Slide 1

Slide 1 text

Open source workflows 
 in highly regulated environments @benbalter ben.balter.com [email protected]

Slide 2

Slide 2 text

Conway's law “organizations which design systems ... are constrained to produce designs which are copies of the communication structures of these organizations ”

Slide 3

Slide 3 text

How you work is as important as what you work on

Slide 4

Slide 4 text

Roadmap 1. Open source moves beyond Agile 2. Open source behind the firewall 3. Open source in regulated environments

Slide 5

Slide 5 text

1. Open source moves beyond Agile

Slide 6

Slide 6 text

Agile is a methodology "get incremental changes into users' hands"

Slide 7

Slide 7 text

Open source is a philosophy "remove barriers to the free flow of information"

Slide 8

Slide 8 text

Closed source Open source Waterfall Traditional software development Publishing 
 proprietary code Agile Modern software development Working in the open

Slide 9

Slide 9 text

Both open source and agile value ad-hoc and informal communication over documentation and process

Slide 10

Slide 10 text

Face-to-face versus asynchronous Agile Open source

Slide 11

Slide 11 text

Applying open source to Agile

Slide 12

Slide 12 text

Transparency solves for process

Slide 13

Slide 13 text

1. Prefer social constraints over administrative or technical constraints

Slide 14

Slide 14 text

2. Prefer systems that naturally capture and expose process

Slide 15

Slide 15 text

3. Prefer stakeholders subscribe to the software development process itself

Slide 16

Slide 16 text

The constraints of open source

Slide 17

Slide 17 text

Electronic Prefer systems that naturally capture process

Slide 18

Slide 18 text

Available Expose process via shareable URLs

Slide 19

Slide 19 text

Asynchronous Decisions can be made outside meetings

Slide 20

Slide 20 text

Informal Professional, not formal

Slide 21

Slide 21 text

Open source flow https://guides.github.com/introduction/flow/

Slide 22

Slide 22 text

Issues are Agile user stories

Slide 23

Slide 23 text

Everyone has access to issues

Slide 24

Slide 24 text

Anyone can open an issue

Slide 25

Slide 25 text

Teams prioritize, sequence, and implement

Slide 26

Slide 26 text

Create a branch

Slide 27

Slide 27 text

Add commits

Slide 28

Slide 28 text

Open a pull request

Slide 29

Slide 29 text

Discuss and review

Slide 30

Slide 30 text

Deploy

Slide 31

Slide 31 text

Merge

Slide 32

Slide 32 text

2. Open source behind the firewall

Slide 33

Slide 33 text

Open source is a philosophy, 
 not a type of software

Slide 34

Slide 34 text

Process is shared to the widest extent practical One team, your organization, or the entire world

Slide 35

Slide 35 text

Human-centric processes produce human-centric software

Slide 36

Slide 36 text

Five best practices of open source behind the firewall

Slide 37

Slide 37 text

1. The technology is the easy part

Slide 38

Slide 38 text

2. Start small and go through the motions

Slide 39

Slide 39 text

3. Minimize information imbalance

Slide 40

Slide 40 text

4. Embrace the constraints of open source

Slide 41

Slide 41 text

5. Minimize Friction

Slide 42

Slide 42 text

Friction (n) - the time it takes to go from "I want to contribute" to "I have"

Slide 43

Slide 43 text

3. Open source in regulated environments

Slide 44

Slide 44 text

Version control captures who made what change when

Slide 45

Slide 45 text

Open source workflows 
 capture (and expose) process

Slide 46

Slide 46 text

How open source captures process 1. Chat (and issues) 2. ChatOps 3. Continuous Integration 4. Code Reviews 5. Deployments

Slide 47

Slide 47 text

Chat (and issues)

Slide 48

Slide 48 text

Chat is inherently asynchronous

Slide 49

Slide 49 text

Chat captures and exposes who made what decision why

Slide 50

Slide 50 text

ChatOps A shared command-line for development teams

Slide 51

Slide 51 text

Meet Hubot

Slide 52

Slide 52 text

CultureOps

Slide 53

Slide 53 text

DevOps • View cameras in our datacenter • Search error logs • Manage and trigger alerts • Perform server maintenance • Configure load balancer • Provision servers • Adjust firewalls • Activate DDoS mitigation • Configure DNS • Manage background jobs • Deploy to production

Slide 54

Slide 54 text

Continuous Integration (CI)

Slide 55

Slide 55 text

Required build statuses

Slide 56

Slide 56 text

Nothing gets deployed unless tests are green

Slide 57

Slide 57 text

Code reviews

Slide 58

Slide 58 text

Nothing gets deployed unless reviews are green

Slide 59

Slide 59 text

Deployments at GitHub On the pull request in Chat

Slide 60

Slide 60 text

How you work is as important as what you work on

Slide 61

Slide 61 text

Open source workflows 
 in highly regulated environments @benbalter ben.balter.com [email protected]