TODAY Software Challenges

Software projects are larger and complex

Many DIFFERENT teams (often remote)

STILL Tight schedules

DELIVERY / DEPLOYMENT IS PART OF PROCESS

HIGHER LEVEL OF SECURITY

AND THEN CAME AGILE METHODOLOGY

CONTINUOUS INTEGRATION

"Continuous Integration is the practice of integrating early and often, so as to avoid the pitfalls of integration hell".

CI IS TOOLING OF AGILITY

Standardize Build, Test and Deployment

Provide Continuous Builds, Test and Deployment

Ensures solid, reproducible and analyzable steps

Visible to all actors (Dev, QA, Product Owner)

GOAL

THE ULTIMATE GOAL IS TO REDUCE TIMELY REWORK AND THUS REDUCE COST AND TIME.

 
WHEN DONE WELL, CONTINUOUS INTEGRATION HAS BEEN SHOWN TO ACHIEVE THESE GOALS.

CONTINUOUS INTEGRATION STEPS

Fetch From SCM

Build Code

Run Unit Tests

Run Integration Tests

Deploy Artifacts

Run Acceptance Tests

Produce Reports

HUMAN WORKLOAD

Team members work on code

code
tests DESIGN
docs

Automated workload

POLL SCM AND CHECK OUT IF CHANGES

BUILD CODE 

RUN UNIT & INTEGRATION TESTS

DEPLOY BINARY CONTENTS TO ARTIFACTS REPOSITORY

RUN ACCEPTANCE TESTS

PRODUCE REPORTS

regarding tests

UNIT TESTING

HERE WE TEST CODE

Ensures the code is doing what we intend it to do

Many extremely quick and small tests

UNIT TESTING ensure we make the software right

INTEGRATION TESTING

USED TO VALIDATE CONTRACTS BETWEEN PARTICIPANTS

SHOULD BE PORTABLE (NOT PLATFORM DEPENDANTS)

"External Components" SHOULD BE embeddedABLE or mocked 

INTEGRATION TESTING ensure we make the right software

ACCEPTANCE TESTING

KEEP THEM SIMPLE

REAL TARGET COMPONENTS SHOULD BE USED

PREFER PRE-REQUISITE (DONT EMBED SQL DB ENGINES)

DATASETS IN USE SHOULD BE MODERATE

PREPARE FOR PRODUCTION - ENROLL YOUR OPS

SECURITY TESTING

CODE LEVEL

DEPENDENCIES INVOLVED

RUNTIME LEVEL

ALL ACTORS INVOLVED : DEVS, QA, SECURITY AND OPS

PERFORMANCE TESTING

Fix quickly performance regressionS

Prepare for Capacity Planning 

proTECT YOURSELF FROM IN-PROD DISCOVERY

AND THEN CI TURN TO NIGHTMARE

SCOPE IS TOO LARGE, FROM CODE TO RUNTIME

TOO MANY LOAD ON AUTOMATION ENGINE

OVERALL BUILD PROCESS IS LONGER AND LONGER

RELEASE / DELIVERY PROCESS IS NO MORE AGILE

IT'S TIME TO REFACTOR A BIT

LET's REFACTOR

Materialize 4 chains

SOFTWARE FACTORY

QUALITY FACTORY

SECURITY FACTORY

DEPLOY FACTORY

AND DONT FORGET SERIOUS MONITORING FOR ALL OF THEM

SOFTWARE FACTORY

FROM SCM TO ARTIFACTS

BUILDs

UNIT TESTS

INTEGRATION TESTS

CODE QUALITY REPORTS (SONAR)

DEPLOY BINARY ARTIFACTS

QUALITY FACTORY

FROM ARTIFACTS TO QA/RUNTIME REPORTS

CONSUME ARTIFACTS FROM SOFTWARE FACTORY

RUN ACCEPTANCE TESTS

RUN PERFORMANCE TESTS AND CAPACITY PLANNING

GENERATE REPORTS

SECURITY FACTORY

SECURITY REPORTS FOR code and deliveries

SOURCE LEVEL ANALYSIS (CODE, SQL, XSS)

3RD PARTY DEPENDENCIES CHECK

PENETRATION TESTING

DEPLOY FACTORY

FROM ARTIFACTS TO RUNTIME

BUILD NATIVE PACKAGES (RPM/DEB/MSI/NUGET)

BUILD IMAGES (VMDK, AMI, VBOX, DOCKER, ISOs)

PROVIDE RUN INFRASTRUCTURE (INSITE)

INTERFACE TO RUN INFRASTRUCTURE (OFF-SITE/PUBLIC)

CATALOG & PROVISION RUNTIMES

INTERACTIONS BETWEEN FACTORIES

SHOULD BE SEEN AS A SINGLE Factory

SOFTWARE FACTORY CONSUME SOURCE AND PRODUCES SOFTWARE MATERIALS

QUALITY FACTORY CONSUMES SOFTWARE MATERIALS AND PRODUCE 'GO FOR DELIVERY'

SECURITY FACTORY CONSUME SOURCE AND DELIVERY AND PRODUCE 'GO FOR PROD'

DEPLOY FACTORY CONSUMES SOFTWARE MATERIALS AND TURN IN RUNTIME

DEPLOY FACTORY ALSO PROVIDES RUN INFRASTRUCTURE

DEVOPS - SHARING

USE COMMON TOOLS

SCM / DVCS

AUTOMATION

TICKETING & WORKFLOW

DOCS

DEVOPS - TOOLBOX

SCM : SUBVERSIOn, GIT, MERCURIAL (... or CVS)

ORCHESTRATiON : JENKINS* (What else ?)

CONTENT REPOSITORIES : ARCHIVA*, ARTIFACTORY*, NEXUS*, HTTPD*

CODE QUALITY : SONAR*

WEB TESTING : SELENIUM*

DEVOPS - SPECIALIZING

USE DEDICATED SILOS

PIPES APPROACH (INPUT/OUTPUT + KNOWN CONTRACTS)

ISOLATE ACTIVITy (CI/CA/CS/CD)

GIVE RIGHTS TO ACTORS

CONFLUENCE (DOCS)

CONTINUOUS DEPLOYMENT FOR ?

YOUR DEVs 

YOUR QAs

YOUR SUPPORT

YOUR SALES

AND OF COURSE YOUR CUSTOMERS

ANY MAGIC RECIPES ?

KEEP IT SIMPLE

THINK COMPONENT

ENROLL YOUR OPS !

A WORKING RECIPE - LEGO MODE

Assemble BINARY Artifacts TO CREATE RUNTIME COMPONENTS

EXAMPLE : A WEB APPLICATION

JAR + WAR + TOMCAT = runtime

EXEC ENV (VM/CONTAINER) + RUNTIME = SERVICE

ASSEMBLE THEM ALL

DELIVERY AND DEPLOYMENT

THERE IS NEEDS FOR CONTINUOUS DELIVERY

AND CONTINUOUS DEPLOYMENT

DELIVERY

ProvidE product to end user

User could then install or update it on his own systems

SOFTWARE VENDORS ARE IN "CONTINOUS' DELIVERY MODE

DEPLOYMENT

PROVIDE OPERATIONAL SOLUTION TO CUSTOMERS

CUSTOMERS COULD THEN DIRECTLY USE IT ON HIS OWN OR LEASED SYSTEMS

SERVICE PROVIDERS ARE IN CONTINUOUS DEPLOYMENT LAND (CLOUD)

TO CONCLUDE

MANDATORY

FUN

SOCIAL

CI & CD ARE MANDATORY TODAY

PROVIDES AGILE TOOLING

ACCELERATE SOFTWARE PRODUCTION

SECURE SOFTWARE DELIVERY

CI & CD ARE FUN

COVERS A WIDE SCOPE FROM DEV UP TO OPS

LARGE SCALE OF TECHNOLOGIES

VERY ACTIVE ECOSYSTEMS AND COMMUNITIES

Always something new to learn and PUT IN PLACE

CI & CD ARE SOCIAL

WORKING WITH DEV, QA, OPS AND SALES TEAMS,  CI & CD ACT AS FACILITATORS

THANK YOU