Custom IIB nodes

Custom IIB nodes

Richard Huegill Richard Huegill

Richard Huegill

Various tasks

发布日期: 2020年12月18日
+ 关注

It has been a while since I have posted content in the ACE/IIB/WMB space.

2020 has been a bit crazy for all.

So this post is about something that I came across a while ago (pre-Covid) when I was looking at how we could do test coverage of IIB.

We ended up creating our own instrumentation process for ESQL and MsgFlow files and making use of JaCoCo for Java running on IIB.

But one of the things I looked at was developing a custom node.

The idea being that when we instrument a message flow file, the process would add in a special node to help report back what code has executed. So that node would be called when something interesting happened with the details of what flow it was in and some ID for correlating it back to the coverage reports.

The draw back when we did get it working was that teams would have to install our node on their Broker Runtimes. 

Which if anyone has done can be a bit tricky. It's one of those things that most developers rarely do, so it's easy to forget the process next time you need install one.


So the code we ended up with was pretty trivial. This was the code in the end:

https://gitlab.com/richardh65/bct-public-code/-/blob/master/MBCallLogTraceNode.java

(This is actually my first post of code into the Open Source community)

It took a bit of research to work out how to do it, and in the we did find some really interesting work that others had done, so I wanted to share what we found.

Of course, their will be a shameless plug for our products at the end of the post. So feel free to skip ahead over the technical bits straight to the shameless plug.

So there are some good articles on how it works:

https://blogs.perficient.com/2014/03/20/creating-customuser-defined-node-in-wmbiib/

And of course the IBM documentation covering the classes:

https://www.ibm.com/support/knowledgecenter/en/SSMKHH_9.0.0/com.ibm.etools.mft.doc/as37482_.htm

And the install steps:

https://www.ibm.com/support/knowledgecenter/SSMKHH_9.0.0/com.ibm.etools.mft.doc/bs37320_.htm


So basically you extend "MbNode" and implement "MbNodeInterface".

Write a method called "evaluate" and you have a node. (and yes compile, jar/package, create an icon and a few other steps).

But simple enough to be useful.

So the one I wrote didn't change the data and just passed the data from the input terminal and propagated to the output terminal, a bit like a trace node but in our case we sent off a small text message to a TCP/IP server to record what had happened.


But you can get more complicated use cases, such as developing your own parser:

https://www.ibm.com/support/knowledgecenter/SSMKHH_9.0.0/com.ibm.etools.mft.doc/as10010_.htm


So I could see someone using this to handle YAML messages, or some other unusual data stream. So potentially quite powerful.


We did find a few interesting examples, aht I wanted to share:


But the one that I found interesting which I think would be useful in a lot of projects was the JobExecutionNode.

You can find the code here.


I can imagine lots of use cases that a developer might want to use this for. 

  • Purging files at the end of a process. 
  • Invoking some additional processing.
  • Generating some statistics - triggering a CPU statistics report or memory usage report during a process.


So a useful tool to keep in mind when developing business logic and flows.


Now for the shameless plug. 

So we deal with code quality. So what rules should a developer be following when using this node ? And what risks are there with its introduction ?

I can think of quite a few regarding what gets run.

Does the shell or batch file execute with a SUDO command ?

What user does the shell or batch command run under ?

Does the EG that uses a JobExecution Node need to run as a more limited user to prevent some developer providing shell script that does some nasty privileged actions ? Rewrites the passwd file ?


So, there is a lot to consider when using this node.

But keeping it simple, we started with adding some basic checks to our MB-Precise tool.


The rule we added simple checks if you are just invoking Linux/Unix shell scripts or Windows batch files. And in the case where you are doing both it warns you.

R436 - JobExecutionNode using Linux (or Unix) shell files and Windows batch files (WMB)


We definitely intend to look a lot more at the security aspects of this node in the future. 

So something to look forward to in 2021 I guess.


Be safe and just remember one day 2020 will be something that you look back on. 

I think it was a quote from "The long kiss goodnight". 'May the best of your past be the worst of your future.'

I'm hoping you are all here in 2021 to read my next shameless plug.



If you are interested in finding out more about our products or were interested in a demonstration please drop me an email to:


[email protected]

Or contact me via the contact page on our website - www.bettercodingtools.com

Regards

Richard

要查看或添加评论,请登录

更多精彩文章

社区洞察

其他会员也浏览了