Embed Size (px)
Citation preview
Episerver
Episerver
DevOps and DevSec with EpiserverJoona Immonen Software architect Solita Oy https://www.linkedin.com/in/joonaimmonen
Twitter@rinorragi@SolitaOy
Episerver
THIS IS SOLITATurnover 2015
49,7Million euros
Nearly
500professionals
Over
20years
Working in
3offices
Over
1000projects
Over
97 %customer
satisfaction
Ranking
6.in Great Place to
Work
in Finland 2015
Ranking
43.in European
Best Workplaces
Episerver
About me
• 1985 Hello world
• 1989 DOS basics
• 1999 Got first time paid from
IT stuff
• 2001 First IT job
• 2001-2016 Nerd stuff
Episerver
What is DevOps
Episerver
DEVELOPMENT ENVIRONMENT
Episerver
NEW GUY JOINS YOUR PROJECT
http://theworstthingsforsale.com/2012/12/05/html-for-babies/
Episerver
TWO STEPS PLAN
1. Install windows features and software with script
2. Install project specific settings with script
Episerver
CHOCOLATEY
• Package Manager for
Windows
• Use it by installing software
• or by using Windows Package
Manager
• Do not overtrust packages
https://chocolatey.org/content/images/logo_square.svg
Episerver
DEMO
Show chocolatey scripts…
https://github.com/solita/powershell-
webdevelopertools/blob/master/install/workstation-install.ps1
Episerver
SERVER INSTALLATION
Episerver
NEW SERVERS ARE WAITING FOR SETUP
Episerver
WHICH WILL YOU CHOOSE?
WIZARDS SCRIPTS
https://pixabay.com/en/magician-ball-boy-kid-magic-1454487/
https://pixabay.com/en/abstract-lines-numbering-system-1231863/
Episerver
DEMO
Show server installation scripts…
https://github.com/solita/powershell-
webdevelopertools/blob/master/install-episerver/server-install.ps1
Episerver
BUILDING A BUILD PIPELINE
Episerver
EXPANDING YOUR PIPELINE
• Can I build a cloud environment like I build my code?
• Should I have separated pipeline for infrastructure?
• Are my build jobs so important that they should be under version
control?
• Should I version my build configurations?
Episerver
https://pixabay.com/en/yes-board-school-font-education-593834/
Episerver
PIPELINE AS A CODE
• Setup a groovy script
• Create Jenkins Job DSL
job with the groovy script
• Build your build jobs with
build job
Episerver
YOU GET A NICE PIPELINE VIEW TOO
Episerver
Used Jenkins pluginsMSBuild Plugin
xUnit Plugin
MSTest plugin
MSTestRunner plugin
PowerShell plugin
Visual Studio Code Metrics Plugin
HipChat Plugin
Performance Plugin
Sonarqube plugin
OWASP-Dependency-Check Plugin
ZAProxy Plugin
New Relic Deployment Notifier Plugin
Gravatar plugin
Dynamic Parameter plugin
Selenium HTML report
Thinbackup
Violations plugin
Timestamper
Delivery Pipeline Plugin
Job DSL
Build pipeline plugin
Build Name Setter Plugin
Git plugin
Test stability history
Episerver
EXAMPLE GROOVY SCRIPT
Under work™ example can be found at:
https://github.com/Rinorragi/pipeline-
template/blob/master/dotnet/jobs/Main.groovy
Episerver
WHAT IS DEVSEC?
Episerver
WHAT IS INFORMATION SECURITY?
InfoSec
Confidentiality
AvailabilityIntegrity
Episerver
Hack youself first!
DevSec is a culture where
developers
• are security aware
• break stuff
• automate breaking stuff
https://commons.wikimedia.org/wiki/File:Syrian.hacker.jpg
Episerver
DevSec in Agile cycle
Training
Policies
Design
Develop
Deploy
MonitorMotivation
News
Episerver
CYBER SECURITY PIPELINE
Episerver
Design
Threat analysis
Policy review
Architecture
Develop
Static code analysis
Known vulnerability
analysis
Deploy
Web application security testing
Network scanning
Attack surface analysis
Monitor
Incident & response
Alerts
Episerver
DevelopFxCop
SonarQube
Code Analysis
Code Metrics
OWASP Dependency check
DeployBurp suite
Acunetix
OWASP ZAP
Nessus
jMeter
MonitorElasticsearch
Greylock
NewRelic
HipChat / Slack
Dashing.io
Episerver
GIT AS A TICKET STATUS MONITOR
Episerver
USING FEATURE BRANCHES
SUPPORT-1
branchTEST
QA
PROD
(master)
Feature
being
developed
Pull request
for code
review
Ready for
customer
testing
Go live
Episerver
TIPS & TRICKS
•Use DIFF to see what tickets are on which environment
•Query Jira to see if it matches with GIT
•Put everything on the screen
Episerver
SUPPORT SITUATION
TODO REVIEW QA PROD
SUPPORT-1
SUPPORT-2
SUPPORT-5 SUPPORT-73
SUPPORT-28
SUPPORT-21
SUPPORT-13
Episerver
BEING A HERO THAT YOUR PROJECT MANAGER LOVES
https://pixabay.com/en/superman-lego-superhero-hero-super-1275374/
Episerver
Thanks!
Learn PowerShell and
prosper!
