Open source workflows
in highly regulated environments
@benbalter
ben.balter.com
ben.balter@github.com
Slide 2
Slide 2 text
Conway's law
“organizations which design
systems ... are constrained to
produce designs which are copies of
the communication structures of
these organizations ”
Slide 3
Slide 3 text
How you work
is as important as
what you work on
Slide 4
Slide 4 text
Roadmap
1. Open source moves beyond Agile
2. Open source behind the firewall
3. Open source in regulated environments
Slide 5
Slide 5 text
1. Open source moves beyond Agile
Slide 6
Slide 6 text
Agile is a methodology
"get incremental changes into users' hands"
Slide 7
Slide 7 text
Open source is a philosophy
"remove barriers to the free flow of information"
Slide 8
Slide 8 text
Closed source Open source
Waterfall
Traditional software
development
Publishing
proprietary code
Agile
Modern software
development
Working in the open
Slide 9
Slide 9 text
Both open source and agile value
ad-hoc and informal communication
over documentation and process
Slide 10
Slide 10 text
Face-to-face versus asynchronous
Agile Open source
Slide 11
Slide 11 text
Applying open source to Agile
Slide 12
Slide 12 text
Transparency solves for process
Slide 13
Slide 13 text
1. Prefer social constraints over
administrative or technical constraints
Slide 14
Slide 14 text
2. Prefer systems that naturally
capture and expose process
Slide 15
Slide 15 text
3. Prefer stakeholders subscribe to the
software development process itself
Slide 16
Slide 16 text
The constraints of open source
Slide 17
Slide 17 text
Electronic
Prefer systems that naturally capture process
Slide 18
Slide 18 text
Available
Expose process via shareable URLs
Slide 19
Slide 19 text
Asynchronous
Decisions can be made outside meetings
Slide 20
Slide 20 text
Informal
Professional, not formal
Slide 21
Slide 21 text
Open source flow
https://guides.github.com/introduction/flow/
Slide 22
Slide 22 text
Issues are Agile user stories
Slide 23
Slide 23 text
Everyone has access to issues
Slide 24
Slide 24 text
Anyone can open an issue
Slide 25
Slide 25 text
Teams prioritize, sequence,
and implement
Slide 26
Slide 26 text
Create a branch
Slide 27
Slide 27 text
Add commits
Slide 28
Slide 28 text
Open a pull request
Slide 29
Slide 29 text
Discuss and review
Slide 30
Slide 30 text
Deploy
Slide 31
Slide 31 text
Merge
Slide 32
Slide 32 text
2. Open source
behind the firewall
Slide 33
Slide 33 text
Open source is a philosophy,
not a type of software
Slide 34
Slide 34 text
Process is shared to the widest extent practical
One team, your organization, or the entire world
Slide 35
Slide 35 text
Human-centric processes produce
human-centric software
Slide 36
Slide 36 text
Five best practices
of open source behind the firewall
Slide 37
Slide 37 text
1. The technology is the easy part
Slide 38
Slide 38 text
2. Start small and
go through the motions
Slide 39
Slide 39 text
3. Minimize information imbalance
Slide 40
Slide 40 text
4. Embrace the constraints
of open source
Slide 41
Slide 41 text
5. Minimize Friction
Slide 42
Slide 42 text
Friction (n) - the time it takes to go
from "I want to contribute" to "I have"
Slide 43
Slide 43 text
3. Open source
in regulated environments
Slide 44
Slide 44 text
Version control captures
who made what change when
Slide 45
Slide 45 text
Open source workflows
capture (and expose)
process
Slide 46
Slide 46 text
How open source captures process
1. Chat (and issues)
2. ChatOps
3. Continuous Integration
4. Code Reviews
5. Deployments
Slide 47
Slide 47 text
Chat (and issues)
Slide 48
Slide 48 text
Chat is inherently asynchronous
Slide 49
Slide 49 text
Chat captures and exposes
who made what decision why
Slide 50
Slide 50 text
ChatOps
A shared command-line for development teams
Slide 51
Slide 51 text
Meet Hubot
Slide 52
Slide 52 text
CultureOps
Slide 53
Slide 53 text
DevOps
• View cameras in our datacenter
• Search error logs
• Manage and trigger alerts
• Perform server maintenance
• Configure load balancer
• Provision servers
• Adjust firewalls
• Activate DDoS mitigation
• Configure DNS
• Manage background jobs
• Deploy to production
Slide 54
Slide 54 text
Continuous Integration (CI)
Slide 55
Slide 55 text
Required build statuses
Slide 56
Slide 56 text
Nothing gets deployed unless
tests are green
Slide 57
Slide 57 text
Code reviews
Slide 58
Slide 58 text
Nothing gets deployed unless
reviews are green
Slide 59
Slide 59 text
Deployments at GitHub
On the pull request
in Chat
Slide 60
Slide 60 text
How you work
is as important as
what you work on
Slide 61
Slide 61 text
Open source workflows
in highly regulated environments
@benbalter
ben.balter.com
ben.balter@github.com