SlideShare une entreprise Scribd logo

How To Maintain Million Lines Of Open Source Code And Remain Sane or The Story of MidPoint

Radovan Semancik
Radovan Semancik

Architecture, development and maintenance of Evolveum midPoint.

Technologie
1  sur  48
Télécharger pour lire hors ligne
How To Maintain Million Lines Of Open Source Code And Remain Sane* or The Story of MidPoint Radovan Semančík Rubyslava, October 2018 * More or less. More less than more.
Radovan Semančík Software Architect at Evolveum Architect of midPoint Apache Foundation Committer Contributor to several open source projects Still (more or less) sane
WARNING Controversial statements ahead! Political correctness (very) limited. Mental health hazards. Dogmatic buzzword followers should leave now. HIC SUNT LEONES
Project midPoint ● Identity management and governance ● Open source (Apache License) ● Started in 2011 by Evolveum (self-funded) ● Approx. 1 million lines of code ● Mostly written in Java
What is Identity Management? System admin Requester Approver Users Provisioning system HR CRM Application Application Application Application A M Identity repository
… and Identity Governance? ● Beyond Role-Based Access Control (RBAC) ● Organizational structure ● Delegation, Audit, etc. ● Role assignment and re-certification ● Policies (e.g. SoD) ● Maintenance of role model (role lifecycle) ● Risk assessment ● Compliance
MidPoint Development ● Everything is open source (see github) ● Evolutionary approach (iterative+incremental) ● At least 2 releases per year (26 releases) ● Team of 5 full-time developers (+contributors) ● High development activity (100-200 commits/month)
MidPoint Big Picture midPoint Source systems Identity conncetors Target systems
MidPoint Big Picture midPoint Source systems Identity conncetors Target systems Monolith? Not really!
MidPoint Architecture
Components, Source Code Structure
Dependencies (2010-2012) ● Spring ● Java Server Faces ● XML (DOM) ● JAX-B ● JAX-WS ● ESB (BPEL) ● Activiti BPM (BPMN.2) ● Jasper Reports ● Hibernate
Dependencies (2018) ● Spring + Spring Boot ● Java Server Faces Apache Wicket ● XML (DOM) + JSON + YAML ● JAX-B : (almost) replaced ● JAX-WS : not used much any more ● ESB (BPEL) : replaced before midPoint started ● Activiti BPM (BPMN.2) : going to be replaced ● Jasper Reports : not very useful, will it survive? ● Hibernate : may be replaced later on
Dependencies : Lessons Learned ● Faster start of the project ● Do not reinvent the wheel … unless the wheel is in fact a square ● Do not depend on dependencies too much ● Understand how they work – and why they fail ● Have a “Plan B” to replace them later on
Architecture? “REST”, Microservices, Web frameworks, … That’s not architecture!
Architecture! “REST”, Microservices, Web frameworks, … That’s not architecture! This is architecture Components, subsystems, interfaces, modules, separation of concerns You really should pay attention in software engineering classes.
Data Model ● Extremely important ● As important as architecture ● Cross-cutting concern ● Performance, scalability, evolvability, … ● Changes often – especially at the beginning ● Evolution - compatibility ● Experimental features
Data Model DB Business Logic User Interface Integration
Data Model Change DB Business Logic User Interface Integration CHANGE CHANGE CHANGE CHANGE
Data Model : Schema DB Business Logic User Interface Integration CHANGE Schema
MidPoint : Prism Schema (now) DB Business Logic User Interface Integration XSD++ Prism Schema Generated classesJAXB parse
MidPoint : Prism Schema (future) DB Business Logic User Interface IntegrationXSD++ (or whatever) Prism Schema + Generated classes parse
MidPoint : Prism Schema in UI CUSTOM SCHEMA EXTENSION
XML, JSON, YAML and Friends Prism Object : UserType Parser / Serializer Prism Schema name: foo givenName: Foo familyName: Bar fullName: FooBar { “name” : “foo”, ”givenName” : “Foo”, ”familyName” : “Bar”, ”fullName” : “Foo Bar” } <user> <name>foo</name> <givenName>Foo</gi <familyName>Bar</fa <fullName>Foo Bar</ </user> Whatever data format will become fashionable next year
XML, JSON, YAML and Friends
Prism Deltas
Big Problem of Consistency midPoint Source systems Identity conncetors Target systems MidPoint DB
Transactions / MVCC midPoint Source systems Identity conncetors Target systems MidPoint DB YE S
Transactions / MVCC midPoint Source systems Identity conncetors Target systems MidPoint DB YE S Limited MVCC (maybe)
Transactions / MVCC midPoint Source systems Identity conncetors Target systems MidPoint DB YE S MVCC (maybe) Limited NO What is a “transaction” ? No way!
“Relativistic” Consistency ● Deltas are usually relative (add, delete) ● Apply delta in any order => equivalent value ● We need unordered multi-values for that … but ordering is seldom needed ● There are still some weak spots (e.g. replace) ● But conflicts are quite unlikely ● “Reconciliation” as safety net Heureka! It works!
Prism : Much More ● Static schema (compile-time) ● Dynamic schema (run-time) ● “Superdynamic” schema ● Raw data – We do not have complete schema at parse-time ● Deltas (schema-aware) ● Search filters (schema-aware, of course) ● Lifecycle (versioning, deprecated, experimental)
Questions You Surely Want To Ask ● Why XSD? – Because midPoint started in 2011 – Because JSON Schema and others are equally bad ● Namespaces? QNames? – Yes, we use them (even in JSON and YAML) – No, we are not crazy (yet) – End user (usually) does not need to deal with them – QName == URI – Benefits: extensibility, versioning
RESTful API ● “REST” part and RPC part (and some overlap) ● Full schema support: XML, JSON, YAML ● Big problem of REST: modifications … but we do not worry, we have deltas ● SOAP to REST in five easy steps http://…/rest/users/02c15378­c48b­11e7­b010­1ff8606bae23 http://…/rest/users http://…/rest/tasks/c68d7770­...­9bec1fc3b57c/suspend http://…/rest/notifyChange REST (almost) RPC
Testing ● Automated integration testing – Thousands of test cases – Still based on unit test framework (TestNG) – Embed what you can (DB, LDAP server, ...) ● Not that much unit tests – Are you crazy? Yes … I mean: No! – Remember: code generated from schema + compiler – Unit test maintenance is very expensive ● End-to-end tests – in progress ● Test-Driven Bugfixing (TDB)
Designed For (Integration) Testability
Rolling-Wave Approach 2018 2019 2020 2021 v3.9 exact plan v4.0 rough plan ??? v5.0 here or maybe not v4.1 some plan v4.2 maybe v4.3 probably 2018 2019 2020 2021 v3.9 done v4.0 exact plan v5.0 here maybe v4.1 rough plan v4.2 some plan v4.3 most likely 2018 2019 2020 2021 v3.9 done v4.0 done v5.0 probably v4.1 exact plan v4.2 rough plan v4.3 some plan v4.4 maybe
Rolling-Wave Approach ● Rolling-wave planning: obvious and intuitive ● Rolling-wave approach applied to everything: – architecture, schema, features, release scope ● Create architecture that can survive decades – But do NOT implement everything – Implement only what you need now ● Design 1-3 years ahead – But do NOT implement what you don’t need now – Data model (schema), DB model, interfaces ● Implement only what you need
Questions you wanted to ask at the beginning ● Java? Really? – Really. And we use checked exceptions! – But no Java EE. We are not that crazy. – Compiler saves huge amount of time (remember: code generated from data model) – Old language +1: libraries for everything – Old language -1: you need to avoid landmines – OpenJDK – Hindsight: Java is lesser evil
Questions you wanted to ask at the beginning ● Self-funded? And still alive? – Alive and well. – Bootstrapped (FFF). No venture capital. – Beginnings were hard. Very hard. – Persistence pays off. ● Business model? – Subscription: support + new feature development – Trainings, PoCs, Architecture reviews – Professional services, projects (minimal) → partners
Summary ● Million lines of Java code, 7 years, small team … and still going fast and strong. ● Open source, self-funded … and survived! ● Good architecture, rolling-wave design ● Schema-aware from bottom to top ● Not entirely normal project
Join the Team ● Java developers, IDM engineers, … marketing ● Bratislava, Košice ... or anywhere (remote work) ● Join the team … if you are up to the challenge
For more information please visit www.evolveum.com

Recommandé

Bledar Gjocaj - Java open source
Bledar Gjocaj - Java open sourceBledar Gjocaj - Java open source
Bledar Gjocaj - Java open sourceOpen Labs Albania
 
Becoming fully buzzword compliant
Becoming fully buzzword compliantBecoming fully buzzword compliant
Becoming fully buzzword compliantTrisha Gee
 
What is scala
What is scalaWhat is scala
What is scalaPiyush Katariya
 
JavaScript for Enterprise Applications
JavaScript for Enterprise ApplicationsJavaScript for Enterprise Applications
JavaScript for Enterprise ApplicationsPiyush Katariya
 
Java Certification by HUJAK - 2015-05-12 - at JavaCro'15 conference
Java Certification by HUJAK - 2015-05-12 - at JavaCro'15 conferenceJava Certification by HUJAK - 2015-05-12 - at JavaCro'15 conference
Java Certification by HUJAK - 2015-05-12 - at JavaCro'15 conferenceHUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
History of Java 2/2
History of Java 2/2History of Java 2/2
History of Java 2/2Eberhard Wolff
 
OSGi Community Event 2010 - OSGi and Android
OSGi Community Event 2010 - OSGi and AndroidOSGi Community Event 2010 - OSGi and Android
OSGi Community Event 2010 - OSGi and Androidmfrancis
 
Waterfalls for agile cambridge
Waterfalls for agile cambridgeWaterfalls for agile cambridge
Waterfalls for agile cambridgeSteve Wells
 

Recommandé

Bledar Gjocaj - Java open source
Bledar Gjocaj - Java open sourceBledar Gjocaj - Java open source
Bledar Gjocaj - Java open sourceOpen Labs Albania
 
Becoming fully buzzword compliant
Becoming fully buzzword compliantBecoming fully buzzword compliant
Becoming fully buzzword compliantTrisha Gee
 
What is scala
What is scalaWhat is scala
What is scalaPiyush Katariya
 
JavaScript for Enterprise Applications
JavaScript for Enterprise ApplicationsJavaScript for Enterprise Applications
JavaScript for Enterprise ApplicationsPiyush Katariya
 
Java Certification by HUJAK - 2015-05-12 - at JavaCro'15 conference
Java Certification by HUJAK - 2015-05-12 - at JavaCro'15 conferenceJava Certification by HUJAK - 2015-05-12 - at JavaCro'15 conference
Java Certification by HUJAK - 2015-05-12 - at JavaCro'15 conferenceHUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
History of Java 2/2
History of Java 2/2History of Java 2/2
History of Java 2/2Eberhard Wolff
 
OSGi Community Event 2010 - OSGi and Android
OSGi Community Event 2010 - OSGi and AndroidOSGi Community Event 2010 - OSGi and Android
OSGi Community Event 2010 - OSGi and Androidmfrancis
 
Waterfalls for agile cambridge
Waterfalls for agile cambridgeWaterfalls for agile cambridge
Waterfalls for agile cambridgeSteve Wells
 
Dust.js
Dust.jsDust.js
Dust.jsYevgeniy Brikman
 
How do we drive tech changes
How do we drive tech changesHow do we drive tech changes
How do we drive tech changesJaewoo Ahn
 
Counterclockwise past present future
Counterclockwise past present futureCounterclockwise past present future
Counterclockwise past present futurelolopetit
 
LAMP is so yesterday, MEAN is so tomorrow! :)
LAMP is so yesterday, MEAN is so tomorrow! :) LAMP is so yesterday, MEAN is so tomorrow! :)
LAMP is so yesterday, MEAN is so tomorrow! :) Sascha Sambale
 
Building Modern Web Apps with MEAN Stack
Building Modern Web Apps with MEAN StackBuilding Modern Web Apps with MEAN Stack
Building Modern Web Apps with MEAN StackSuresh Patidar
 
2016 Mastering SAP Tech - 2 Speed IT and lessons from an Agile Waterfall eCom...
2016 Mastering SAP Tech - 2 Speed IT and lessons from an Agile Waterfall eCom...2016 Mastering SAP Tech - 2 Speed IT and lessons from an Agile Waterfall eCom...
2016 Mastering SAP Tech - 2 Speed IT and lessons from an Agile Waterfall eCom...Eneko Jon Bilbao
 
The working architecture of NodeJS applications, Виктор Турский
The working architecture of NodeJS applications, Виктор ТурскийThe working architecture of NodeJS applications, Виктор Турский
The working architecture of NodeJS applications, Виктор ТурскийSigma Software
 
The working architecture of node js applications open tech week javascript ...
The working architecture of node js applications open tech week javascript ...The working architecture of node js applications open tech week javascript ...
The working architecture of node js applications open tech week javascript ...Viktor Turskyi
 
The benefit of sneezing code into an editor vs clean code
The benefit of sneezing code into an editor vs clean codeThe benefit of sneezing code into an editor vs clean code
The benefit of sneezing code into an editor vs clean codeDave Hulbert
 
Angular (v2 and up) - Morning to understand - Linagora
Angular (v2 and up) - Morning to understand - LinagoraAngular (v2 and up) - Morning to understand - Linagora
Angular (v2 and up) - Morning to understand - LinagoraLINAGORA
 
Scala Days Highlights | BoldRadius
Scala Days Highlights | BoldRadiusScala Days Highlights | BoldRadius
Scala Days Highlights | BoldRadiusBoldRadius Solutions
 
Data Science Salon: A Journey of Deploying a Data Science Engine to Production
Data Science Salon: A Journey of Deploying a Data Science Engine to ProductionData Science Salon: A Journey of Deploying a Data Science Engine to Production
Data Science Salon: A Journey of Deploying a Data Science Engine to ProductionFormulatedby
 
Proud to be polyglot
Proud to be polyglotProud to be polyglot
Proud to be polyglotTugdual Grall
 
It recruitments
It recruitmentsIt recruitments
It recruitmentsNani Masters
 
Dealing With Legacy: The Real-World Experience
Dealing With Legacy: The Real-World ExperienceDealing With Legacy: The Real-World Experience
Dealing With Legacy: The Real-World ExperienceJakub Holy
 
Geoscience and Microservices
Geoscience and Microservices Geoscience and Microservices
Geoscience and Microservices Matthew Gerring
 
Path Dependent Development (PyCon AU)
Path Dependent Development (PyCon AU)Path Dependent Development (PyCon AU)
Path Dependent Development (PyCon AU)ncoghlan_dev
 
ODTUG_NoPlsql_vs_SmartDB_Part1_and_2.pptx
ODTUG_NoPlsql_vs_SmartDB_Part1_and_2.pptxODTUG_NoPlsql_vs_SmartDB_Part1_and_2.pptx
ODTUG_NoPlsql_vs_SmartDB_Part1_and_2.pptxToon Koppelaars
 
Deccan ruby-conf-talk
Deccan ruby-conf-talkDeccan ruby-conf-talk
Deccan ruby-conf-talkprchaudhari
 
Adrian Colyer - Keynote: NoSQL matters - NoSQL matters Dublin 2015
Adrian Colyer - Keynote: NoSQL matters - NoSQL matters Dublin 2015Adrian Colyer - Keynote: NoSQL matters - NoSQL matters Dublin 2015
Adrian Colyer - Keynote: NoSQL matters - NoSQL matters Dublin 2015NoSQLmatters
 
There is REST and then there is "REST"
There is REST and then there is "REST"There is REST and then there is "REST"
There is REST and then there is "REST"Radovan Semancik
 
MidPoint: Consumer to Contributor
MidPoint: Consumer to ContributorMidPoint: Consumer to Contributor
MidPoint: Consumer to ContributorRadovan Semancik
 

Contenu connexe

Similaire à How To Maintain Million Lines Of Open Source Code And Remain Sane or The Story of MidPoint

How do we drive tech changes
How do we drive tech changesHow do we drive tech changes
How do we drive tech changesJaewoo Ahn
 
Counterclockwise past present future
Counterclockwise past present futureCounterclockwise past present future
Counterclockwise past present futurelolopetit
 
LAMP is so yesterday, MEAN is so tomorrow! :)
LAMP is so yesterday, MEAN is so tomorrow! :) LAMP is so yesterday, MEAN is so tomorrow! :)
LAMP is so yesterday, MEAN is so tomorrow! :) Sascha Sambale
 
Building Modern Web Apps with MEAN Stack
Building Modern Web Apps with MEAN StackBuilding Modern Web Apps with MEAN Stack
Building Modern Web Apps with MEAN StackSuresh Patidar
 
2016 Mastering SAP Tech - 2 Speed IT and lessons from an Agile Waterfall eCom...
2016 Mastering SAP Tech - 2 Speed IT and lessons from an Agile Waterfall eCom...2016 Mastering SAP Tech - 2 Speed IT and lessons from an Agile Waterfall eCom...
2016 Mastering SAP Tech - 2 Speed IT and lessons from an Agile Waterfall eCom...Eneko Jon Bilbao
 
The working architecture of NodeJS applications, Виктор Турский
The working architecture of NodeJS applications, Виктор ТурскийThe working architecture of NodeJS applications, Виктор Турский
The working architecture of NodeJS applications, Виктор ТурскийSigma Software
 
The working architecture of node js applications open tech week javascript ...
The working architecture of node js applications open tech week javascript ...The working architecture of node js applications open tech week javascript ...
The working architecture of node js applications open tech week javascript ...Viktor Turskyi
 
The benefit of sneezing code into an editor vs clean code
The benefit of sneezing code into an editor vs clean codeThe benefit of sneezing code into an editor vs clean code
The benefit of sneezing code into an editor vs clean codeDave Hulbert
 
Angular (v2 and up) - Morning to understand - Linagora
Angular (v2 and up) - Morning to understand - LinagoraAngular (v2 and up) - Morning to understand - Linagora
Angular (v2 and up) - Morning to understand - LinagoraLINAGORA
 
Scala Days Highlights | BoldRadius
Scala Days Highlights | BoldRadiusScala Days Highlights | BoldRadius
Scala Days Highlights | BoldRadiusBoldRadius Solutions
 
Data Science Salon: A Journey of Deploying a Data Science Engine to Production
Data Science Salon: A Journey of Deploying a Data Science Engine to ProductionData Science Salon: A Journey of Deploying a Data Science Engine to Production
Data Science Salon: A Journey of Deploying a Data Science Engine to ProductionFormulatedby
 
Proud to be polyglot
Proud to be polyglotProud to be polyglot
Proud to be polyglotTugdual Grall
 
Dealing With Legacy: The Real-World Experience
Dealing With Legacy: The Real-World ExperienceDealing With Legacy: The Real-World Experience
Dealing With Legacy: The Real-World ExperienceJakub Holy
 
Geoscience and Microservices
Geoscience and Microservices Geoscience and Microservices
Geoscience and Microservices Matthew Gerring
 
Path Dependent Development (PyCon AU)
Path Dependent Development (PyCon AU)Path Dependent Development (PyCon AU)
Path Dependent Development (PyCon AU)ncoghlan_dev
 
ODTUG_NoPlsql_vs_SmartDB_Part1_and_2.pptx
ODTUG_NoPlsql_vs_SmartDB_Part1_and_2.pptxODTUG_NoPlsql_vs_SmartDB_Part1_and_2.pptx
ODTUG_NoPlsql_vs_SmartDB_Part1_and_2.pptxToon Koppelaars
 
Deccan ruby-conf-talk
Deccan ruby-conf-talkDeccan ruby-conf-talk
Deccan ruby-conf-talkprchaudhari
 
Adrian Colyer - Keynote: NoSQL matters - NoSQL matters Dublin 2015
Adrian Colyer - Keynote: NoSQL matters - NoSQL matters Dublin 2015Adrian Colyer - Keynote: NoSQL matters - NoSQL matters Dublin 2015
Adrian Colyer - Keynote: NoSQL matters - NoSQL matters Dublin 2015NoSQLmatters
 

Similaire à How To Maintain Million Lines Of Open Source Code And Remain Sane or The Story of MidPoint (20)

Dust.js
Dust.jsDust.js
Dust.js
 
How do we drive tech changes
How do we drive tech changesHow do we drive tech changes
How do we drive tech changes
 
Counterclockwise past present future
Counterclockwise past present futureCounterclockwise past present future
Counterclockwise past present future
 
LAMP is so yesterday, MEAN is so tomorrow! :)
LAMP is so yesterday, MEAN is so tomorrow! :) LAMP is so yesterday, MEAN is so tomorrow! :)
LAMP is so yesterday, MEAN is so tomorrow! :)
 
Building Modern Web Apps with MEAN Stack
Building Modern Web Apps with MEAN StackBuilding Modern Web Apps with MEAN Stack
Building Modern Web Apps with MEAN Stack
 
2016 Mastering SAP Tech - 2 Speed IT and lessons from an Agile Waterfall eCom...
2016 Mastering SAP Tech - 2 Speed IT and lessons from an Agile Waterfall eCom...2016 Mastering SAP Tech - 2 Speed IT and lessons from an Agile Waterfall eCom...
2016 Mastering SAP Tech - 2 Speed IT and lessons from an Agile Waterfall eCom...
 
The working architecture of NodeJS applications, Виктор Турский
The working architecture of NodeJS applications, Виктор ТурскийThe working architecture of NodeJS applications, Виктор Турский
The working architecture of NodeJS applications, Виктор Турский
 
The working architecture of node js applications open tech week javascript ...
The working architecture of node js applications open tech week javascript ...The working architecture of node js applications open tech week javascript ...
The working architecture of node js applications open tech week javascript ...
 
The benefit of sneezing code into an editor vs clean code
The benefit of sneezing code into an editor vs clean codeThe benefit of sneezing code into an editor vs clean code
The benefit of sneezing code into an editor vs clean code
 
Angular (v2 and up) - Morning to understand - Linagora
Angular (v2 and up) - Morning to understand - LinagoraAngular (v2 and up) - Morning to understand - Linagora
Angular (v2 and up) - Morning to understand - Linagora
 
Scala Days Highlights | BoldRadius
Scala Days Highlights | BoldRadiusScala Days Highlights | BoldRadius
Scala Days Highlights | BoldRadius
 
Data Science Salon: A Journey of Deploying a Data Science Engine to Production
Data Science Salon: A Journey of Deploying a Data Science Engine to ProductionData Science Salon: A Journey of Deploying a Data Science Engine to Production
Data Science Salon: A Journey of Deploying a Data Science Engine to Production
 
Proud to be polyglot
Proud to be polyglotProud to be polyglot
Proud to be polyglot
 
It recruitments
It recruitmentsIt recruitments
It recruitments
 
Dealing With Legacy: The Real-World Experience
Dealing With Legacy: The Real-World ExperienceDealing With Legacy: The Real-World Experience
Dealing With Legacy: The Real-World Experience
 
Geoscience and Microservices
Geoscience and Microservices Geoscience and Microservices
Geoscience and Microservices
 
Path Dependent Development (PyCon AU)
Path Dependent Development (PyCon AU)Path Dependent Development (PyCon AU)
Path Dependent Development (PyCon AU)
 
ODTUG_NoPlsql_vs_SmartDB_Part1_and_2.pptx
ODTUG_NoPlsql_vs_SmartDB_Part1_and_2.pptxODTUG_NoPlsql_vs_SmartDB_Part1_and_2.pptx
ODTUG_NoPlsql_vs_SmartDB_Part1_and_2.pptx
 
Deccan ruby-conf-talk
Deccan ruby-conf-talkDeccan ruby-conf-talk
Deccan ruby-conf-talk
 
Adrian Colyer - Keynote: NoSQL matters - NoSQL matters Dublin 2015
Adrian Colyer - Keynote: NoSQL matters - NoSQL matters Dublin 2015Adrian Colyer - Keynote: NoSQL matters - NoSQL matters Dublin 2015
Adrian Colyer - Keynote: NoSQL matters - NoSQL matters Dublin 2015
 

Plus de Radovan Semancik

There is REST and then there is "REST"
There is REST and then there is "REST"There is REST and then there is "REST"
There is REST and then there is "REST"Radovan Semancik
 
MidPoint: Consumer to Contributor
MidPoint: Consumer to ContributorMidPoint: Consumer to Contributor
MidPoint: Consumer to ContributorRadovan Semancik
 
Identity governance and data protection with mid point
Identity governance and data protection with mid pointIdentity governance and data protection with mid point
Identity governance and data protection with mid pointRadovan Semancik
 
Project midPoint or how a handful of fools fought the Giants
Project midPoint or how a handful of fools fought the GiantsProject midPoint or how a handful of fools fought the Giants
Project midPoint or how a handful of fools fought the GiantsRadovan Semancik
 
Introduction to LDAP and Directory Services
Introduction to LDAP and Directory ServicesIntroduction to LDAP and Directory Services
Introduction to LDAP and Directory ServicesRadovan Semancik
 
Identity Management with midPoint
Identity Management with midPointIdentity Management with midPoint
Identity Management with midPointRadovan Semancik
 
Complete open source IAM solution
Complete open source IAM solutionComplete open source IAM solution
Complete open source IAM solutionRadovan Semancik
 
Open Source Identity Management
Open Source Identity ManagementOpen Source Identity Management
Open Source Identity ManagementRadovan Semancik
 

Plus de Radovan Semancik (8)

There is REST and then there is "REST"
There is REST and then there is "REST"There is REST and then there is "REST"
There is REST and then there is "REST"
 
MidPoint: Consumer to Contributor
MidPoint: Consumer to ContributorMidPoint: Consumer to Contributor
MidPoint: Consumer to Contributor
 
Identity governance and data protection with mid point
Identity governance and data protection with mid pointIdentity governance and data protection with mid point
Identity governance and data protection with mid point
 
Project midPoint or how a handful of fools fought the Giants
Project midPoint or how a handful of fools fought the GiantsProject midPoint or how a handful of fools fought the Giants
Project midPoint or how a handful of fools fought the Giants
 
Introduction to LDAP and Directory Services
Introduction to LDAP and Directory ServicesIntroduction to LDAP and Directory Services
Introduction to LDAP and Directory Services
 
Identity Management with midPoint
Identity Management with midPointIdentity Management with midPoint
Identity Management with midPoint
 
Complete open source IAM solution
Complete open source IAM solutionComplete open source IAM solution
Complete open source IAM solution
 
Open Source Identity Management
Open Source Identity ManagementOpen Source Identity Management
Open Source Identity Management
 

Dernier

Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Dernier (20)

Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

How To Maintain Million Lines Of Open Source Code And Remain Sane or The Story of MidPoint

  • 1. How To Maintain Million Lines Of Open Source Code And Remain Sane* or The Story of MidPoint Radovan Semančík Rubyslava, October 2018 * More or less. More less than more.
  • 2. Radovan Semančík Software Architect at Evolveum Architect of midPoint Apache Foundation Committer Contributor to several open source projects Still (more or less) sane
  • 3. WARNING Controversial statements ahead! Political correctness (very) limited. Mental health hazards. Dogmatic buzzword followers should leave now. HIC SUNT LEONES
  • 4. Project midPoint ● Identity management and governance ● Open source (Apache License) ● Started in 2011 by Evolveum (self-funded) ● Approx. 1 million lines of code ● Mostly written in Java
  • 5. What is Identity Management? System admin Requester Approver Users Provisioning system HR CRM Application Application Application Application A M Identity repository
  • 6. … and Identity Governance? ● Beyond Role-Based Access Control (RBAC) ● Organizational structure ● Delegation, Audit, etc. ● Role assignment and re-certification ● Policies (e.g. SoD) ● Maintenance of role model (role lifecycle) ● Risk assessment ● Compliance
  • 7.
  • 8.
  • 9.
  • 10.
  • 11. MidPoint Development ● Everything is open source (see github) ● Evolutionary approach (iterative+incremental) ● At least 2 releases per year (26 releases) ● Team of 5 full-time developers (+contributors) ● High development activity (100-200 commits/month)
  • 12. MidPoint Big Picture midPoint Source systems Identity conncetors Target systems
  • 13. MidPoint Big Picture midPoint Source systems Identity conncetors Target systems Monolith? Not really!
  • 16. Dependencies (2010-2012) ● Spring ● Java Server Faces ● XML (DOM) ● JAX-B ● JAX-WS ● ESB (BPEL) ● Activiti BPM (BPMN.2) ● Jasper Reports ● Hibernate
  • 17. Dependencies (2018) ● Spring + Spring Boot ● Java Server Faces Apache Wicket ● XML (DOM) + JSON + YAML ● JAX-B : (almost) replaced ● JAX-WS : not used much any more ● ESB (BPEL) : replaced before midPoint started ● Activiti BPM (BPMN.2) : going to be replaced ● Jasper Reports : not very useful, will it survive? ● Hibernate : may be replaced later on
  • 18. Dependencies : Lessons Learned ● Faster start of the project ● Do not reinvent the wheel … unless the wheel is in fact a square ● Do not depend on dependencies too much ● Understand how they work – and why they fail ● Have a “Plan B” to replace them later on
  • 19. Architecture? “REST”, Microservices, Web frameworks, … That’s not architecture!
  • 20. Architecture! “REST”, Microservices, Web frameworks, … That’s not architecture! This is architecture Components, subsystems, interfaces, modules, separation of concerns You really should pay attention in software engineering classes.
  • 21. Data Model ● Extremely important ● As important as architecture ● Cross-cutting concern ● Performance, scalability, evolvability, … ● Changes often – especially at the beginning ● Evolution - compatibility ● Experimental features
  • 22. Data Model DB Business Logic User Interface Integration
  • 23. Data Model Change DB Business Logic User Interface Integration CHANGE CHANGE CHANGE CHANGE
  • 24. Data Model : Schema DB Business Logic User Interface Integration CHANGE Schema
  • 25. MidPoint : Prism Schema (now) DB Business Logic User Interface Integration XSD++ Prism Schema Generated classesJAXB parse
  • 26. MidPoint : Prism Schema (future) DB Business Logic User Interface IntegrationXSD++ (or whatever) Prism Schema + Generated classes parse
  • 27. MidPoint : Prism Schema in UI CUSTOM SCHEMA EXTENSION
  • 28. XML, JSON, YAML and Friends Prism Object : UserType Parser / Serializer Prism Schema name: foo givenName: Foo familyName: Bar fullName: FooBar { “name” : “foo”, ”givenName” : “Foo”, ”familyName” : “Bar”, ”fullName” : “Foo Bar” } <user> <name>foo</name> <givenName>Foo</gi <familyName>Bar</fa <fullName>Foo Bar</ </user> Whatever data format will become fashionable next year
  • 29. XML, JSON, YAML and Friends
  • 31. Big Problem of Consistency midPoint Source systems Identity conncetors Target systems MidPoint DB
  • 32. Transactions / MVCC midPoint Source systems Identity conncetors Target systems MidPoint DB YE S
  • 33. Transactions / MVCC midPoint Source systems Identity conncetors Target systems MidPoint DB YE S Limited MVCC (maybe)
  • 34. Transactions / MVCC midPoint Source systems Identity conncetors Target systems MidPoint DB YE S MVCC (maybe) Limited NO What is a “transaction” ? No way!
  • 35. “Relativistic” Consistency ● Deltas are usually relative (add, delete) ● Apply delta in any order => equivalent value ● We need unordered multi-values for that … but ordering is seldom needed ● There are still some weak spots (e.g. replace) ● But conflicts are quite unlikely ● “Reconciliation” as safety net Heureka! It works!
  • 36. Prism : Much More ● Static schema (compile-time) ● Dynamic schema (run-time) ● “Superdynamic” schema ● Raw data – We do not have complete schema at parse-time ● Deltas (schema-aware) ● Search filters (schema-aware, of course) ● Lifecycle (versioning, deprecated, experimental)
  • 37. Questions You Surely Want To Ask ● Why XSD? – Because midPoint started in 2011 – Because JSON Schema and others are equally bad ● Namespaces? QNames? – Yes, we use them (even in JSON and YAML) – No, we are not crazy (yet) – End user (usually) does not need to deal with them – QName == URI – Benefits: extensibility, versioning
  • 38. RESTful API ● “REST” part and RPC part (and some overlap) ● Full schema support: XML, JSON, YAML ● Big problem of REST: modifications … but we do not worry, we have deltas ● SOAP to REST in five easy steps http://…/rest/users/02c15378­c48b­11e7­b010­1ff8606bae23 http://…/rest/users http://…/rest/tasks/c68d7770­...­9bec1fc3b57c/suspend http://…/rest/notifyChange REST (almost) RPC
  • 39. Testing ● Automated integration testing – Thousands of test cases – Still based on unit test framework (TestNG) – Embed what you can (DB, LDAP server, ...) ● Not that much unit tests – Are you crazy? Yes … I mean: No! – Remember: code generated from schema + compiler – Unit test maintenance is very expensive ● End-to-end tests – in progress ● Test-Driven Bugfixing (TDB)
  • 41. Rolling-Wave Approach 2018 2019 2020 2021 v3.9 exact plan v4.0 rough plan ??? v5.0 here or maybe not v4.1 some plan v4.2 maybe v4.3 probably 2018 2019 2020 2021 v3.9 done v4.0 exact plan v5.0 here maybe v4.1 rough plan v4.2 some plan v4.3 most likely 2018 2019 2020 2021 v3.9 done v4.0 done v5.0 probably v4.1 exact plan v4.2 rough plan v4.3 some plan v4.4 maybe
  • 42. Rolling-Wave Approach ● Rolling-wave planning: obvious and intuitive ● Rolling-wave approach applied to everything: – architecture, schema, features, release scope ● Create architecture that can survive decades – But do NOT implement everything – Implement only what you need now ● Design 1-3 years ahead – But do NOT implement what you don’t need now – Data model (schema), DB model, interfaces ● Implement only what you need
  • 43. Questions you wanted to ask at the beginning ● Java? Really? – Really. And we use checked exceptions! – But no Java EE. We are not that crazy. – Compiler saves huge amount of time (remember: code generated from data model) – Old language +1: libraries for everything – Old language -1: you need to avoid landmines – OpenJDK – Hindsight: Java is lesser evil
  • 44. Questions you wanted to ask at the beginning ● Self-funded? And still alive? – Alive and well. – Bootstrapped (FFF). No venture capital. – Beginnings were hard. Very hard. – Persistence pays off. ● Business model? – Subscription: support + new feature development – Trainings, PoCs, Architecture reviews – Professional services, projects (minimal) → partners
  • 45. Summary ● Million lines of Java code, 7 years, small team … and still going fast and strong. ● Open source, self-funded … and survived! ● Good architecture, rolling-wave design ● Schema-aware from bottom to top ● Not entirely normal project
  • 46. Join the Team ● Java developers, IDM engineers, … marketing ● Bratislava, Košice ... or anywhere (remote work) ● Join the team … if you are up to the challenge
  • 47.
  • 48. For more information please visit www.evolveum.com