Quantifying Outcomes - Increasing Speed

Transcript

1. None

2. INTRODUCTIONS George Miranda Technical Strategy Chef Software, Inc. @gmiranda23 .

3. Velocity: time from idea to ship Software success metrics Quantifying

   outcomes to deliver software at speed Deployment frequency Time from commit to deploy Mean time to resolve Time deploying remediation Change failure rate SPEED Measure of rate of software change EFFICIENCY Measure of effectiveness of software change RISK Measure of quality of software change Compliance audit frequency Idea Ship

4. QUALITY/COMPLIANCE RATE OF INNOVATION Perception: Speed vs. risk

5. QUALITY/COMPLIANCE RATE OF INNOVATION Reality: Faster speed & lower risk

6. Risk webinar poll results Is risk migitation slowing you down?

   Yes No Unsure Not applicable Yes 54% Most important challenges Overcome manual process Lack of team communication Uncertainty over tools Split 41%

7. PART OF A PROCESS OF CONTINUOUS COMPLIANCE Scan for Compliance

   Build & Test Locally Build & Test CI/CD Remediate Verify A SIMPLE EXAMPLE OF AN INSPEC CIS RULE InSpec ▪ Integration testing framework ▪ Compliance automation framework ▪ One common language across teams Turn security and compliance into code control ‘cis-1.4.1’ do title ‘1.4.1 Enable SELinux in /etc/grub.conf’ desc ‘ Do not disable SELinux and enforcing in your GRUB configuration. These are important security features that prevent attackers from escalating their access to your systems. For reference see … ‘ impact 1.0 expect(grub_conf.param ‘selinux’).to_not eq ‘0’ expect(grub_conf.param ‘enforcing’).to_not eq ‘0’ end

8. “The tools we use reinforce the behavior; the behavior reinforces

   the tool. Thus, if you want to change your behavior, change your tools.” – Adam Jacob, CTO, Chef Transforming culture

9. Standard Bank pushes ideas from commit to deploy in 18

   minutes with Chef Focus on Speed Measuring the rate of software change HIGH IT PERFORMERS MEDIUM IT PERFORMERS LOW IT PERFORMERS On-demand Week - Month Month – 6 Month < 1 Hour Week - Month Month - 6 month USE CASES INCLUDE: ▪ Application Delivery ▪ Build Pipelines DEPLOYMENT FREQUENCY TIME FROM COMMIT TO DEPLOY

10. Deployment pipelines

11. Pipeline shape VERIFY APPROVE COMMIT CHANGE BUILD ACCEPTANCE DELIVER UNION

    REHEARSAL DELIVERED

12. • Write some code • Write and run some unit

    tests • Commit the change • Pipeline runs integration/acceptance tests, etc • Approve delivery to production • Lowered chance of production failure Add a test Run the tests Make a little change Run the tests pass [development continues] fail fail pass pass [development stops] Test driven development

13. Q&A George Miranda Technical Strategy Chef Software, Inc. @gmiranda23 .

    What challenges do you have when increasing your speed at shipping software?
14. None