10 reasons your software sucks 2014 - tax day edition!
Post on 10-May-2015
Embed Size (px)
DESCRIPTIONBased on years of consulting, and working with some of the largest (and smallest) software companies in the world.. these are the 10 practices that if you started doing today, would drastically improve the quality and delivery of your software! Also, be sure to hang around afterwards in the Open Spaces area.. Caleb will be around to discuss any of the areas from his talk in more detail. It’s going to be great time! Topics hit on: Object Oriented Principals, SOLID Coding, Security Concerns, Software Patterns, Automated Testing, Source Control - Branching and Merging Strategies, Continuous Integration, Agile | Scrum | XP | Lean, Team Dynamics, Continually Learning
- 1.Development Experience Object Orientation SOLID + Patterns + Simple Design Secure Coding Infrastructure Automated Tests Source Control Automated Builds Team Process Agile, Lean, XP Team Dynamics Continuous Learning Building teams that engineer better software Development Infrastructure Team Process
2. developingUX.com speakermix.com/calebjenkins @calebjenkins #ctcc14 3. developingUX.com speakermix.com/calebjenkins @calebjenkins #ctcc14 4. Building teams that engineer better software 5. Development 6. Development Testable Repeatable Maintainable Reliable-able Scalable Extensible Deliverable Workable 7. (User) Experience Matters! 8. Experience is Reality User Experience (UX) Developer Experience (APIs & SDKs) Reality is Perception Perception is the 9. uiux ia uxd visual design 10. Experience is the Product ui backend ux security performance scalability ux ia uxd visual design 11. Experience is the Product 12. (Code) Quality Matters! 13. Development Object Orientation Its amazing how many people write procedural code in an OO environment OO Procedural Functional Use Right Tool for the Right Job Its amazing how many people write procedural code in an OO environment Encapsulation Inheritance Polymorphism 14. The single greatest thing that you can do to make your code more testable and healthy is to start taking a Dependency Injection approach to writing software - Real World .NET, C# and Silverlight Wrox Press 2012 Caleb Jenkins 15. Note: Dependency Injection will turn you in to a complete coding Ninja, however the full scope of DI with any of the many DI frameworks is beyond the scope of this talk 16. http://developingUX.com/di/ 17. Development Experience Object Orientation SOLID + Patterns + Simple Design 18. Development Experience Object Orientation SOLID + Patterns + Simple Design 19. Vocabulary Scenarios Answers SOLID + Patterns + Simple Design 20. Patterns MVC MVP MVVM Repository Factory Strategy 21. Patterns MVC MVP MVVM Repository Factory StrategyDecorator Facade Visitor Chain of Responsibility Abstract Factory State 22. Patterns MVC MVP MVVM Repository Factory StrategyDecorator Facade Visitor Chain of Responsibility Abstract Factory More More More State MoreMore More 23. Patterns MVC MVP MVVM Repository Factory StrategyDecorator Facade Visitor Chain of Responsibility Abstract Factory More More More State More More MoreMore More More More More More MoreMoreMore More More More More More More More 24. MVC Repository Abstract Factory or Strategy SOLID + Patterns + Simple DesignSOLID + Patterns + Simple Design 25. Any intelligent fool can make things Bigger, more complex and more violent It takes a touch of Genius and a lot of courage to move in the opposite direction Albert Einstein 26. SOLID + Patterns + Simple Design 27. Development Experience Object Orientation SOLID + Patterns + Simple Design 28. Development Secure Coding Experience Object Orientation SOLID + Patterns + Simple Design 29. Secure Coding http://developingux.com/2010/02/10/secure-coding-101/ 30. Secure Coding Play in a Sandbox Dont Use Passwords Input is Evil runtime memory least privilege safe libraries 31. http://xkcd.com/327/ 32. Defense in Depth (MS03-007) Windows Server 2003 Unaffected The underlying DLL (NTDLL.DLL) not vulnerable Code made more conservative during Security Push Even if it was running IIS 6.0 doesnt have WebDAV enabled by default Even if it did have WebDAV enabled Maximum URL length in IIS 6.0 is 16kb by default (>64kb needed) Even if it was vulnerable IIS 6.0 not running by default on Windows Server 2003 Even if it there was an exploitable buffer overrun Would have occurred in w3wp.exe which is now running as network service Even if the buffer was large enough Process halts rather than executes malicious code, due to buffer-overrun detection code (-GS) 33. Defense in Depth (MS03-007) Windows Server 2003 Unaffected 34. Multiple redundant safety systems. Nuclear plants are designed according to a "defense in depth" philosophy that requires redundant, diverse, reliable safety systems. Two or more safety systems perform key functions independently, such that, if one fails, there is always another to back it up, providing continuous protection. - Nuclear Energy Institute 35. System Failures can be Bad 36. System Failures can be Bad 37. Secure Coding http://msdn.microsoft.com/security/ 38. Development Object Orientation SOLID Patterns Secure Coding 39. Team Work 40. Team Work Friction Communication Silos Coordination Toe Stepping Throughput 41. Do Test code you Your ? 42. Unit Do Test code you Your ? 43. Unit Do Test code automated you Your ? 44. whats the difference? 45. Traditional Test 46. Unit Test 47. Automated Test 48. TDD / BDD 49. They have a great brand, an awesome business model but their technical debt is killing them - Carl Sparks CEO Travelocity talking about another company 50. Automated unit tests make up one of the core staples in reducing technical debt, and improving a teams overall code quality - Real World .NET, C# and Silverlight Wrox Press 2012 Caleb Jenkins 51. I test my app I test units of work in my app I run automated unit tests I test first I write executable specs to test my app It compiled didnt it? DI + Mock are my best friends CI FTW! Red, Green, Refactor Rinse + Repeat! given when then 52. I back up my code File Share VSS was free Branch + Merge Release Strategy Automated Builds CI, Automated Deploy Thumb drives are awesome! Network Share is +1 from thumb drive So was herpes Freedom to code! worked on my machine take THAT auditors! TFS, SVN, GIT 53. // trunk // r1 // dev1 // dev 2 // dev 3 // r2 // r3 // r1.1 // trunk // // svn consider: branch early vs branch late strategy 54. Developer Operations Source Control Production Common Deployment Scenario Retrieve Source compile + send binaries configure + deploy binaries 55. Developer Operations Source Control Production Common Deployment Scenario Retrieve Source compile + send binaries configure + deploy binaries 56. Developer Operations Source Control Production Improved Deployment Scenario Updates Source send .build script runscript getsource buildbin configure + deploy binaries 57. Developer Operations Source Control Production Improved Deployment Scenario Updates Source send .build script runscript getsource buildbin configure + deploy binaries 58. IDE Build CI Multi- Environment Builds Build from script Hands Off Deployment F5 is How I Roll Included in TFS, Cruise Control, Team City, Jenkins CI Dev, Test, Stage, Production Source? Yes, run this .build Disaster Recovery Plan + Auditor Compliance done 59. Process 60. Plan 61. DoPlan 62. DoPlan DP DP DP 63. DoPlan DP DP DP 64. Agile, Lean, XP Scrum Kanban Push Pull Learn by doing Daily Stand Ups Size Units of WorkProduct Backlog Sprint Backlog 65. WAIT! What about Task boards, Information Radiators Reducing Work In Progress, Time Boxing Self Organization, Pull vs Push, Empowerment, Continuous Learning, Planning Poker, Story Sizing, Velocity, Team Swarming etc, etc, etc.. 66. Scrum is Simple not to be confused with easy 67. Team Dynamics Pairing colocation colocation mentality (virtual) ownership Information Broadcasting self organizing silos cross- functional 68. http://www.youtube.com/watch?v=Q6jMgmPIxmk 69. A.B.L. Always Be Learning 70. Continuous Learning How do you learn? Sources? Blogs Podcasts Conferences Books 71. Continuous Learning http://dimecasts.net/ 72. What are we saying here? 73. Be PASSIONATE about what you do 74. Development Infrastructure Team Process 1 Experience 2 Object Orientation 3 SOLID + Patterns+ SimpleDesign 4 Secure Coding Building teams that engineer better software 5 Automated Tests 6 Source Control 7 Automated Builds 8 Agile, Lean, XP 9 Team Dynamics Continuous Learning 10 75. http://www.flickr.com/photos/robbie_ewing/4407711326/ http://www.flickr.com/photos/phill_dvsn/2999253384/sizes/l/ http://www.flickr.com/photos/nikophoto33/3153621333/ http://www.flickr.com/photos/houseofsims/3121970656/ http://www.flickr.com/photos/houseofsims/3121146677/ Michael Cummings - http://dreaminpictures.com 76. http://www.flickr.com/photos/planetpixel/1450985177/ http://www.flickr.com/photos/trinhanhtuan/3292319375/ http://www.flickr.com/photos/pagedooley/2760837590/ http://www.flickr.com/photos/pagedooley/3049370253/ http://www.flickr.com/photos/bruceberrien/4262228892/ http://www.flickr.com/photos/8363028@N08/3050922569/ http://www.flickr.com/photos/houseofsims/3121979028/ 77. http://www.flickr.com/photos/pagedooley/1856663523/ http://www.flickr.com/photos/joelogon/3161771573/ http://www.flickr.com/photos/carbonnyc/2294144289/ http://www.flickr.com/photos/shadowgate/4515454160/ http://www.flickr.com/photos/grahamcrewe/396400543/ http://www.lostechies.com/blogs/derickbailey/archive/2009/02/11/s olid-development-principles-in-motivational-pictures.aspx 78. Copyright 2011 Buddy Lindsey Used with Permission 79. developingUX.com speakermix.com/calebjenkins @calebjenkins