Map to List Using Guava

Suppose, we have a list of Employee objects where we want to create a Map from the list with employee id as Key. You can do that with Java Stream, but with Guava the code becomes more concise. Below is the example:

Add Guava in Maven dependency:

<dependency>

    <groupId>com.google.guava</groupId>

    <artifactId>guava</artifactId>

    <version>33.3.1-jre</version>

</dependency>

@Data

public class Employee() {

private int id;

private String name;

}

Map<Integer, Employee> employeeMap = Maps.uniqueIndex(employeeList, Employee::id);

If you want to create Map<Integer,List<Employee>> then use below

ImmutableListMultimap<Integer, Employee> employeeMap = Multimaps.index(employeeList, Employee::id);

https://howtodoinjava.com/java/collections/convert-list-to-map/

Encryption using Google Tink

Google Tink is a tool which provides an End to End solution for Encryption/Decryption.

Steps:

Step #1: Create the Encryption key.

Goto https://developers.google.com/tink/install-tinkey & unzip to a folder

The Encryption key can be generated in  Binary or JSON format. 

tinkey.bat create-keyset --key-template AES256_GCM --out keyset.bin --out-format binary

in case you want to generate in json format you can use below command

tinkey.bat create-keyset --key-template AES256_GCM --out keyset.json

Step #2: Encrypt the data

Create a maven project

Add below dependency:

        <dependency>

            <groupId>com.google.crypto.tink</groupId>

            <artifactId>tink</artifactId>

            <version>1.7.0</version> <!-- Use the latest version -->

        </dependency>

Add the below code for encryption/decrytion

private static Aead aead =null;
static {
    try {


        AeadConfig.register();


        KeysetHandle keysetHandle = CleartextKeysetHandle.read(BinaryKeysetReader.withFile(new File("<path to binary file>")));
               //use below in case reading from json file
       // KeysetHandle keysetHandle = CleartextKeysetHandle.read(JsonKeysetReader.withBytes(Hex.decode("<path to json file>")));

        aead = AeadFactory.getPrimitive(keysetHandle);


    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}

public static String encryptData(String data) throws GeneralSecurityException {

   return Hex.encode(aead.encrypt(data.getBytes(),null));

}
public static String decryptData(String data) throws GeneralSecurityException {
    return new String(aead.decrypt(Hex.decode(data),null));

}

You can pass associated key also for encrypt & decrypt

Further Reading:

https://www.baeldung.com/google-tink

https://developers.google.com/tink

https://woodpecker-ci.org/docs/1.0/administration/encryption

https://fuchsia.googlesource.com/third_party/tink/+/HEAD/docs/TINKEY.md

Security Notes

Password validation

https://www.baeldung.com/java-passay

https://www.passay.org/reference/

https://blog.payara.fish/secure-your-java-applications-with-passay-the-essential-password-utility-library

Encryption/Decryption Library:

https://www.baeldung.com/google-tink

https://developers.google.com/tink

Spring Initializer for Java 8

 At present https://start.spring.io/ does not provide an option to create Spring Boot project on Java 8. To create a Spring Boot project on Java 8 use https://springinitializrjava8.cc/

Spring Spel

In Spring framework, we mainly use SpEL as annotation in a bean. But SpEL has other use cases as well. 

Like evaluating the expression on the fly. e.g. You can store expression in database & execute on demand.

More documentation can be found on:

https://docs.spring.io/spring-framework/docs/3.0.x/reference/expressions.html

https://docs.spring.io/spring-framework/reference/core/expressions.html 

Cardano Links

https://cardanoscan.io/metadata

https://gimbalabs.com/

https://meshjs.dev/

How to run LLM in local machine

 Here we will discuss the steps to install LLM in local machine on Windows:

Steps:

• Goto https://ollama.com/download/windows
• Download & install the Ollama platform on your machine by clicking the OllamaSetup.exe file
• Once the installation is completed, to check the Ollama platform is running navigate to http://localhost:11434/ & check the status. 
• If the platform is installed successfully it will show :Ollama is running
• Now we need to install the language model.
• Navigate to https://ollama.com/library
• You can now install any language model based on your need
• To run the language model, goto powershell prompt
• Run the command ollama run <language_model_name> e.g. ollama run llama2
• Once the LLM is installed, it will provide a command prompt to interact like Chatgpt
• The API of Ollama can be used to interact using Spring AI

Further readings:

https://thenewstack.io/how-to-set-up-and-run-a-local-llm-with-ollama-and-llama-2/

https://www.kdnuggets.com/ollama-tutorial-running-llms-locally-made-super-simple

https://www.youtube.com/watch?v=5ecArhs6d7I&pp=ygULamF2YSB0ZWNoaWU%3D

Sample Codebase:

https://github.com/Java-Techie-jt/spring-ai-llama2/tree/main

Convert Java Project from Log4j 1 to Log4j2

Many times while working on old Java projects we find Log4j 1.x is used. But as the Log4j2 is the new one; hence to upgrade to Log4j2 we need to change the all the files with new package details.

This is a tedious job. OpenRewrite comes up with a solution; where you can do the below steps to convert your project to Log4j 2 from Log4j 1.x

Steps:

• Navigate to the project folder in command prompt
• Run the below command

mvn -U org.openrewrite.maven:rewrite-maven-plugin:run -Drewrite.recipeArtifactCoordinates=org.openrewrite.recipe:rewrite-logging-frameworks:RELEASE -Drewrite.activeRecipes=org.openrewrite.java.logging.log4j.Log4j1ToLog4j2

• This will convert all the imports in file to Log42 packages & remove Log4j 1.x dependency & will add the Log4j2 dependencies automatically in pom.xml
• Add the LMAX Disruptor dependency in pom.xml as below

<dependency>

<groupId>com.lmax</groupId>

<artifactId>disruptor</artifactId>

<version>3.4.4</version>

</dependency>

• Create the log4j2.xml (under src\main\resources folder); a sample one could be like below. Here the assumption is log files are created within logs folder of Tomcat . Replace <AppName> with the app name.

<?xml version="1.0" encoding="UTF-8"?>

<Configuration status="WARN">

<Appenders>

<Console name="Console" target="SYSTEM_OUT">

<PatternLayout pattern="%d{dd-MM-yyyy HH:mm:ss} [%t] %-5p %c - %m%n"/>

</Console>

<!-- Generate rolling log for router with per hour interval policy -->

<RollingFile name="ProcessorRollingFile" fileName="${sys:catalina.home}/logs/<AppName>.log" filePattern="${sys:catalina.home}/logs/$${date:yyyy-MM-dd}/<AppName>-%d{yyyy-MM-dd-HH}-%i.log.gz">

<PatternLayout>

<!--<pattern>%d{ISO8601} [%t] %p %c %L - %m%n</pattern>-->

<pattern>%d{dd-MM-yyyy HH:mm:ss} [%t] %-5p %c - %m%n</pattern>

</PatternLayout>

<Policies>

<SizeBasedTriggeringPolicy size="500 MB"/>

</Policies>

<DefaultRolloverStrategy max="100"/>

</RollingFile>

<!-- Register Async appender -->

<Async name="AsyncRollingFile">

<AppenderRef ref="ProcessorRollingFile"/>

</Async>

</Appenders>

<Loggers>

<AsyncLogger name="root" level="WARN" additivity="false">

<AppenderRef ref="AsyncRollingFile"/>

</AsyncLogger>

</Loggers>

</Configuration>

In case you do skip tests in the project while running maven then the same needs to be applied while executing the maven command for OpenRewrite. If you use a profile, the same needs to be added to in maven command. If the profile name is Live the full command with skip tests will look like below:

mvn -U org.openrewrite.maven:rewrite-maven-plugin:run -Drewrite.recipeArtifactCoordinates=org.openrewrite.recipe:rewrite-logging-frameworks:RELEASE -Drewrite.activeRecipes=org.openrewrite.java.logging.log4j.Log4j1ToLog4j2 -Dmaven.test.skip=true -PLive

Further Reading: https://docs.openrewrite.org/recipes/java/logging/log4j/log4j1tolog4j2

Creating Tag for Docker Image

Once we create an image of an application & push it to Docker Container, then that tagged as latest one.

Now next time we need to rebuild & push the image the latest tag gets overridden.

But if the latest images gives any error then we should be able to get the previous tag to deploy.

Hence we need to create a separate tag for the current latest image before pushing the new image.

Below are the commands to do the same:

sudo docker tag <docker repo>/testwebapp:latest <docker repo>/testwebapp:prev

sudo docker push <docker repo>/testwebapp:prev

This will create a tag name prev (You can choose any name) of the present latest image.

This command should run before pushing the new image to Docker.

Convert SVN Project to Git Project

Here we are going to check how convert a SVN project to Git project in Local filesystem

Steps:

• Pre-requisite: Git to be preinstalled in your m/c
• Goto Command prompt & run below command
• git svn clone -r HEAD <SVN Codebase URL>
• This will create a folder with same name of app with  .git file

Semgrep

Semgrep is used for SAST tool.

Steps to get the SAST report:

1. Checkout the code in your local directory from Github.
2. Goto https://semgrep.dev/login/ & create the login
3. docker run -it returntocorp/semgrep semgrep login
4. Copy the URL provided in browser to Activate the token
5. From Command prompt navigate to local folder where code is checked out from Github
6. From command prompt copy the token & run below command with token
7. docker run -e SEMGREP_APP_TOKEN=<token> --rm -v "<local repo>:/src" returntocorp/semgrep semgrep ci
8. Check the report from SemGrep UI

Additional Info (For SVN repo):

Semgrep presently supports only Git project.

Hence if you are using SVN as code repository,  then first convert the SVN to Git project (Details in link http://souravdalal.blogspot.com/2024/01/convert-svn-project-to-git-project.html)

Once done, you can ran the above steps on the for generating the report.

In case you get a error like "Unable to infer repo_url. Set SEMGREP_REPO_URL environment variable or run in a valid git project with remote origin defined", then add the git repository using below command

git remote add origin https://github.com/<repo_name>

This command should be run in an empty folder & run git init first

Incase, you want to dump the report to in local file then use below command

docker run -e SEMGREP_APP_TOKEN=<token> --rm -v "<local repo>:/src" returntocorp/semgrep semgrep ci > semrep_report.txt

Trivy Code Vulnerability report

Trivy provides Third party library vulnerability report along with security key exposure in your code.

The tool also provides the version in which the vulnerability is fixed.

You can use the below steps to get a report by checkout the code from your repo:

Go to https://github.com/aquasecurity/trivy/releases/download/v0.48.3/trivy_0.48.3_windows-64bit.zip

Download the zip

Extract the folder

Goto <Extracted Folder>\trivy_0.48.3_windows-64bit

Open command line from above folder

run the below command

trivy fs <codebase path in local m/c > <app_name_>sec_rpt.txt

Further reading:

https://trivy.dev/

How to manage Docker images in Github Packages

Instead of using Docker Hub, GitHub Container Registry can also be used for Image management.

You need to follow the below steps to do that:

1. Login to GHCR from Docker CLI using below command. Replace with your username & personal access token

docker login ghcr.io -u YOUR_GITHUB_USERNAME -p YOUR_PERSONAL_ACCESS_TOKEN

2. Build the Docker image locally

docker build -t ghcr.io/OWNER/IMAGE_NAME:TAG .

3. Push the docker image to GHCR

docker push ghcr.io/OWNER/IMAGE_NAME:TAG

Links for further readings:

https://cto.ai/blog/build-and-deploy-a-docker-image-on-ghcr/