Open Developer Platform: What Is It and Why Should I Care? Maurizio Pillitu
-
Upload
symphony-software-foundation -
Category
Technology
-
view
908 -
download
1
Transcript of Open Developer Platform: What Is It and Why Should I Care? Maurizio Pillitu
Open Developer Platform2017-06-21 Annual Member’s Meeting, NYC
Maurizio PillituDevops Director, Symphony Software Foundation
@maoo [email protected]
What is it and why should I care
1/14
A set of online services and best practices to expedite the
developer productivity of Foundation's project teams.
Open Developer PlatformWhat is it
2/14
Open Developer PlatformArchitecture
Source Code (SCM)
Build Test Report Publish DevDeploy
Project Infrastructure
Open Developer PlatformArchitecture
Project Infrastructure
Source Code (SCM)
Build Test Report Publish DevDeploy
Technology 1 Technology 2 Technology N... Technologies
2/14
Project Infrastructure
Source Code (SCM)
Build Test Report Publish
Technology 1 Technology 2 Technology N... Technologies
Incubating Active Archived Project Lifecycle
DevDeploy
Open Developer PlatformContribution flow
3/14
3/14
Open Developer PlatformContribution flow
Project Infrastructure
Source Code (SCM)
Build Test Report Publish
Technology 1 Technology 2 Technology N... Technologies
Incubating Active Archived Project Lifecycle
Contribution
DevDeploy
4/14
A service-based infrastructure to support
committers throughout the entire project lifecycle.
Project InfrastructureWhat is it
Githubsymphonyoss
✅ User access management (widely adopted)✅ Git flow (Pull requests + Branch protection)✅ Github Issues❗ IP cleanliness
Source Code - Github
5/14
Githubsymphonyoss
TRAVIS CIBuild and Test
✅ Clojure, Java, Javascript and Python currently tested and documented✅ Language-specific frameworks/DSLs/platforms for building and testing✅ Use myget.org for C# projects
Build and test - Travis CI
6/14
Githubsymphonyoss
TRAVIS CIBuild and Test
TRAVIS CIReporting
✅ Github IdM widely used❗ Reporting != Validation. Manual checks always needed!
❗ Manage false negatives❗ Self-governed repos with org-wide configuration❗ Work in progress: WhiteSource and Fossa
Reporting
SonarCloud
VersionEye CoverityScan
NodeSecurity Bithound Code Climate
Github PagesWhiteSource Fossa
7/14
Githubsymphonyoss
TRAVIS CIBuild and Test
TRAVIS CIReporting
✅ Foundation-wide license and components whitelist✅ Identify licenses❗ Dual licensing❗ Code-driven ignores (for transitive dependencies and hosted files)
Reporting - Legal
SonarCloud
VersionEye CoverityScan
NodeSecurity Bithound Code Climate
Github PagesWhiteSource Fossa
8/14
Githubsymphonyoss
TRAVIS CIBuild and Test
TRAVIS CIReporting
✅ Define/customise quality gates❗ Test coverage is fundamental
❗ Mocked interfaces❗ Integration testing
Reporting - Quality
SonarCloud
VersionEye CoverityScan
NodeSecurity Bithound Code Climate
Github PagesWhiteSource Fossa
9/14
Githubsymphonyoss
TRAVIS CIBuild and Test
TRAVIS CIReporting
✅ CVEs based on package name/version❗ Language-specific static code analysis
Reporting - Security
SonarCloud
VersionEye CoverityScan
NodeSecurity Bithound Code Climate
Github PagesWhiteSource Fossa
10/14
Githubsymphonyoss
TRAVIS CIBuild and Test
TRAVIS CIReporting
✅ Integration with most important eco-systems❗ Artifact signing (security)❗ code-driven automation (ie semantic-release)❗ Work in progress: Docker Hub
Publish
TRAVIS CIArtifact
publishing
PyPI NuGet Docker Hub
Maven Central NPMJS
11/14
Githubsymphonyoss
TRAVIS CIBuild and Test
TRAVIS CIReporting
✅ Continuous (Dev) Delivery keystone✅ Containerised deployments❗ Cloud enablement
❗ Deployment configuration standardisation❗ Certified image registry
Dev Deployment
TRAVIS CIArtifact
publishing
TRAVIS CIDev Deploy
Openshift Online
Symphony Dev Pod
foundation-dev
Rolling deployment
Symphony APIs
Integration testing
12/14
13/14
✓ CLA bot to scan PRs for IP cleanliness
✓ Facilitate cloud enablement✓ Reporting
○ More tools○ Improve existing integrations
Open Developer PlatformFuture
14/14
❗ Implementing and/or maintaining a modern developer workflow is hard and time-consuming
❗ Outdated tools/processes are enemies of productivity and talent retention
✅ Let us take care of your dev workflow!
Open Developer PlatformWhy should I care
14/14
✅ symphonyoss.atlassian.net/wiki
✅ github.com/symphonyoss
✅ symphony.foundation
Open Developer PlatformResources