The constant integration process with flask

Computer programs, Development

Introduction

I have accomplished my second Co-op job term because Build and automation innere at Autodesk. Autodesk is an American international software firm that is head in making developing software widely used in the a large number of industries including engineering, structures, manufacturing, visible media, and entertainment. One of their well-known products is AutoCAD which is mainly used by engineers, designers, and architects. As a great intern by Autodesk, I used to be working with IXG-BRE team which usually stands for Immersive Experiences Group ” Build and launch engineering. This team is in charge of maintaining and supporting constant integration, branching, and build brokers for different items such as MayaLT and Stingray.

The primary project that we worked on within my internship was going to design and implement fresh web facilities to expose BRE services in form of RELAX API using python web framework known as Flask. Along with the project, I had been assigned additional tasks including creating build and ongoing integration pipeline for the applying using Tool named TeamCity, Following Evaluation Driven Development Methodology. Through this job term, many of my abilities have to be produced and better in order to accomplish goals and objectives set in the beginning of the effort term. Through this document, the continuous the use process with flask software and Test out Driven Development methodology, will be discussed in more detail.

Test Powered Development

Test driven development can be described as software creation methodology that was launched in 1999 within extreme development, and later in became a centric take into account agile computer software development procedure [ Lee Copeland (December 2001). Extreme Encoding. Computerworld. Retrieved January 10, 2011. ]. The main concept behind this kind of methodology is usually to make the designer write several test before proceeding to writing code phase. Put simply, the developer has to compose tests that are failing prior to implementing any kind of required characteristic. This motivates developers to comprehend the software requirements to be executed, as well as making sure that the system as-is is certainly not effected in the foreseeable future as a result of further expansion from the system. The software projects that fail because of failure in capturing program requirement to-be is counted for 50 percent of the total software failing. Therefore , test out driven advancement is one way to be sure the correct set of requirements will be captures.

As mentioned above, system requirements would be the main goal behind practicing test out driven creation. It causes the programmer to appropriately understand the requirements of the features to be implemented, and therefore, foresee the test case the code to created must go. Such procedure helps to create fully examined product, and increase the test out coverage in case it is applied properly. It is part of agile creation because it is very dependent on requirements which are represented in use cases and end user stories. Evaluation driven creation emphasizes the breakdown of user testimonies into little test circumstances that the developer’s implementation should certainly satisfy.

Test out Driven Creation produced code quality

As mentioned above, the developer is mainly focused on the needs in the beginning of your feature/product creation cycle, and TTD makes the creator to think of quality cases as well as the way the code will be used before commence writing any kind of classes/functions. Because of this, the programmer centers all their effort to build up an understanding from the interface accessed by consumer rather than implementation. Such practice is free of charge to Design by Contract approach which breaks down each method/requirement into separate parameter which have been expected by the supplier in order to consider the developed feature/method as total and happy. These guidelines are: Preconditions, Postconditions, and invariants. As a consequence, the programmer will break the requirements into different small segments are satisfied by different unit testing. Following this sort of practice brings about short cycles of expansion followed by launching new test out case being satisfied over the following cycle. Once the test is satisfied, the developer either refactors the crafted code, or introduces fresh test instances. The following figure represents the game diagram of the Test Powered Development strategy.

This test need to require the smallest complexity of code to get satisfied. Subsequent, a new circumstance is launched or the moving body of code in refactored. These types of short iterations help the developer to 1st understand the software the client will be seen and the design that will adhere to before the execution. Thus, this will likely eventually break the required feature into independent units each is satisfied with a different test circumstance if possible, as a result, increases the modularity of the item and decreases the coupling. These kinds of practice brings flexible segments that are decoupled from one another as much as possible due to the fact the creator took the time to develop the elements of the quests in a way that every segment is testable unit on its own.

The quality of this code is estimated to be higher than a code manufactured from different method such that Check Last Advancement in which check cases happen to be written after the developer feels that the wanted feature can be fully included, such assertion is critical, nevertheless , it is completely dependent on how software quality is defined, and how it really is related to Evaluation Driven Advancement: “Quality boosts through the progress a regression test basic rooted in the requirements. Building the regression tests right from the start allows for the continual verification of the influence of changes, giving builders and product owners a larger confidence that after changes are made, there are simply no negative side effects” [2], What that means is the code quality boosts by increasing the code coverage since the code owner be a little more confident with the changes applied to the code bottom in after iterations with out affecting the implemented themes.

Autodesk build and discharge infrastructure subsequent TTD

LeGym application applying PhoneGap

It is a popular mobile app development structure enables software program programmers to generate applications intended for mobile devices applying CSS3, HTML5, and JavaScript instead of depending upon platform-specific APIs like individuals in Google android, iOS, or perhaps Windows Phone. This enables overall of CSS, HTML, and JavaScript code depending upon the woking platform of the system. In other words, “These apps happen to be natively attached to iOS, Google android, Windows Phone, and more, all leveraging HTML pertaining to the user software, CSS pertaining to layout and styling, and JavaScript to get interactivity, dynamism, and connection with native-OS functionality”(Trice). The resulting applications are hybrid, meaning that they can be neither really native mobile phone application neither purely Web-based.

Information security

One of my responsibilities was to find out and to work with PhoneGap in building mobile phone applications that are compatible with the two main mobile platforms, specifically: iOS and Android, pertaining to LeGym in Concordia College or university, and later to train professional software program engineers for IITS using PhoneGap through training sessions. 1 main concern My spouse and i observed, initially, was reliability. Since the framework uses world wide web technologies, HTML CODE, JavaScript, and CSS, which are considered client-side programming dialects, it brings up serious reliability concerns because these parts of the applications are available to the public, and they are not created like the local parts, particularly: Java in android, and Objective-C in iOS. Therefore , I had to look for methods and follow certain practices in order to secure and improve my application’s privateness section. A good way to secure the Application was to write the critical areas of the application in native dialects and uncover the benefits through hybrid plugins. Regarding those plugins, since PhoneGap is based on world wide web technologies, they have limited get privileges including accessing gadget camera, or system data files.

The plugin consists of two main parts: the native portion that is in charge of accessing local platform APIs (libraries) as well as for exposing the results to the hybrid parts, and the second part may be the hybrid part that is in charge of handling the information received and sent back and forth between your hybrid app and the indigenous APIs. Despite the fact that this practice is considered as the most secure practice, it has a few overhead with regards to the amount of code that must be created. Another option that I found was to make the hybrid supply code hard to read, basically, it is regarded by obfuscate JavaScript. This kind of practice supplies the source code with a high level of reliability, and it prevents application users coming from debugging the code, and from exposing critical principles stored in regional variables. Number 1 shows obfuscation procedure using JavaScript obfuscator software program. The process entails encrypting and compressing code.

Besides building a mobile phone application, I used to be asked to design and recommend system architecture that links different details services integrated by IITS with the mobile application itself. Since the key concept of the application is to enable college students to generate an electronic version of their LeGym regular membership card, the start point was going to design a backend system that authenticates users, inspections if they have a valid membership rights and retrieves user’s photo from University databases.

The main concept of my style is to maximize security and minimize the quantity of server calls made from the applying. Exposing much less number of internet services boosts the level of the safety the design provides, consequently, during my design, I actually focused on separating the client-side application from the server side app through presenting a new coating in between. This kind of layer is in charge of controlling and transferring cell phone calls between the consumer application and university web servers. This coating, namely “WEB-PROXY”, is managed on school servers, and it was coded by certainly one of IITS specialist developers, nevertheless , the testing has been performed by myself. “WEB-PROXY” connects to 3 different web companies.

The first is responsible for authentication, the second is accountable for validating perhaps the user can be LeGym affiliate in the current term, and the third one is responsible for generating base64 code that represents wearer’s ID photo. Those three services will be critical providers and may not be exposed to the person directly, consequently , my design and style prevents users from reaching the services and interacting with all of them directly, instead the new part handles users’ requests.

Furthermore, since it is clear from your figure, every single user obtain needs three server cell phone calls in order to be totally completed, although after researching, I found out that the high number of asks for from client-side application towards the server side minimizes the effectiveness of the machines, consequently, my own design requires only one call request from your client. With this, the amount of calls created from client software was lowered to the maximum. Even though the fresh layer continue to connects to three different solutions, the type of the bond established is well known by the web proxy server, which can be identified to be fast and secure due to the fact that they all reside on the same storage space “Concordia. ca”, Lambert says: “because everything is encrypted. This is a level stronger security mechanism than SSL” (Lambert).

Application protection

One other issue that was identified early during the design stage was how to prevent users coming from cloning and creating a false version with the application. It had been one of my tasks to come up with a feasible solution that would make the app recognizable among the other imitation versions. One proposed answer was to signify the digital card generated by the application every day having a different color. I suggested two distinct solutions: the first option was based on iBeacons. iBeacons are launched as the next: “Apples iBeacon was released with iOS 7 being a method for close proximity communications between iOS devices and semi-permanent bright spot fixtures. Employing Bluetooth Low Energy, iBeacons allow iphone app makers to generate in highly accurate location-based features. inch (AppleInsider).

The idea was that once a consumer walks in to the gym with the application installed on his cellphone, the information of the user, brand and pupil picture, will be displayed within the staff pc at the front office. The idea was successfully designed, implemented, and tested without any help using PhoneGap framework. This kind of required myself to conduct a outstanding research about iBeacons while using aim of focusing on how they function, and exactly what are the essential resources required to deploy such technology. The second thought was based upon assigning a unique unique step to every consumer once they effectively login, afterwards, every time a end user accesses his Ecard around the application, the main element will be provided for a server to be authenticated, and an exclusive number will be sent to an individual upon successful validation. The concept behind this kind of proposal is always to identify verified users using a unique amount which will be lacking from clone versions of the application. The important thing generated through the login stage allows users with valid LeGym regular membership to be the just ones with permission to reach the unique amount, consequently, individuals with clone variation will not have access to this amount.