Continuous Deployment 2.0: Playtime is Over

by DragonBe

Slide 1

Slide 1 text

CONTINUOUS DEPLOYMENT 2.0 PLAYTIME IS OVER

Slide 2

Slide 2 text

in it PROFESSIONAL PHP SERVICES ‣ CEO and co-founder of in2it ‣ Community leader   (PHP, Testing, DevOps, Azure, Security) ‣ OSS contributor ‣ Conference Speaker ‣ Coach at CoderDojo MICHELANGELO VAN DAM

Slide 3

Slide 3 text

MICHIEL ROOK OUR CD WAS INSPIRED BY Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 4

Slide 4 text

MICHIEL’S TALK WAS TO SAY THE LEAST… QUITE CONTROVERSIAL ▸ deploy to master, no branches ▸ pair programming, quick code reviews ▸ 100% code coverage ▸ strangler pattern to replace 10+ year old legacy app Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 5

Slide 5 text

THAT GOT US THINKING… Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 6

Slide 6 text

LEGACY APPLICATIONS COMMON FOR ALL CLIENTS: Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 7

Slide 7 text

IN2IT PROCESSES? ? ? ? ? ? ? ? ? Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 8

Slide 8 text

REFACTORING ADDING FEATURES REWRITE FROM SCRATCH TESTING IS HARD ONLY NEW FEATURES TESTED LOTS OF WORK Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 9

Slide 9 text

Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 10

Slide 10 text

IN2IT PROCESSES ONLY MASTER PAIR PROGRAMMING 100% CODE COVERAGE STRANGLER PATTERN Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 11

Slide 11 text

IN2IT PROCESSES ONLY MASTER ❌ PAIR PROGRAMMING 100% CODE COVERAGE STRANGLER PATTERN Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 12

Slide 12 text

IN2IT PROCESSES ONLY MASTER ❌ PAIR PROGRAMMING ✅ 100% CODE COVERAGE STRANGLER PATTERN Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 13

Slide 13 text

IN2IT PROCESSES ONLY MASTER ❌ PAIR PROGRAMMING ✅ 100% CODE COVERAGE ✅ STRANGLER PATTERN Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 14

Slide 14 text

IN2IT PROCESSES ONLY MASTER ❌ PAIR PROGRAMMING ✅ 100% CODE COVERAGE ✅ STRANGLER PATTERN ❌ Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 15

Slide 15 text

LET’S SEE WHAT WE’RE MISSING DO WE NEED TO COMMIT TO MASTER? ▸ All PR’s are going into master branch ▸ Every developer has their own GIT repo ▸ Branching for features ▸ Branching for bug ﬁxes ▸ Deployment Master ▸ Integrates one or more dev branches ▸ Pushes it onto master Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 16

Slide 16 text

DEVELOPERS WORK LOCALLY ON A PRIVATE GIT REPO OUR GIT WORKFLOW DEVELOPER PRIVATE REPO DEVELOPER PRIVATE REPO Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 17

Slide 17 text

ONCE DONE, THEY PUSH TO THEIR PUBLIC REPOS OUR GIT WORKFLOW DEVELOPER PRIVATE REPO DEVELOPER PRIVATE REPO DEVELOPER PUBLIC REPO DEVELOPER PUBLIC REPO Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 18

Slide 18 text

AND SEND A PULL REQUEST (PR) OUR GIT WORKFLOW DEVELOPER PRIVATE REPO DEVELOPER PRIVATE REPO DEVELOPER PUBLIC REPO DEVELOPER PUBLIC REPO TEAM REPO RELEASE BRANCH Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 19

Slide 19 text

OUR RELEASE MANAGER MERGES THE CHANGES IN OUR GIT WORKFLOW DEVELOPER PRIVATE REPO DEVELOPER PRIVATE REPO DEVELOPER PUBLIC REPO DEVELOPER PUBLIC REPO TEAM REPO MASTER BRANCH RELEASE MANAGER Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 20

Slide 20 text

CI KICKS IN AND DEPLOYS TO TEST/STAGING/PROD OUR GIT WORKFLOW DEVELOPER PRIVATE REPO DEVELOPER PRIVATE REPO DEVELOPER PUBLIC REPO DEVELOPER PUBLIC REPO TEAM REPO MASTER BRANCH RELEASE MANAGER CI TEST/STAGING/PROD Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 21

Slide 21 text

OUR CONCLUSION COMMITTING STRAIGHT TO MASTER ▸ Will make the role of “Release Master” obsolete ▸ Good for small teams ▸ Speeds up the deployment process ▸ In our case ▸ We work with distributed teams (3-5 people in each team) ▸ Will only work when all features are live from the start (feature ﬂags) Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 22

Slide 22 text

LET’S SEE WHAT WE’RE MISSING… STRANGLER PATTERN ▸ Is a clean way to replace legacy code with clean, distributed and optimised code. ▸ Requires domain knowledge (especially for 10+ years of evolution of an app) ▸ Creates duplicate functionality during transitions Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 23

Slide 23 text

INCREMENTALLY MIGRATE A LEGACY SYSTEM BY GRADUALLY REPLACING SPECIFIC PIECES OF FUNCTIONALITY WITH NEW APPLICATIONS AND SERVICES. AS FEATURES FROM THE LEGACY SYSTEM ARE REPLACED, THE NEW SYSTEM EVENTUALLY REPLACES ALL OF THE OLD SYSTEM'S FEATURES, STRANGLING THE OLD SYSTEM AND ALLOWING YOU TO DECOMMISSION IT. Microsoft Cloud Architecture Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 24

Slide 24 text

LEGACY APPLICATION NEW REPLACEMENT STRANGLER FAÇADE Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 25

Slide 25 text

NEW REPLACEMENT STRANGLER FAÇADE LEGACY APPLICATION Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 26

Slide 26 text

OUR CONCLUSION STRANGLING LEGACY CODE ▸ Will take time to replace old with new code ▸ Until ready, duplicated functional will exist ▸ In our case ▸ We need to replace legacy code with better solutions ▸ We can live with duplicated functionality Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 27

Slide 27 text

IMPROVING LEGACY THE PATH TO Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 28

Slide 28 text

PEAR LIBS PECL EXTS FRAMEWORK X FRAMEWORK Y CUSTOM LIBS BUSINESS LOGIC Monolithic Code Monster Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 29

Slide 29 text

WE NEED A BETTER SOLUTION! Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 30

Slide 30 text

PEAR LIBS PECL EXTS FRAMEWORK X FRAMEWORK Y CUSTOM LIBS BUSINESS LOGIC Monolithic Code Monster FUNCTIONAL MICROSERVICE FUNCTIONAL MICROSERVICE FUNCTIONAL MICROSERVICE FUNCTIONAL MICROSERVICE FUNCTIONAL MICROSERVICE FUNCTIONAL MICROSERVICE FUNCTIONAL MICROSERVICE FUNCTIONAL MICROSERVICE FUNCTIONAL MICROSERVICE FUNCTIONAL MICROSERVICE Functional Microservices Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 31

Slide 31 text

I CAN HEAR YOU ASK: WHY MICROSERVICES? ▸ Not tied to a single technology ▸ A service per functionality makes it easier to upgrade without impacting the whole application ▸ Improved security on application, network and infrastructure ▸ Easy to scale and extend ▸ Better resilience against failing services Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 32

Slide 32 text

LET’S LOOK IF IT IS A SOLUTION FOR US PROS AND CONS Pro Con Not tied to a single technology Lots of different skillsets Easy to upgrade/ﬁx or add features Lost in forest of services Improved security Requires lots of monitoring Better scalability Expensive* Improved resilience for failure (*) The cost lies in the higher number of “instances” and faster network required to run these services Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 33

Slide 33 text

MICROSERVICES & CONTINUOUS DEPLOYMENT Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 34

Slide 34 text

GOALS OF CONTINUOUS DEPLOYMENT? Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 35

Slide 35 text

CONTINUOUS DEPLOYMENT CAN BE THOUGHT OF AS AN EXTENSION OF CONTINUOUS INTEGRATION, AIMING AT MINIMIZING LEAD TIME, THE TIME ELAPSED BETWEEN DEVELOPMENT WRITING ONE NEW LINE OF CODE AND THIS NEW CODE BEING USED BY LIVE USERS, IN PRODUCTION. Agile Alliance - agilealliance.com Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 36

Slide 36 text

DOING THINGS MORE THAN ONCE LEAD UP TO… AUTOMATE DEPLOYMENT PROCESSES ▸ A series of actions taken before changes are put in production ▸ Chained together with fail switch to create a pipeline ▸ Provides full reports on each step of the delivery process ▸ Can be optimized over time ▸ Is repeatable Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 37

Slide 37 text

COMPUTERS ARE GREAT AT REPETITIVE TASKS! MINIMIZE LEAD TIME ▸ Through automation, actions are executed faster in parallel ▸ Any failures will be reported immediately ▸ Any successes will be notiﬁed through ▸ E-mail ▸ Wiki ▸ Slack ▸ … Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 38

Slide 38 text

STRESS, PANIC, SICKNESS, … ALL HAVE AN IMPACT ON YOUR CONCENTRATION PREVENTING HUMAN ERROR! ▸ Automation removes human errors ▸ by stress or a “bad” day ▸ Optimized over time ▸ Repeatable for all stages Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 39

Slide 39 text

PROGRAMMING AGREEMENTS Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 40

Slide 40 text

COMMIT SMALL, COMMIT OFTEN Credits to @CalEvans THE PROGRAMMER’S MANTRA Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 41

Slide 41 text

PERFECT WORLD WOULD MAKE THIS POSSIBLE OPTIMAL COMMIT ▸ creating/updating class (no body) ▸ creating/changing class method (no body) ▸ creating/changing functionality in method ▸ creating/changing conﬁg (no body) ▸ … Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 42

Slide 42 text

ON THIS PLANET WE ARE SATISFIED WITH THIS REALISTIC COMMIT ▸ complete a functionality ▸ complete a logic operation ▸ complete a conﬁguration change ▸ ﬁx a bug or a vulnerability Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 43

Slide 43 text

SMALL AND OFTEN COMMITS BALANCE PROS AND CONS Pro Con Incremental small improvements Many commits for one task Errors can be reverted quickly Requires change of attitude Easy to review Small impact on production code Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 44

Slide 44 text

AIM FOR 100% CODE COVERAGE Michiel Rook - @michielcts LET’S GO FOR IT! Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 45

Slide 45 text

SMALL CHANGES REQUIRE MINIMAL OVERHEAD COMMIT SMALL WITH 100% COVERAGE ▸ small code change ▸ small test covering all lines ▸ make use of @covers annotation ▸ Run PHPUnit with “--strict-coverage” Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 46

Slide 46 text

EXAMPLE OF USING THE @COVERS ANNOTATION /** * Authentication throws exception for too short password * * @param string $password * * @covers \LoginForm\Auth\Service\AuthenticationService::__construct * @covers \LoginForm\Auth\Service\AuthenticationService::authenticate * @dataProvider shortPasswordProvider * @expectedException \InvalidArgumentException */ public function testAuthenticationThrowsExceptionForTooShortPassword(string $password) { $this->validator->expects($this->once()) ->method('isValid') ->willReturn(false); $authService = new AuthenticationService( $this->validator, $this->accountModel, $this->accountEntity, $this->twoFactorServiceMock ); $authService->authenticate('username', $password, false); $this->fail('Authentication service should throw an exception for too short password input'); } Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 47

Slide 47 text

Slide 48

Slide 48 text

SHOULD WE ADOPT 100% CODE COVERAGE? PROS AND CONS Pro Con Higher quality of code A huge effort Every line of code is accountable Requires change of attitude Huge time/money gain in long tail Time intensive Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 49

Slide 49 text

COVER MOST CRITICAL PART OF AN APPLICATION 100% WITH TESTS, EVEN IF IT’S ONLY 1% OF TOTAL COVERAGE. Michelangelo van Dam TWEETABLE QUOTE Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 50

Slide 50 text

THE PIPELINE Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 51

Slide 51 text

A COMMON CI/CD SETUP Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 52

Slide 52 text

WE CAN DO BETTER! Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 53

Slide 53 text

THE BEGINNING OF A BEAUTIFUL STORY CODE ASSEMBLY STEP ▸ Check out SCM ▸ Optionally install submodules ▸ Composer packages Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 54

Slide 54 text

ARE WE GOOD TO GO? CODE QUALITY STEP ▸ Version checks (are we on latest version?) ▸ Vulnerability checks (CVE’s)* ▸ Unit testing ▸ Static Analysis (*) See SensioLabs for composer package validation service Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 55

Slide 55 text

LET’S PREPARE EVERYTHING LIKE A TRUE CHEF PROVISIONING STEP ▸ Create a new environment ▸ Package the code and assets ▸ Sign the package with GPG ▸ Deploy the code ▸ Perform DB migrations ▸ Warm-up caches Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 56

Slide 56 text

TEST ALL THE THINGS, AND ADD SOME… RELEASE QUALITY STEP ▸ Integration testing ▸ Acceptance testing ▸ End-to-end testing ▸ Regression testing ▸ Performance testing ▸ Security testing ▸ Resilience testing ▸ Accessibility testing ▸ UX Testing ▸ Certiﬁcate Testing ▸ … Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 57

Slide 57 text

TIME TO SHIP IT!!! DEPLOYMENT STEP ▸ Stop crons, workers and daemons ▸ Phase out old system with new ▸ Put new system in load balancer ▸ Direct portion of trafﬁc to new node ▸ Validate behaviour of new node ▸ Remove old system from load balancer ▸ Validate deployment ▸ Start crons, workers and daemons Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 58

Slide 58 text

KNOWING IS GOOD, KNOWING EVERYTHING IS BETTER - DAVE EGGARS “THE CIRCLE” REPORTING STEP ▸ Generate release notes ▸ Generate user documentation ▸ Notify training dept. of changes ▸ Generate release report/stats Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 59

Slide 59 text

Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 60

Slide 60 text

Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 61

Slide 61 text

WITH PIPELINES YOU HAVE… ENDLESS POSSIBILITIES TO DEPLOY Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 62

Slide 62 text

AND WHEN SOMETHING DOES GOES WRONG… THE PIPELINE WILL STOP… Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 63

Slide 63 text

WE ROLL FORWARD WHEN FAILURE HAPPENS Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 64

Slide 64 text

LEAN DEVELOPMENT & DEVOPS Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 65

Slide 65 text

AGILE LEAN KANBAN Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 66

Slide 66 text

THE 3 WAY PHILOSOPHY Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 67

Slide 67 text

HOW IS WORK FLOWING FROM LEFT TO RIGHT? THE FIRST WAY: SYSTEM THINKING ▸ Encapsulates performance of the whole system ▸ How does “work” flows through the system? ▸ What are the constrains in that flow? ▸ Some key values: ▸ Never passing a known defect downstream ▸ Never allowing local optimisation to create global degradation ▸ Always seeking to increase flow ▸ Always seeking to achieve profound understanding of the system Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 68

Slide 68 text

Slide 69

Slide 69 text

HOW IS FEEDBACK MOVING FROM RIGHT TO LEFT? THE SECOND WAY: AMPLIFY FEEDBACK LOOPS ▸ Shorten and amplify feedback loops ▸ Necessary corrections can be continually made ▸ More telemetry, more insight ▸ system data: CPU, memory, disk space ▸ app data: active users, load time, errors ▸ other: query count, items in shopping cart ▸ Make it available to EVERYONE!!! Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 70

Slide 70 text

WHAT SHOULD YOU DO WITH THE KNOWLEDGE THE THIRD WAY: CONTINUOUS LEARNING ▸ Continual experimentation, taking risks and learning from failure ▸ Understanding that repetition and practice is the prerequisite to mastery ▸ Learn and experiment as a hive, not as individual so global knowledge is shared and preserved Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 71

Slide 71 text

YOUR TURN Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 72

Slide 72 text

TEST IT ALL! CONTINUOUS DEPLOYMENT Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 73

Slide 73 text

SMALL REMINDER BY DESIGN ▸ Quality ▸ Security ▸ Privacy ▸ Resilience ▸ Accessibility Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 74

Slide 74 text

SET AGREEMENTS AS A TEAM IN NEED OF STRUCTURE? Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 75

Slide 75 text

WITH PIPELINES SUCCEED EVERY TIME Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 76

Slide 76 text

IMPROVE THE FEEDBACK LOOP KNOWLEDGE IS KEY! Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 77

Slide 77 text

RESOURCE LIST Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 78

Slide 78 text

SOME TOOLS WE USE CONTINUOUS INTEGRATION Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 79

Slide 79 text

SOME TOOLS WE USE TESTING Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 80

Slide 80 text

SOME TOOLS WE USE DEPLOYMENT Envoyer Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 81

Slide 81 text

RESOURCES THAT INSPIRED ME… RECOMMENDED FOR YOU Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 82

Slide 82 text

Continuous Deployment 2.0 www.in2it.be - @in2itvof in it

Slide 83

Slide 83 text

QUESTIONS? ARE THERE ANY Continuous Deployment 2.0 www.in2it.be - @in2itvof in it