What is Docker?

Docker is a tool designed to make it easier to create, deploy, and run applications by using containers. Containers allow developers to package up an application with all of the parts it needs, such as libraries and other dependencies, and ship it all out as one package.

Docker is something like a virtual machine, but Docker allows application use the same Linux kernel without unnecessary dependencies that may be on the host computer.  This allows for some performance and reduces the size of the application.

The huge advantage of Docker is that is open source. That means that anyone can contribute as a volunteer too.

Who is Docker for?

Docker is a tool that’s designed for developers, administrators and software testers. For developers, it means that they can focus on writing code not maintain the environment. Reduce the number of dependencies, and also quick start with setting up initial development. Administrators get flexible and fast way to create and get running environments on easy way.  Software testers get the same environment that developer get to write feature. The last part is very important for two points: there is no misunderstanding in environment dependencies, and if there is a bug in software is easy to track and reproduce as well.

Getting started

On the Internet, there are a lot of information about Docker and why is so sexy thous days. Beginners guides for Docker, command-link simulators, a lot of images that are ready to use.  But I want to create my own tutorial that will be available on youtube channel. Starting with some basics to some advanced setup as well.

Docker and security

As a lot of tools, Docker brings some security too for the applications that are running in this environment, however, containers are not the thing that we can speak about security.  For example, there is something like kernel exploits, DDOS attacks, breakouts, poisoned images and secrets that can be compromised.


Reference:

Maven #03 ~ How to create Maven project in IntelliJ

To create a maven project using IntelliJ we can to import: pom.xml file or create a project from scratch.
This post describes how to use this second option.

First, we must to open Wizard and select: Create New Project

From next window select: maven and after that mark: Create from archetype

On the same wizard window select: org.jetbrains.idea.maven.model.maven-archetype-quickstart

On the next window view type GroupId and ArtifactId:

Select Maven home directory:

The last but not least, insert location directory of your project:

The last step is to click Finish button to create a project.

Lv0. VIM user

In the beginning of this post, I asked myself: why Vim and why I would like to cut my fingers? (Joke). An answer to this question is simple: I met with a number of situations in my life where I  actually edit the file on the server or on a specific device connected to the network. But how to do it when there are no possibilities of installing any external text editor?

Everyone has their own toolbox, which is a set of tools that uses in everyday work and even after work. Sometimes it is so that incoming to the company/job anyone could ask a simple question. What tools do you use? So then what you say? In my opinion, either in the work of the tester, programmer or system administrator and any other work related to IT, it is important to know well and use a text editor. And the text editor in both Linux and Unix is Vim. Some will say that the Vi, but for simplicity, I will say that Vi and Vim mean to me almost the same thing.

For the moment someone says, but he is the best Emacs text editor, again, another person can say that Atom is really great. OK, I agree with all the views, but … There are some cons. Especially on any Linux and  UNIX machine. If I log onto the production machine likely I’m will not even have the right to install any additional software but use this one that is already available. Of course, we can look around and see what happens but it will be hard with installing there any additional software. However, we will not use such editors as, for example, nano the text editor is often used on Ubuntu, but Red Hat or CentOS no longer can be a pre-installed editor, which is relatively easy to use.

Vim is free. If we have one machine – our beloved laptop we don’t need to pay for the license. We have 10,000 servers – is still free on each of these machines, there are no hidden costs involved.

The third reason – Vim is super customizable. The ability to install plugins, write your own and the engine itself can not be compared with any paid tool.

Another important thing is that Vim does not require a graphical user interface. Most servers do not have a graphical user interface installed, the X server so inevitably we can not run anything that will allow you to display icons, Eclipse, or are other java-based editors. We can never assume what we have installed on the server.

The last reason: Vim is a fast tool for editing code or editing files. If you’ve ever seen a user who has for several years used the Vim and how he can make changes in the code you were a probably very impressed. There is a competition which aims to see how quickly the participants can do the right things in Vim.

There is one disadvantage, the learning curve but in the end, it is worth it.

Continuous integration services – review

For few day I was looking for some continuous integration services that will allow me to build and deploy my open source projects now and near feature. I spend several hours searching, reading, trying to use and build some code. Some CI services are for free and works very good with for example GitHub. It’s a big plus, especially when you trying to run open source.

Below I add a small table that contains some essential information for devs that are interested in that kind of services.

NameDescriptionFeaturesSupported repositoriesDocumentationPrice
AppveyorAppVeyor automates building, testing and deployment of .NET applications.• GitHub
• BitBucket
documentationFree with limitations
AssertibleAutomated post-deployment testing and web service monitoring• GitHubdocumentationFree with limitations
BitriseiOS Continuous Integration and Delivery.• GitHub
• BitBucket
• Custom
documentationFree
BuildkiteA build automation platform which gives you complete control, without the pain of running your own CI system.Languages: Ruby, Python, Node.js, JavaScript, PHP, Go, Rust, Erlang, Elixir, Java, Clojure, Scala, C/C++, Objective-C, Swift, .NET/C#
Source code is available: Buildkite Agent
• GitHub
• BitBucket
• Custom
documentation• 14-day Trial
• Free for Education
• Open Source
Circle CIContinuous Integration and Deployment• GitHubdocumentationPricing
CodeshipOne more cloud based CI service: running tests and deployment.• GitHub
• BitBucket
documentationFree for opensource projects or 100 builds per month
Code ClimateHosted platform to continuously measure and monitor code quality Languages: Ruby, Javascript, PHP• GitHub
• Custom
documentation14-day Trial
Coveralls Coveralls works with your continuous integration server to give you test coverage history and statistics.Languages: Ruby, Javascript, Python, PHP, C, Objective-C, Scala, GO• GitHub
• BitBucket
documentationFree for opensource projects
CoverityCode analysis, test analysisLanguages: C/C++, Java, C#noneFree for opensource projects
CoviolationsTool for collecting and visualisation code violations works with Travis-CI, drone.io and JenkinsSource code is available: Web application, Applicationdocumentation
DroneContinuous Integration serviceSource code is available.• GitHub
• BitBucket
• Google Code
• Custom
documentationPublic projects for free
FactorService to automate developer workflows by defining them programmatically using the Factor.io syntax and running them using the Factor.io Server.documentation
GitLab CI• GitLabdocumentationPricing
GitHost• GitLabdocumentationPricing
Hound CIReview your JavaScript, CoffeeScript, and Ruby code for style guide violations with a trusty hound.• GitLabnonePublic repositories for free
Magnum CIHosted Continuous Integration and Delivery Platform• GitHub
• BitBucket
• GitLab
• Custom
documentationFree beta
PHP CIFree and open source continuous integration tool specifically designed for PHPLanguage: PHP, Source code is available• BitBucket
• GitLab
• Custom
nonePricing
SaucelabsAutomated testing in the cloud for CIdocumentation14-day Trial
ScrutinizerBuild quality software, betterSources are available• GitHub
• BitBucket
documentation14-day Trial
SemaphoreHosted continuous integration and delivery solution for open source and private projects.Ruby, Node.js, JavaScript, Go, Clojure, Elixir, Erlang, Java, PHP, Scala, C/C++• GitHub
• BitBucket
documentationFree for Open Source, 100 free builds for private projects
ShippableContinuous DeliveryLanguages: Ruby, Python, Java, Node.js, Scala, PHP, Go; Databases: MongoDB, MySQL, Redis, Postgres, CouchDB, RethinkDB, Neo4j, and SQLite• GitHub
• BitBucket
• GitLab
documentationFree with limitations
Snap• GitHubdocumentationFree
Solano CIHosted service that runs your test suite on a distributed infrastructure - fast• GitHub
• BitBucket
• GitLab
• Custom
documentation14-day Trial
StyleCIThe PHP Coding Style Service, used by Cachet.• GitHubdocumentationFree for opensource projects
TestlingHosted service that runs your test suite in many different browsers every time you push to GitHub. It can run any test suite so long as it writes TAP to the browser console.documentationFree for opensource projects and 3 min sessions
Travis CIHosted continuous integration service for open source and private projects.Languages: C, C++, Clojure, Erlang, Go, Groovy, Haskell, Java, Javascript (with Node.js), Objective-C, Perl, PHP, Python, Ruby, Rust, Scala. Source code is available.• GitHubdocumentationFree for opensource projects and 3 min sessions
Visual Studio Online Cloud-based collaboration services for version control, agile planning, continuous delivery, and analytics application for Visual Studio, Eclipse, Xcode.• Visual Studio
• Team Services
• GitHub
• Custom
documentationFree
WerkerContinuous delivery platform• Docker Hubdocumentation

Apktool

Apktool is a tool 😉 for reverse engendering 3rd party, closed, binary Android *.apk files. It can decode resources to nearly original form and then also rebuild them. Rebuild them also when you provide some modifications.

I create two simple apps to try apktool and basically check how it’s work. In directory we have two apps. First: app-debug.apk and app-debug-unaligned.apk. In this case, not matter really what’s are these apps for.

andrzejdubaj  staff  4530973 22 maj 23:15 app-debug-unaligned.apk
andrzejdubaj  staff  4531823 22 maj 23:15 app-debug.apk

To use apktool simply open terminal and go to this directory where are yours app’s(app). Type:

apktool d <name_of_your_app.apk>

and press ENTER. If everything it’s ok output should be similar to this one below:

$ apktool d app-debug.apk 
I: Using Apktool 2.1.1 on app-debug.apk
I: Loading resource table...
I: Decoding AndroidManifest.xml with resources...
I: Loading resource table from file: /Users/andrzejdubaj/Library/apktool/framework/1.apk
I: Regular manifest package...
I: Decoding file-resources...
I: Decoding values */* XMLs...
I: Baksmaling classes.dex...
I: Copying assets and libs...
I: Copying unknown files...
I: Copying original files...

In our directory, a new folder was created with name of the app. It contains all folders and files that are contained in the *.apk file, for example:

  • res folder
  • smali folder
  • original
  • AndroidManifest.xml
  • apktool.yml
drwxr-xr-x    7 andrzejdubaj  staff   238 22 maj 23:18 .
drwxr-xr-x    5 andrzejdubaj  staff   170 22 maj 23:18 ..
-rw-r--r--    1 andrzejdubaj  staff  3588 22 maj 23:18 AndroidManifest.xml
-rw-r--r--    1 andrzejdubaj  staff   394 22 maj 23:18 apktool.yml
drwxr-xr-x    4 andrzejdubaj  staff   136 22 maj 23:18 original
drwxr-xr-x  137 andrzejdubaj  staff  4658 22 maj 23:18 res
drwxr-xr-x    4 andrzejdubaj  staff   136 22 maj 23:18 smali

From now ok we can:

  • analyze code
  • create modes

After we perform some edits, we can build our app. For this purpose I create separate folder and copy there decompile folder with all my changes:

total 0
drwxr-xr-x  3 andrzejdubaj  staff  102 23 maj 21:55 .
drwxr-xr-x  6 andrzejdubaj  staff  204 23 maj 21:54 ..
drwxr-xr-x  7 andrzejdubaj  staff  238 22 maj 23:18 app-debug

To build application, we can use:

apktool b <name_of_your_app.apk>

We can get something like that:

$ apktool b app-debug/
I: Using Apktool 2.1.1
I: Checking whether sources has changed...
I: Smaling smali folder into classes.dex...
I: Checking whether resources has changed...
I: Building resources...
I: Building apk file...
I: Copying unknown files/dir...

But I can’t get any *.apk file. But also at that point I was wrong. Why ? Because default directory for output file is:

... /app/app-01/app-debug/dist

Top build and receive *.apk file in the same catalog use:

apktool b <folder_name> -o <file_name.apk>

If everything it’s ok output should be similar to this one below:

$ apktool b app-debug -o apk-debug.apk
I: Using Apktool 2.1.1
I: Checking whether sources has changed...
I: Checking whether resources has changed...
I: Building apk file...
I: Copying unknown files/dir...

Now we can so that our new *.apk file is in the same directory like rest of files:

-rw-r--r--  1 andrzejdubaj  staff  4512866 23 maj 22:13 apk-debug.apk
drwxr-xr-x  9 andrzejdubaj  staff      306 23 maj 21:57 app-debug
drwxr-xr-x  9 andrzejdubaj  staff      306 23 maj 22:07 app-debug-unaligned

But sometimes command described before really don’t work, and you can receive similar android Exception:

I: Checking whether sources has changed...
I: Checking whether resources has changed...
I: Building resources...
Exception in thread "main" brut.androlib.AndrolibException: brut.common.BrutException: could not exec command: [aapt, p, -F, /tmp/APKTOOL3630495287059303807.tmp, -I, /home/awesomename/apktool/framework/1.apk, -S, /home/awesomename/out/./res, -M, /home/awesomename/out/./AndroidManifest.xml]
    at brut.androlib.res.AndrolibResources.aaptPackage(Unknown Source)
    at brut.androlib.Androlib.buildResourcesFull(Unknown Source)
    at brut.androlib.Androlib.buildResources(Unknown Source)
    at brut.androlib.Androlib.build(Unknown Source)
    at brut.androlib.Androlib.build(Unknown Source)
    at brut.apktool.Main.cmdBuild(Unknown Source)
    at brut.apktool.Main.main(Unknown Source)
Caused by: brut.common.BrutException: could not exec command: [aapt, p, -F, /tmp/APKTOOL3630495287059303807.tmp, -I, /home/windows/apktool/framework/1.apk, -S, /home/windows/out/./res, -M, /home/windows/out/./AndroidManifest.xml]
    at brut.util.OS.exec(Unknown Source)
    ... 7 more
Caused by: java.io.IOException: Cannot run program "aapt": error=2, No such file or directory
    at java.lang.ProcessBuilder.start(ProcessBuilder.java:1041)
    at java.lang.Runtime.exec(Runtime.java:617)
    at java.lang.Runtime.exec(Runtime.java:485)
    ... 8 more
Caused by: java.io.IOException: error=2, No such file or directory
    at java.lang.UNIXProcess.forkAndExec(Native Method)
    at java.lang.UNIXProcess.(UNIXProcess.java:135)
    at java.lang.ProcessImpl.start(ProcessImpl.java:130)
    at java.lang.ProcessBuilder.start(ProcessBuilder.java:1022)
    ... 10 more

I found soloution for that:

apktool d -f -r apkfilename.apk

-f replace previous decompiled apk’s code
-r ignore the decompiling of resources
This would prevent the resources from being decompiled, will copy the same resources when you recompile the apk.


Reference: