1

Nexus World Tour - Boston 2016

with

2

About Me

Ernie SavoieVice PresidentGlobal Investment Technology

• Highly respected industry innovator.• Over 22 years at MFS. • Worked in both operations and development. • CI/CD evangelist.• Passionate about fly fishing.

About MFS

• Global Asset Manager - founded in 1924

• 1,900 employees worldwide

• The firm ranked as the 24th largest money management firm in the US according to Institutional Investor magazine and 12th largest U.S. mutual fund manager, according to research firm Strategic Insight

• Eighth straight year ranked one of the "Best Mutual Fund Families" by Barron's

Our Development Environment

• Java and .NET shop• 200 developers • TFS code repository – 300 team projects• 100 plus critical applications• Jenkins build servers• Nexus • AppScan• SonarQube• UDeploy

5

Benefits of Jenkins and Nexus

• Helped us manage the growth of external resources • Standardize desktop development environment• Shortened the onboarding time for developers • Inventory and manage artifacts used and produced by the

development teams • Improve security and code quality • Understand and reduce risks associated with open source licensing• Improve traceability in development and deployment process.

• Which modules were built and when.• Which sources were used • Dependencies used• Environment variables• What packages were installed and where

6

• Had tremendous growth. Been very successful in attracting new and retaining existing clients

• Investing in technology. New systems. Upgrades to existing systems. • Growing staff.

• How were we as a technology team going to manage this?• How do we manage and measure the work of outside resources?• How do we quickly spin up development teams?• What can we do to improve quality of our work?• Is the code secure?• What changes have been introduced and where are they used? • Who has access to what systems and components.• Can we automate these tasks?

Managing Growth

7

Implement SonarQube

8

• Only a small subset of critical applications were on boarded.

• Many inconsistencies in the TFS build environment.

• Lack of centralized build management and reporting.

• Poor adoption.

• Didn't really resolve many of the other issues we had.

Limited Success

9

Solution: Replace Build Servers

Partnered with

10

Asking The Right Questions

11

What's Your Branching Strategy?

12

Where Do You Store Your Artifacts?

Managing Artifacts

14

How Many Templates?

15

Adopt Maven and NuGet

16

Scope Increase

Adoption of these tools forced us to address many core issues

• Restructure code repositories for standardized branching• Manage artifacts by implementing Nexus• Standardize our development structure by adopting Maven and

NuGet• Upgrade developer's IDE• Standardize developer desktop configuration• Develop standards• Train developers

17

More Changes

• Implement Udeploy for deployments. Integrated nicely with what we were doing with Nexus

• Adopt AppScan and integrate with Jenkins

• Implement Nexus LifeCycle.

18

Benefits of Jenkins and Nexus• Far reaching. Helped us address our core issues and breed good

habits.• Helped us manage the growth of external resources • Standardize development environment• Shortened the onboarding time for developers through the use of

Maven and NuGet.• Inventory artifacts. Both internal and external.• Improve security and code quality through automated builds and

scanning (Application security certification process)• Understand and reduce risks associated with open source licensing• Helped us define traceability and accountability in development and

deployment process.• Which modules were built• Which sources were used • Dependencies used• Environment variables• What packages were installed and where

19

Recommendations

Don't just implement solutions. Develop a strong core.

20

Recommendations

There is not always a single right answer. Make a decision and go from there.

21

Recommendations

Build off your successes.

22

Recommendations

Work with an experienced partner that can help quickly identify roadblocks and develop a roadmap to the future.

23

About Me

Randy HowieCEOBlack Diamond Software

• Artificial Intelligence Research at Carnegie Mellon University• Founded Black Diamond Software in 1990• From innovative software developers to ALM experts and

evangelists• Co-Author of Our ALM Transformation Solution• I love tennis and my two daughters• Have given Roger Federer advice about raising daughters

About Black Diamond Software

• ALM Transformation Specialists• Agile, Continuous Delivery, DevOps, Continuous Quality Transformations• Atlassian, CloudBees, Sonatype, Docker, Puppet• Have successfully completed end to end Enterprise CD• Successfully completed one of the earliest and largest Nexus lifecycle

implementations

You are practicing Continuous Delivery (CD) when:

• Software is deployable throughout its lifecycle

• Teams prioritize keeping software deployable over new features

• Anybody can get fast, automated feedback on the production readiness of systems any time somebody makes a change

• Deployments of any version of the software to any environment on demand are push-button

Continuous Delivery

Impacts the entire application development lifecycle:

1. All changes must tie back to requirements/defects

2. SCM workflows must keep software deployable when it changes

3. Builds must be tied to SCM changes from one build to the next

4. The supply chain of software components must be managed

5. Deployment tools must create a pipeline that enables us to push artifacts to increasingly more production-like environments and track which executables are deployed to which environments.

Continuous Delivery

27

Packages for Continuous Delivery and Quality

Agile Panning

SCM Continuous Delivery

Software Lifecycle

Management

1,All changes must tie back to requirements and defects

2,SCM Workflows must keep software deployable when it changes

3,Builds must be tied to SCM changes from one build to the next

4,The supply chain of software components must be carefully managed

1

4

2

3

Adoption

Status Quo

AutomationManual

Agility, Continuous Integration and

Delivery

Tool Centric, Separation of

Tools and Development

Agilenistas,Separation of

Process and Tools

Legacy Tools and Processes

CD Transformation

Maturity Quadrant for ALM Transformation

Blueprint for Continuous Delivery and Quality

MFS Continuous Delivery Workflow

Nexus LifecycleComponent Intelligence andContinuous Delivery

Establish Policy – Different groups, different applicationsPolicy must be consistent with definition of quality

Component intelligence can be assessed at different points in the lifecycleNexus Repository: component selectionNexus LifeCycle: build and deployement

Establish a test-fast CD approach, using Nexus Repository to intelligently select comonentsDesign CI builds for fast, test-early, shift-left detectionLifeCycle Scan after nightly and release builds Component intelligence is essential to achieve true CD

Goals and KPIs

Goals• Improve Quality• Increase Efficiency• Reduce Deployment Issues

KPIs• Production Defects• Development Velocity• Deployment Issues

Recommendation ACTION: Improve Quality

Quality Analysis

• Static Code Quality Analysis• Vulnerability Detection• Continuous Integration• Test Driven Development• Peer Review• Shift Left Testing

Traceability

• Continuous Delivery• End to End Traceability• Feature Driven Development

Recommendation ACTION: Increase Efficiency

• Build Automation• Test Automation• Deployment Automation• Traceability Automation

Process Improvements

• Agile Development• Continuous Delivery• Process Uniformity

Automated Processes

Recommended ACTIONS: Reduce Deployment Issues

Continuous Integration – Root out integration issues by compiling applications and unit testing them each time changes are made.Continuous Delivery – Keeping the code always deliverable to reduce errors from partial implementationsDeployment Automation – Automating all deployments reduces errors from manual processes.

Transformation Cycles

37

Questions