|
'ello, decided the banter is better here?
|
|
|
|
|
I just posted a question at the top that could be taken as bait if someone were so inclined, though it wasn't written as bait, it's a C vs C++ thing, so I expect there to be casualties. 
Real programmers use butterflies
|
|
|
|
|
Yes, arguments can be found. The "good" part is another argument in itself.
"They have a consciousness, they have a life, they have a soul! Damn you! Let the rabbits wear glasses! Save our brothers! Can I get an amen?"
|
|
|
|
|
Upon entry, you do not "get" an argument, you supply an actual one for the formal one declared by the man at the door.
|
|
|
|
|
How on earth has no-one given this as a response yet!?
OH! Oh! I'm sorry! This is abuse!
Aha! No, you want room 12A, next door.
[Argument Clinic - Monty Python](https://www.youtube.com/watch?v=DkQhK8O9Jik)
EDIT: Face-palm. Of course Griff was on it.
|
|
|
|
|
We keep our (encrypted) connection strings in (web)config files, and that requires us to create a unique deployment package for each of the eight environments and 12 web apps, seven windows services, and an assortment of in-house tools we have to support.
After a meeting about the "problem" on Friday afternoon, I came up with a way to build all of the connection strings on the fly - in code - which will relieve us of the need to create unique deployment packages. Now, we can create a single package and when it passes testing/validation in one environment, we can simply deploy it to the next environment, eventually ending up in production.
I developed the actual code for the solution, a proof-of-concept app, and a 6-page document explaining what I did. The code has almost as many lines of comments as there are lines of actual code.
The beauty of this solution is that:
- it can be used in our web apps AND our desktop apps/windows services
- multiple connection strings can be specified for each app/tool/service
- the connection strings don't actually exist as connection strings in memory until they're requested
- once requested, the connection strings are built and either Base64 encoded or 256-bit encrypted (dev's choice)
- it completely eliminates the need to maintain connection stings in config files.
Now comes the hard part - convincing management to let us implement it. Honestly? That shouldn't be the hard part.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
#realJSOP wrote: That shouldn't be the hard part.
People are afraid of things they do not understand...
"The only place where Success comes before Work is in the dictionary." Vidal Sassoon, 1928 - 2012
|
|
|
|
|
Sounds good John - do I smell an article ? I hope so.
"I didn't mention the bats - he'd see them soon enough" - Hunter S Thompson - RIP
|
|
|
|
|
I might. The code as it exists is very work-specific, so I'd have to refactor it a bit.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
So the conn string is regenerated on the fly every time the program is run ?
"I didn't mention the bats - he'd see them soon enough" - Hunter S Thompson - RIP
|
|
|
|
|
Every time it's requested. 
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
I would like to see how you do this
"I didn't mention the bats - he'd see them soon enough" - Hunter S Thompson - RIP
|
|
|
|
|
The connectionstring when "at rest" is not assembled into a string. It merely exists in its component parts.
When you call the "Get" method to retrieve the connection string, it assembles the parts into a connection string, and either base64 encodes it, or 256-bit encrypts it (programmer's choice) and returns that encoded/encrypted string.
When you're ready to access the database, you simply decode/decrypt it when you send it to the SqlConnection object.
(We don't use Entity Framework or any other ORM, so this approach is no problem).
Any using base64/encryption is optional as well, you can have it return a string as plain text as well.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
modified 3-Mar-21 8:33am.
|
|
|
|
|
Ok I f****ng" hate EF ( and any ORM ) - look forward to reading your article - thanks for your efforts
"I didn't mention the bats - he'd see them soon enough" - Hunter S Thompson - RIP
|
|
|
|
|
The article's been posted:
A Connection string manager for multi-environment ecosystems[^]
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
That's my Friday taken care of - thanks John
"I didn't mention the bats - he'd see them soon enough" - Hunter S Thompson - RIP
|
|
|
|
|
We're going to add the code to one of our projects to see how it goes. Until i see it work in the intended environment, it's all prettty much just theoretical. The sample app works within the context of my dev box, but I wanna put it on a live server to make sure it will actually do what I want.
If you're up for it, feel free to relate your experience in the article forum.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
Wow, making it general enough for public consumption is going to take some work. We have considerations not normally encountered in the civilian ecosystem, and I have to make the code easy to implement in a way that makes sense to devs that have never been exposed to it before.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
I work for the government in the UK ( at local level ) so it definitely is of interest
"I didn't mention the bats - he'd see them soon enough" - Hunter S Thompson - RIP
|
|
|
|
|
While staring at the code trying to come up with a way to describe how it works, I actually came up with what I think is a better way to approach some of it, so code introspection is a "good thing" (TM).
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
We use Ansible for similar purposes.
|
|
|
|
|
Does it save money ? that's the only convincing you need to do.
I'd rather be phishing!
|
|
|
|
|
Maximilien wrote: Does it save money ?
Dev reply: No, it only saves Developer headaches.
Manager: Denied! These are unnecessary changes.
|
|
|
|
|
First of all, it makes too much sense for them to use, unless you can convince them it was their idea.
Good show. Generating connection strings that is. I've never liked them and often found myself doing similar, and yes, because of security.
#realJSOP wrote: The code has almost as many lines of comments as there are lines of actual code.
I hate to say this, but that's a red flag to me.
1. Are you using comments where you should be using documentation? You're perhaps either duplicating effort and creating maintenance issues #2, or you're using comments for where you need documentation - it sounds like in your case it's the former, since you have a 6 page doc.
2. What of maintenance? Is your code not clear enough to stand on its own absent all the comments? If not, why not spend that time refactoring instead? Every line of code is important. A comment is still a line of code. It must be maintained, too. If the source changes, and the comments get out of sync, then they become counterintuitive. Comments should be avoided if possible, for the same reason other lines of code should be. The most bug free, efficient code is the code you never wrote. I break this rule in one place - writing articles for code project with code in them - because comments allow me to describe what I'm doing as I'm doing it, but in normal circumstances, you aren't writing your comments for learners, but for maintainers.
/design-hat
*ducks*
Real programmers use butterflies
|
|
|
|
|
0) The reason for the (excessive?) comments is to answer any ecosystem-specific questions that might come up from the other devs on the team. Right now, this is just proposed code in the form of a proof-of-concept console app that encompasses the code in question, and I figured that explaining the what/why of the code in an external document was pointlessly convoluted, and a general pain in the ass. However, I did provide a word doc that explains what's happening, and were/how to integrate the code into our existing web apps.
1) As a general rule, we don't have time to generate meticulous documentation about a given code implementation, much less maintain it when something in the code changes. A programmer is much more apt to update comments than they are to seek out the correct document to update when the code changes.
2) Regardless of how "understandable" code that I wrote is to me, it could turn out to be gibberish to someone else, so comments are important. There is no such thing as code that isn't made better with comments. Why? Because I'm the 26th programmer to work on the code base over the last 13 years. We waste a lot of time trying to figure out what/why the hell is happening because there are virtually no comments in the code. Not even intellisense comments for method and property prototypes. This code base involves hundreds of thousands of lines of c#, javascript, css, and sql. NONE of it had comments before I started.
3) I will never accept or dish out ridicule for commenting code, regardless of how trivial the comment might appear. In fact, over the 40+ years I'be been a programmer, I've only been ridiculed for NOT providing enough code comments, and that only happened one time.
The plain and simple fact is that I'm not the first guy to work on this code, and I can guaran-damn-tee you I won't be the last. I don't want to be the subject of name-calling and gnashing of teeth because I didn't to the job the best I could, which includes making it easier for the next guy in the food chain.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
