Optimizing Developer Workflow with Sourcegraph

Optimizing Developer Workflow with Sourcegraph https://sourcegraph.com

Prosper Otemuyiwa Co-founder, forloop Africa & Eden Life Developer Advocate,
Sourcegraph

Build. Ship. Scale. The Software Developers’ Mantra >>>

Building, shipping & scaling great software is hard. The Software
Developers’ Excruciating Pain>>>

Developer Tools that make you move fast, and at scale.
The Software Developers’ Best Companion >>>

Fast & Scalable Code Search. #1. Developer Workflow Optimization with
Code Search >>>

“Knowledge is of two kinds. We know a subject ourselves,
or we know where we can ﬁnd information upon it” - Samuel Johnson

Sourcegraph’s users report an average of 30 mins a day
saved by using code search. #1. Developer Workflow Optimization with Code Search >>>

When you have 500 engineers searching code repos, multiple times
a day, throughout each day, that’s huge time savings #1. Developer Workflow Optimization with Code Search >>>

#1. Developer Workflow Optimization with Code Search >>>

#1. Developer Workflow Optimization with Code Search >>> LITERAL SEARCH

#1. Developer Workflow Optimization with Code Search >>> REGULAR EXPRESSION
SEARCH

#1. Developer Workflow Optimization with Code Search >>> STRUCTURAL SEARCH

Jump to deﬁnitions & Find code references in a jiffy!
#2. Developer Workflow Optimization with Efﬁcient Code Browsing >>>

#2. Developer Workflow Optimization with Efﬁcient Code Browsing >>> Code
Intelligence

#2. Developer Workflow Optimization with Efﬁcient Code Browsing >>> Find
References

#2. Developer Workflow Optimization with Efﬁcient Code Browsing >>> Jump
to Deﬁnition

“You don’t have to know everything, but you should learn
how and where to ﬁnd the things you need and want to know” - Albert Einstein

Change code everywhere (hundreds of repos) with a single declarative
ﬁle. #3. Developer Workflow Optimization with Batch Changes >>>

#3. Developer Workflow Optimization with Batch Changes >>>

#3. Developer Workflow Optimization with Batch Changes >>> Get started
with Batch changes in less than 10 mins. Batch Changes Quick Start Guide >>>

#4. Developer Workflow Optimization via Optimized Vulnerability Discovery >>> Find
secrets, tokens, keys across the entire org’s codebase via optimized code search.

#4. Developer Workflow Optimization via Optimized Vulnerability Discovery >>> Regex
Secret Search

#4. Developer Workflow Optimization via Optimized Vulnerability Discovery >>> repo:[our
targeted repos]$ patterntype:regex // Strings longer than 32 characters, maybe base-64 encoded ("[a-z0-9+/]{32,}=?"|'[a-z0-9+/]{32,}=?'|`[a-z0-9+/]{32,}=?`) // Private keys -----BEGIN (RSA )?PRIVATE KEY----- // Lines ending with "=" (likely base64 values) [a-z0-9+/]+==?(['"],?)?\n

targeted repos]$ patterntype:regex (token|secret|password|credential|key|private|sensitive)[^a-z0-9+/\n]+[a-z0-9+/]{16,}(['"] ,?)?\n or // Likely k8s secrets (kind: secret|kind secret|kubectl create secret) or //Slack (xox[pborsa]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32}) or // GitHub [gG][iI][tT][hH][uU][bB].*['|\"][0-9a-zA-Z]{35,40}['|\"] // Google, GCP, GSuite AIza[0-9A-Za-z\\-_]{35} or [0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com or ya29\\.[0-9A-Za-z\\-_]+

targeted repos]$ patterntype:regex (credential|secret|private|\Wkey\W|token|sensitive|password|s ession|auth|license|\Wid\W) or [sS][eE][cC][rR][eE][tT].*['|\"][0-9a-zA-Z]{32,45}['|\"]

#4. Developer Workflow Optimization via Optimized Vulnerability Discovery >>> Find
exact vulnerable dependencies

How to make Sourcegraph a part of your dev tools
stack? Integrating Sourcegraph to You & Your Team’s Workflow >>>

Integrating Sourcegraph to You & Your Team’s Workflow >>> •
What’s the best way to run a trial of Sourcegraph in my team/org? ◦ Running a Sourcegraph trial/POC • How can I best communicate the value of code search to developers who’ve not used it before? ◦ See how developers at Uber, Lyft, Yelp depend on Sourcegraph every day

Integrating Sourcegraph to You & Your Team’s Workflow >>> •
Sign up on Sourcegraph Cloud (sourcegraph.com) ◦ Team Support (early access) on Sourcegraph Cloud coming in December, 2021

• Hiring more engineers is good, leveraging better developer tools
is great. • Make it a priority to bring the best developer tools to your organization. Developer Wisdom >>>

• Search over 2.1M open source & public repositories across
GitHub & Gitlab. • Search private code across several repositories • Precise code intelligence • Automation of large scale code changes via Batch changes. • Code monitoring • Code insights (still in beta) #1. Recap: Why you need to Optimize Developer Workflow with Sourcegraph >>>

#2. Recap: Why you need to Optimize Developer Workflow with
Sourcegraph >>> • Developer velocity - Help all your developers to move fast. With code intelligence & great search, code discovery is a walk in the park. • Onboarding new developers to a codebase - The faster developers can understand your massive codebase, the better. • Codebase refactors (batch changes) - as codebase grows, you need to refactor the codebase more intelligently.

Learn more about Sourcegraph >>> https://learn.sourcegraph.com

Sourcegraph Resources! • learn.sourcegraph.com • docs.sourcegraph.com • dev.to/sourcegraph • about.sourcegraph.com/blog
• info.sourcegraph.com/dev-tool-time • about.sourcegraph.com/podcast

Twitter: @unicodeveloper GitHub: @unicodeveloper Thanks & Optimize your dev. workflow
today!

Optimizing Developer Workflow with Sourcegraph

Optimizing Developer Workflow with Sourcegraph

More Decks by Otemuyiwa Prosper

Other Decks in Programming

Featured

Transcript