for full protocol decodelistening on ens192, link-type EN10MB (Ethernet), capture size 262144 bytes12:43:36.963152 IP student.51002 > 40.79.153.12.ms-sql-s: Flags [S], seq 2117028828, win 29200, options [mss 1460,sackOK,TS val 2330981707 ecr 0,nop,wscale 7], length 012:43:37.563057 IP student.51008 > 40.79.153.12.ms-sql-s: Flags [S], seq 3629156152, win 29200, options [mss 1460,sackOK,TS val 2330982307 ecr 0,nop,wscale 7], length 012:43:38.626345 IP student.51008 > 40.79.153.12.ms-sql-s: Flags [S], seq 3629156152, win 29200, options [mss 1460,sackOK,TS val 2330983371 ecr 0,nop,wscale 7], length 012:43:40.674361 IP student.51008 > 40.79.153.12.ms-sql-s: Flags [S], seq 3629156152, win 29200, options [mss 1460,sackOK,TS val 2330985419 ecr 0,nop,wscale 7], length 012:43:41.521620 IP student.51012 > 40.79.153.12.ms-sql-s: Flags [S], seq 384691879, win 29200, options [mss 1460,sackOK,TS val 2330986266 ecr 0,nop,wscale 7], length 012:43:42.530322 IP student.51012 > 40.79.153.12.ms-sql-s: Flags [S], seq 384691879, win 29200, options [mss 1460,sackOK,TS val 2330987275 ecr 0,nop,wscale 7], length 012:43:44.578290 IP student.51012 > 40.79.153.12.ms-sql-s: Flags [S], seq 384691879, win 29200, options [mss 1460,sackOK,TS val 2330989323 ecr 0,nop,wscale 7], length 012:43:48.610335 IP student.51012 > 40.79.153.12.ms-sql-s: Flags [S], seq 384691879, win 29200, options [mss 1460,sackOK,TS val 2330993355 ecr 0,nop,wscale 7], length 012:43:49.431704 IP student.44964 > 40.79.153.12.ms-sql-s: Flags [S], seq 824660250, win 29200, options [mss 1460,sackOK,TS val 2330994176 ecr 0,nop,wscale 7], length 012:43:50.466320 IP student.44964 > 40.79.153.12.ms-sql-s: Flags [S], seq 824660250, win 29200, options [mss 1460,sackOK,TS val 2330995211 ecr 0,nop,wscale 7], length 0tcpdump on the local laptop

Same story, I need to get the network interface name. ifconfig -a shows a lot more stuff, but I believe it���s this one.

en7: flags=8963 mtu 1500 options=404 ether f8:e4:3b:59:02:a0 inet6 fe80::886:47f3:c373:4803%en7 prefixlen 64 secured scopeid 0x16 inet 192.168.1.160 netmask 0xffffff00 broadcast 192.168.1.255 inet6 2600:1700:1590:2270:481:7264:b2ac:29dc prefixlen 64 autoconf secured inet6 2600:1700:1590:2270:3ce9:3b2:e9b2:7672 prefixlen 64 autoconf temporary inet6 2600:1700:1590:2270::1d prefixlen 64 dynamic nd6 options=201 media: autoselect (1000baseT ) status: active

There are several other interfaces, but this one shows status: active and has a reasonable looking local IP address. I bet it���s that one.

Now I can run sudo tcpdump -i en7 port 1433 and wait for output.

Run mvn liberty:run in a separate terminal and you���ll see this output.

tcpdump: verbose output suppressed, use -v[v]... for full protocol decodelistening on en7, link-type EN10MB (Ethernet), snapshot length 524288 bytes16:48:30.579463 IP edwards-mbp.attlocal.net.51776 > 40.78.225.32.ms-sql-s: Flags [S], seq 1887813996, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 4041241742 ecr 0,sackOK,eol], length 016:48:30.610481 IP 40.78.225.32.ms-sql-s > edwards-mbp.attlocal.net.51776: Flags [S.], seq 81912948, ack 1887813997, win 65535, options [mss 1440,nop,wscale 8,nop,nop,sackOK], length 016:48:30.610608 IP edwards-mbp.attlocal.net.51776 > 40.78.225.32.ms-sql-s: Flags [.], ack 1, win 4096, length 016:48:30.633758 IP edwards-mbp.attlocal.net.51776 > 40.78.225.32.ms-sql-s: Flags [P.], seq 1:68, ack 1, win 4096, length 6716:48:30.665583 IP 40.78.225.32.ms-sql-s > edwards-mbp.attlocal.net.51776: Flags [P.], seq 1:32, ack 68, win 2052, length 3116:48:30.665711 IP edwards-mbp.attlocal.net.51776 > 40.78.225.32.ms-sql-s: Flags [.], ack 32, win 4095, length 016:48:30.766804 IP edwards-mbp.attlocal.net.51776 > 40.78.225.32.ms-sql-s: Flags [P.], seq 68:582, ack 32, win 4096, length 51416:48:30.800942 IP 40.78.225.32.ms-sql-s > edwards-mbp.attlocal.net.51776: Flags [.], seq 32:1492, ack 582, win 2050, length 146016:48:30.801040 IP edwards-mbp.attlocal.net.51776 > 40.78.225.32.ms-sql-s: Flags [.], ack 1492, win 4073, length 016:48:30.801767 IP 40.78.225.32.ms-sql-s > edwards-mbp.attlocal.net.51776: Flags [.], seq 1492:2952, ack 582, win 2050, length 146016:48:30.801795 IP edwards-mbp.attlocal.net.51776 > 40.78.225.32.ms-sql-s: Flags [.], ack 2952, win 4073, length 016:48:30.801948 IP 40.78.225.32.ms-sql-s > edwards-mbp.attlocal.net.51776: Flags [P.], seq 2952:4128, ack 582, win 2050, length 1176Comparing the two different tcpdump outputs.

Let���s strip out extraneous information from the two tcpdump outputs for easier comparison.

Output from the VM. This is the one where the connection failed.

12:43:36 Flags [S], seq 2117028828, win 29200, options [mss 1460,sackOK,TS val 2330981707 ecr 0,nop,wscale 7], length 012:43:37 Flags [S], seq 3629156152, win 29200, options [mss 1460,sackOK,TS val 2330982307 ecr 0,nop,wscale 7], length 012:43:38 Flags [S], seq 3629156152, win 29200, options [mss 1460,sackOK,TS val 2330983371 ecr 0,nop,wscale 7], length 012:43:40 Flags [S], seq 3629156152, win 29200, options [mss 1460,sackOK,TS val 2330985419 ecr 0,nop,wscale 7], length 012:43:41 Flags [S], seq 384691879, win 29200, options [mss 1460,sackOK,TS val 2330986266 ecr 0,nop,wscale 7], length 0

Output from the local laptop. This is the one where the connection succeeded.

16:48:30.57 Flags [S], seq 1887813996, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 4041241742 ecr 0,sackOK,eol], length 016:48:30.61 Flags [S.], seq 81912948, ack 1887813997, win 65535, options [mss 1440,nop,wscale 8,nop,nop,sackOK], length 016:48:30.61 Flags [.], ack 1, win 4096, length 016:48:30.63 Flags [P.], seq 1:68, ack 1, win 4096, length 6716:48:30.66 Flags [P.], seq 1:32, ack 68, win 2052, length 3116:48:30.66 Flags [.], ack 32, win 4095, length 0

We can see right away there are differences. Apparently the app running on the VM is unable to complete the TCP handshake, while the one from the VM is not. This old mozilla doc describes the TCP handshake well TCP handshake.

In the tcpdump output, there is a line for each TCP packet. In the first three lines, we can see the three packets for the TCP handshake.

In the local laptop output:

At 16:48:30.57 we see the SYN packet going from the VM to the Azure SQL Database. At 16:48:30.61 we see the reply SYN-ACK packet coming back from the Azure SQL Database. At 16:48:30.61 we see the ACK packet going from the VM to the Azure SQL Database.

In the VM output we just see unanswered SYN packets.

If there is no firewall rule, and the tcpdump output shows unanswered TCP handshake packets, the most likely cause is some other network problem outside of the VM.

 •  0 comments  •  flag
Share on Twitter
Published on July 24, 2023 10:10