SlideShare une entreprise Scribd logo
1  sur  67
Télécharger pour lire hors ligne
Tool Up Your LAMP Stack
About Me

 • Lorna Mitchell

 • Web Development Consultant

 • Speaker and Author

 • Website: http://lornajane.net

 • Twitter: @lornajane




                                   2
LAMP




       3
LAMP

 • Linux

 • Apache

 • MySQL

 • PHP (or Perl, or Python)




                              4
Technology and Agile
Technology is not the
     problem



                        6
Technology is not the
     solution



                        7
Technology

 • We need good tools




                        8
Technology

 • We need good tools

 • They enable our workflow




                             8
Technology

 • We need good tools

 • They enable our workflow

 • They facilitate our achievements




                                      8
Technology

 • We need good tools

 • They enable our workflow

 • They facilitate our achievements

 • They allow us to meet our deadlines




                                         8
Technology

 • We need good tools

 • They enable our workflow

 • They facilitate our achievements

 • They allow us to meet our deadlines

 • They are not the silver bullet (sorry)




                                            8
Iterative Development




            develop     deploy




                                 9
The Main Ingredients

Preparation time: some years

Ingredients:

   • Source control

   • Development platforms

   • Task tracking

   • Automated testing

   • Static analysis

   • Automated deployment

   • Continuous integration




                               10
Source Control
Source Control: Key Ingredient

  • Central, canonical version

  • Collaboration point

  • Historical information

      • what changed
      • when
      • by whom

  • Can include its own config




                                 12
Source Control Tools

  • Subversion http://subversion.apache.org/

  • Git http://git-scm.com/

  • Mercurial http://mercurial.selenic.com/




                                               13
Branching Strategies

Common patterns:

  • Feature branches

  • Version branches

  • Live/integration branches




                                14
Traditional Centralised Source Control




                       repo



    checkout         checkout            checkout




                                                    15
Distributed Source Control

                     repo


                            repo


              repo


                                   repo


                     repo                 16
Database Version Control

No silver bullet to keep code and database schema in sync

Strategies:

   • All db changes done via script

   • Scripts are numbered

   • Database knows what numbers it already has


Tools:

   • homespun scripts

   • DbDeploy http://dbdeploy.com/

   • Liquibase http://www.liquibase.org/



                                                            17
Development Platforms
Development Platforms

Requirements:

  • Safe area "sandpit" for developers to work

  • All software as-live

  • Isolated




                                                 19
Task Tracking
Task Tracking

Once called ’bug tracking’.

We can track what status everything is in.




                                             21
Task Tracking

Once called ’bug tracking’.

We can track what status everything is in.

Developers understand bug trackers, bug trackers understand your
workflow.




                                                                   21
Workflow


          Backlog    Sprint




                     Active




          Blocked    Verify




                    Complete



                               22
Task Tracking Tools

  • Pivotal Tracker http://www.pivotaltracker.com/

  • GreenHopper
   http://www.atlassian.com/software/greenhopper/

  • Trac http://trac.edgewall.org/




                                                     23
Automated Testing
How do you test a website
           ?




                            25
How do you test a website
       repeatedly
           ?


                            26
Automated Testing

Gives repeatable results

TDD Test-Driven Development

BDD Behaviour-Driven Development




                                   27
Automated Testing Tools

 • Selenium: browser-based record and play of tests

     • Selenium IDE http://seleniumhq.org/projects/ide/
     • Selenium RC
       http://seleniumhq.org/projects/remote-control/

 • PHPUnit: unit testing and automation

     • http://phpunit.de
     • Also generates code coverage graphs




                                                          28
My First Unit Test

require_once '../src/models/MathUtilModel.php';

class MathUtilModelTest extends PHPUnit_Framework_TestCase {
    public function testAddNumbersWithNumbers() {
        $util = new MathUtilModel();
        $result = $util->addNumbers(3,5);
        $this->assertEquals(8, $result);
    }
}




                                                               29
Running One Test

To run our tests, from the tests directory do:
phpunit models/MathUtilModel

Output:
PHPUnit 3.5.13 by Sebastian Bergmann.

.

Time: 0 seconds, Memory: 3.00Mb

OK (1 test, 1 assertion)




                                                 30
Testable Code

 • Testable code is clean and modular

 • Need to be able to separate elements to test

 • Each function does one thing

 • Not too many paths through the code

 • Dependencies are dangerous




                                                  31
Dependency Injection

Passing things in or looking them up.
function getData() {
    $db = new MyDatabaseObject();
    // sql and query
}




function getData($db) {
    // sql and query
}




                                        32
Code Coverage

What percentage of your code is tested?

  • Summary view

  • Drill in to see which lines are run by tests

  • Beware: 100% code coverage does not mean fully tested


Use phpunit -coverage-html and specify where PHPUnit should
write the report files
Examples from http://jenkins.joind.in




                                                              33
Code Coverage




                34
Code Coverage




                35
Static Analysis
Static Analysis

Evaluating code without running it

Allows us to check for quality, commenting, coding standards




                                                               37
Static Analysis Tools

  • PHP Code Sniffer: checks for coding standards

      • http://pear.php.net/PHP_CodeSniffer

  • PHP Mess Detector: detects ’bad smells’

      • http://phpmd.org/

  • PHP Lines of Code: project size, class count

      • https://github.com/sebastianbergmann/phploc




                                                      38
phploc Sample Output (joind.in)

Directories:                                 32
Files:                                      213

Lines of Code (LOC):                       21339
  Cyclomatic Complexity / Lines of Code:    0.10
Comment Lines of Code (CLOC):               4908
Non-Comment Lines of Code (NCLOC):         16431

Namespaces:                                   0
Interfaces:                                   0
Classes:                                     87
  Abstract:                                   1 (1.15%)
  Concrete:                                  86 (98.85%)
  Average Class Length (NCLOC):             116
Methods:                                    532
  Scope:
    Non-Static:                             532 (100.00%)
    Static:                                   0 (0.00%)
  Visibility:
    Public:                                 501 (94.17%)
    Non-Public:                              31 (5.83%)
  Average Method Length (NCLOC):             18             39
API Documentation

Another form of static analysis is to generate documentation

  • Commented documentation in each file, class, function

  • Automatically generate into readable documents

  • Tools:

       • PHPDocumentor http://www.phpdoc.org/
       • DocBlox http://www.docblox-project.org/




                                                               40
API Documentation




                    41
PHPCS Examples

Install:
pear install PHP_CodeSniffer

Run:
phpcs --standard=PEAR example.php

Examples taken from http://bit.ly/kedQrU




                                           42
PHPCS Examples

Source code:
class recipe
{

    protected $_id;

    public $name;

    public $prep_time;

    function getIngredients() {
        $ingredients = Ingredients::fetchAllById($this->_id);
        return $ingredients;
    }
}




                                                                43
PHPCS Examples

Sniffer output:
FILE: /home/lorna/phpcs/recipe.class.php
----------------------------------------------------------------------
FOUND 8 ERROR(S) AND 0 WARNING(S) AFFECTING 5 LINE(S)
----------------------------------------------------------------------
  2 | ERROR | Missing file doc comment
  3 | ERROR | Class name must begin with a capital letter
  3 | ERROR | Missing class doc comment
  6 | ERROR | Protected member variable "_id" must not be prefixed wit
    |       | underscore
 12 | ERROR | Missing function doc comment
 12 | ERROR | Opening brace should be on a new line
 13 | ERROR | Line indented incorrectly; expected at least 8 spaces, f
 13 | ERROR | Spaces must be used to indent lines; tabs are not allowe
----------------------------------------------------------------------




                                                                   44
Automated Deployment
Automated Deployment

 • How many times do you deploy an agile project?




                                                    46
Automated Deployment

 • How many times do you deploy an agile project?

 • Fast

 • Hardened

 • Painless

 • Repeatable




                                                    46
Automated Deployment Tools

 • Phing/Ant: easy automated build scripts

     • http://phing.info/
     • http://ant.apache.org/

 • Capistrano (or Webistrano): scripted releases (with web interface)

     • https://github.com/capistrano/capistrano




                                                                        47
Automating Deployment: Why

 • Minimise mistakes

 • Save time on each deploy

 • Better than documentation

 • Reliable process - use for different platforms

 • Scope for rollback




                                                    48
Automating Deployment: What

 • Application code

     • minimal downtime or time in an inconsistent state
     • easy rollback
     • additional setup steps (upload files, etc) also automated

 • Database

     • apply database patches
     • include rollback patches

 • Config changes

     • useful for large or complex sites
     • config deploys separately, can update quickly and easily



                                                                  49
Code Deployment

 • Get a clean copy of code

 • Place in new directory on server

 • Perform any other preparation tasks

 • Change symlink in web directory to point to new version

 • Tools: shell script or ant/phing




                                                             50
Config Deployment

 • Exactly like code deployment

 • Application needs to be designed with this in mind

     • Default to live config
     • Environment variables set in vhost




                                                        51
Phing Example

<?xml version="1.0" encoding="UTF-8"?>
<project name="example" basedir="." default="deploy">
        <property name="builddir" value="./build" />
        <property name="appdir" value="./build/code" />
        <tstamp><format property="date" pattern="%Y%m%d-%H%M" /></tsta

       <target name="deploy" depends="clean, prepare, export, putlive

       <target name="export">
           <exec command="svn export ${repo} ${appdir}/${date}" />
       </target>

       <target name="putlive">
           <exec command="scp -r ${appdir}/${date} ${destination}
               > ${builddir}/logs/scp.log" />
       </target>




                                                                     52
Phing Example Cont’d

        <target name="clean">
                <delete dir="${builddir}" />
        </target>

        <target name="prepare">
                <mkdir dir="${builddir}" />
                <mkdir dir="${builddir}/logs" />
        </target>
</project>

Phing can also handle upload directories, database versioning, other
deployment recipe steps and post deploy tasks




                                                                       53
Continuous Integration
Continuous Integration

The glue that holds everything together!


   • Source control commit triggers:

       • Static analysis tools
       • Automated tests
       • Document generation

   • CI system centralises:

       • Deployment (to various platforms)
       • Other tasks, cron jobs

   • Centralised dashboard and reporting



                                             55
Continuous Integration Tools

  • Jenkins (née Hudson)

      • http://jenkins-ci.org/

  • PHPUnderControl (PHP-specific CruiseControl project)

      • http://phpundercontrol.org/




                                                          56
Tool Up Your LAMP Stack
The Main Ingredients for LAMP

Preparation time: some years

Ingredients:

   • Source control

   • Development platforms

   • Task tracking

   • Automated testing

   • Static analysis

   • Automated deployment

   • Continuous integration




                                58
Questions?
Thanks




 • Website: http://lornajane.net

 • Twitter: @lornajane




                                   60
Image Credits

 • LAMP http://www.flickr.com/photos/sewpixie/2059308961

 • Sandpit
   http://www.flickr.com/photos/giltastic/3159081924




                                                           61

Contenu connexe

Tendances

20140406 loa days-tdd-with_puppet_tutorial
20140406 loa days-tdd-with_puppet_tutorial20140406 loa days-tdd-with_puppet_tutorial
20140406 loa days-tdd-with_puppet_tutorial
garrett honeycutt
 
Fantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemFantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find Them
Ross Wolf
 

Tendances (20)

20140406 loa days-tdd-with_puppet_tutorial
20140406 loa days-tdd-with_puppet_tutorial20140406 loa days-tdd-with_puppet_tutorial
20140406 loa days-tdd-with_puppet_tutorial
 
The Hunter Games: How to Find the Adversary with Event Query Language
The Hunter Games: How to Find the Adversary with Event Query LanguageThe Hunter Games: How to Find the Adversary with Event Query Language
The Hunter Games: How to Find the Adversary with Event Query Language
 
Fantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemFantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find Them
 
ONOS System Test - ONS2016
ONOS System Test - ONS2016ONOS System Test - ONS2016
ONOS System Test - ONS2016
 
Invoke-Obfuscation nullcon 2017
Invoke-Obfuscation nullcon 2017Invoke-Obfuscation nullcon 2017
Invoke-Obfuscation nullcon 2017
 
Java-Jersey 到 Python-Flask 服務不中斷重構之旅
Java-Jersey 到 Python-Flask 服務不中斷重構之旅Java-Jersey 到 Python-Flask 服務不中斷重構之旅
Java-Jersey 到 Python-Flask 服務不中斷重構之旅
 
How to reverse engineer Android applications
How to reverse engineer Android applicationsHow to reverse engineer Android applications
How to reverse engineer Android applications
 
2016 -11-18 OpenSCAP Workshop Coursebook
2016 -11-18 OpenSCAP Workshop Coursebook2016 -11-18 OpenSCAP Workshop Coursebook
2016 -11-18 OpenSCAP Workshop Coursebook
 
Securing Infrastructure with OpenScap The Automation Way !!
Securing Infrastructure with OpenScap The Automation Way !!Securing Infrastructure with OpenScap The Automation Way !!
Securing Infrastructure with OpenScap The Automation Way !!
 
ProbeDroid - Crafting Your Own Dynamic Instrument Tool on Android for App Beh...
ProbeDroid - Crafting Your Own Dynamic Instrument Tool on Android for App Beh...ProbeDroid - Crafting Your Own Dynamic Instrument Tool on Android for App Beh...
ProbeDroid - Crafting Your Own Dynamic Instrument Tool on Android for App Beh...
 
PSR-7 - Middleware - Zend Expressive
PSR-7 - Middleware - Zend ExpressivePSR-7 - Middleware - Zend Expressive
PSR-7 - Middleware - Zend Expressive
 
The why and how of moving to php 8
The why and how of moving to php 8The why and how of moving to php 8
The why and how of moving to php 8
 
AntiVirus Evasion Reconstructed - Veil 3.0
AntiVirus Evasion Reconstructed - Veil 3.0AntiVirus Evasion Reconstructed - Veil 3.0
AntiVirus Evasion Reconstructed - Veil 3.0
 
No locked doors, no windows barred: hacking OpenAM infrastructure
No locked doors, no windows barred: hacking OpenAM infrastructureNo locked doors, no windows barred: hacking OpenAM infrastructure
No locked doors, no windows barred: hacking OpenAM infrastructure
 
Workshop: PowerShell for Penetration Testers
Workshop: PowerShell for Penetration TestersWorkshop: PowerShell for Penetration Testers
Workshop: PowerShell for Penetration Testers
 
Process injection - Malware style
Process injection - Malware styleProcess injection - Malware style
Process injection - Malware style
 
Property-based testing an open-source compiler, pflua (FOSDEM 2015)
Property-based testing an open-source compiler, pflua (FOSDEM 2015)Property-based testing an open-source compiler, pflua (FOSDEM 2015)
Property-based testing an open-source compiler, pflua (FOSDEM 2015)
 
PVS-Studio and static code analysis technique
PVS-Studio and static code analysis techniquePVS-Studio and static code analysis technique
PVS-Studio and static code analysis technique
 
The why and how of moving to php 7
The why and how of moving to php 7The why and how of moving to php 7
The why and how of moving to php 7
 
Abusing Adobe Reader’s JavaScript APIs by Abdul-Aziz Hariri & Brian Gorenc - ...
Abusing Adobe Reader’s JavaScript APIs by Abdul-Aziz Hariri & Brian Gorenc - ...Abusing Adobe Reader’s JavaScript APIs by Abdul-Aziz Hariri & Brian Gorenc - ...
Abusing Adobe Reader’s JavaScript APIs by Abdul-Aziz Hariri & Brian Gorenc - ...
 

En vedette

En vedette (10)

Join In With Joind.In
Join In With Joind.InJoin In With Joind.In
Join In With Joind.In
 
Tech4Africa - Tuning LAMP, and beyond LAMP
Tech4Africa - Tuning LAMP, and beyond LAMPTech4Africa - Tuning LAMP, and beyond LAMP
Tech4Africa - Tuning LAMP, and beyond LAMP
 
High Availability for the LAMP Stack
High Availability for the LAMP StackHigh Availability for the LAMP Stack
High Availability for the LAMP Stack
 
Lamp Stack Optimization
Lamp Stack OptimizationLamp Stack Optimization
Lamp Stack Optimization
 
FOWA Scaling The Lamp Stack Workshop
FOWA Scaling The Lamp Stack WorkshopFOWA Scaling The Lamp Stack Workshop
FOWA Scaling The Lamp Stack Workshop
 
OAuth: Trust Issues
OAuth: Trust IssuesOAuth: Trust Issues
OAuth: Trust Issues
 
Best Practice in API Design
Best Practice in API DesignBest Practice in API Design
Best Practice in API Design
 
Scalable Web Architecture
Scalable Web ArchitectureScalable Web Architecture
Scalable Web Architecture
 
Web Services PHP Tutorial
Web Services PHP TutorialWeb Services PHP Tutorial
Web Services PHP Tutorial
 
Websites on AWS
Websites on AWSWebsites on AWS
Websites on AWS
 

Similaire à Tool Up Your LAMP Stack

Continuous Integration In A PHP World
Continuous Integration In A PHP WorldContinuous Integration In A PHP World
Continuous Integration In A PHP World
Idaf_1er
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Denim Group
 

Similaire à Tool Up Your LAMP Stack (20)

An Open Source Workbench for Prototyping Multimodal Interactions Based on Off...
An Open Source Workbench for Prototyping Multimodal Interactions Based on Off...An Open Source Workbench for Prototyping Multimodal Interactions Based on Off...
An Open Source Workbench for Prototyping Multimodal Interactions Based on Off...
 
20 PHP Static Analysis and Documentation Generators #burningkeyboards
20 PHP Static Analysis and Documentation Generators #burningkeyboards20 PHP Static Analysis and Documentation Generators #burningkeyboards
20 PHP Static Analysis and Documentation Generators #burningkeyboards
 
Introduction to Chef - Techsuperwomen Summit
Introduction to Chef - Techsuperwomen SummitIntroduction to Chef - Techsuperwomen Summit
Introduction to Chef - Techsuperwomen Summit
 
Bug Bounty Hunter Methodology - Nullcon 2016
Bug Bounty Hunter Methodology - Nullcon 2016Bug Bounty Hunter Methodology - Nullcon 2016
Bug Bounty Hunter Methodology - Nullcon 2016
 
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...
 
Developing PHP Applications Faster
Developing PHP Applications FasterDeveloping PHP Applications Faster
Developing PHP Applications Faster
 
Continuous Integration In A PHP World
Continuous Integration In A PHP WorldContinuous Integration In A PHP World
Continuous Integration In A PHP World
 
Sensu and Sensibility - Puppetconf 2014
Sensu and Sensibility - Puppetconf 2014Sensu and Sensibility - Puppetconf 2014
Sensu and Sensibility - Puppetconf 2014
 
Continuous Delivery - Automate & Build Better Software with Travis CI
Continuous Delivery - Automate & Build Better Software with Travis CIContinuous Delivery - Automate & Build Better Software with Travis CI
Continuous Delivery - Automate & Build Better Software with Travis CI
 
To ∞ (~65K) and beyond! - Sebastiano Gottardo - Codemotion Milan 2016
To ∞ (~65K) and beyond! - Sebastiano Gottardo - Codemotion Milan 2016To ∞ (~65K) and beyond! - Sebastiano Gottardo - Codemotion Milan 2016
To ∞ (~65K) and beyond! - Sebastiano Gottardo - Codemotion Milan 2016
 
PyCon AU 2012 - Debugging Live Python Web Applications
PyCon AU 2012 - Debugging Live Python Web ApplicationsPyCon AU 2012 - Debugging Live Python Web Applications
PyCon AU 2012 - Debugging Live Python Web Applications
 
Goodpractice
GoodpracticeGoodpractice
Goodpractice
 
Northeast PHP - High Performance PHP
Northeast PHP - High Performance PHPNortheast PHP - High Performance PHP
Northeast PHP - High Performance PHP
 
Behat bdd training (php) course slides pdf
Behat bdd training (php) course slides pdfBehat bdd training (php) course slides pdf
Behat bdd training (php) course slides pdf
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
 
Continuous feature-development
Continuous feature-developmentContinuous feature-development
Continuous feature-development
 
Security research over Windows #defcon china
Security research over Windows #defcon chinaSecurity research over Windows #defcon china
Security research over Windows #defcon china
 
Demystifying Binary Reverse Engineering - Pixels Camp
Demystifying Binary Reverse Engineering - Pixels CampDemystifying Binary Reverse Engineering - Pixels Camp
Demystifying Binary Reverse Engineering - Pixels Camp
 
Getting started with RISC-V verification what's next after compliance testing
Getting started with RISC-V verification what's next after compliance testingGetting started with RISC-V verification what's next after compliance testing
Getting started with RISC-V verification what's next after compliance testing
 
Creating a Smooth Development Workflow for High-Quality Modular Open-Source P...
Creating a Smooth Development Workflow for High-Quality Modular Open-Source P...Creating a Smooth Development Workflow for High-Quality Modular Open-Source P...
Creating a Smooth Development Workflow for High-Quality Modular Open-Source P...
 

Plus de Lorna Mitchell

Understanding Distributed Source Control
Understanding Distributed Source ControlUnderstanding Distributed Source Control
Understanding Distributed Source Control
Lorna Mitchell
 

Plus de Lorna Mitchell (20)

Git, GitHub and Open Source
Git, GitHub and Open SourceGit, GitHub and Open Source
Git, GitHub and Open Source
 
Business 101 for Developers: Time and Money
Business 101 for Developers: Time and MoneyBusiness 101 for Developers: Time and Money
Business 101 for Developers: Time and Money
 
Things I wish web graduates knew
Things I wish web graduates knewThings I wish web graduates knew
Things I wish web graduates knew
 
Teach a Man To Fish (phpconpl edition)
Teach a Man To Fish (phpconpl edition)Teach a Man To Fish (phpconpl edition)
Teach a Man To Fish (phpconpl edition)
 
Web services tutorial
Web services tutorialWeb services tutorial
Web services tutorial
 
Going Freelance
Going FreelanceGoing Freelance
Going Freelance
 
Understanding Distributed Source Control
Understanding Distributed Source ControlUnderstanding Distributed Source Control
Understanding Distributed Source Control
 
Best Practice in Web Service Design
Best Practice in Web Service DesignBest Practice in Web Service Design
Best Practice in Web Service Design
 
Coaching Development Teams: Teach A Man To Fish
Coaching Development Teams: Teach A Man To FishCoaching Development Teams: Teach A Man To Fish
Coaching Development Teams: Teach A Man To Fish
 
Zend Certification Preparation Tutorial
Zend Certification Preparation TutorialZend Certification Preparation Tutorial
Zend Certification Preparation Tutorial
 
Implementing OAuth with PHP
Implementing OAuth with PHPImplementing OAuth with PHP
Implementing OAuth with PHP
 
Web Services Tutorial
Web Services TutorialWeb Services Tutorial
Web Services Tutorial
 
Object Oriented Programming in PHP
Object Oriented Programming in PHPObject Oriented Programming in PHP
Object Oriented Programming in PHP
 
Example Presentation
Example PresentationExample Presentation
Example Presentation
 
Could You Telecommute?
Could You Telecommute?Could You Telecommute?
Could You Telecommute?
 
Design Patterns
Design PatternsDesign Patterns
Design Patterns
 
Running a Project with Github
Running a Project with GithubRunning a Project with Github
Running a Project with Github
 
27 Ways To Be A Better Developer
27 Ways To Be A Better Developer27 Ways To Be A Better Developer
27 Ways To Be A Better Developer
 
Digital Representation
Digital RepresentationDigital Representation
Digital Representation
 
SPL Primer
SPL PrimerSPL Primer
SPL Primer
 

Dernier

Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider  Progress from Awareness to Implementation.pptxTales from a Passkey Provider  Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
FIDO Alliance
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
Muhammad Subhan
 

Dernier (20)

Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider  Progress from Awareness to Implementation.pptxTales from a Passkey Provider  Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptx
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
 
Overview of Hyperledger Foundation
Overview of Hyperledger FoundationOverview of Hyperledger Foundation
Overview of Hyperledger Foundation
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development Companies
 
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & Ireland
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
The Metaverse: Are We There Yet?
The  Metaverse:    Are   We  There  Yet?The  Metaverse:    Are   We  There  Yet?
The Metaverse: Are We There Yet?
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
 

Tool Up Your LAMP Stack

  • 1. Tool Up Your LAMP Stack
  • 2. About Me • Lorna Mitchell • Web Development Consultant • Speaker and Author • Website: http://lornajane.net • Twitter: @lornajane 2
  • 3. LAMP 3
  • 4. LAMP • Linux • Apache • MySQL • PHP (or Perl, or Python) 4
  • 6. Technology is not the problem 6
  • 7. Technology is not the solution 7
  • 8. Technology • We need good tools 8
  • 9. Technology • We need good tools • They enable our workflow 8
  • 10. Technology • We need good tools • They enable our workflow • They facilitate our achievements 8
  • 11. Technology • We need good tools • They enable our workflow • They facilitate our achievements • They allow us to meet our deadlines 8
  • 12. Technology • We need good tools • They enable our workflow • They facilitate our achievements • They allow us to meet our deadlines • They are not the silver bullet (sorry) 8
  • 13. Iterative Development develop deploy 9
  • 14. The Main Ingredients Preparation time: some years Ingredients: • Source control • Development platforms • Task tracking • Automated testing • Static analysis • Automated deployment • Continuous integration 10
  • 16. Source Control: Key Ingredient • Central, canonical version • Collaboration point • Historical information • what changed • when • by whom • Can include its own config 12
  • 17. Source Control Tools • Subversion http://subversion.apache.org/ • Git http://git-scm.com/ • Mercurial http://mercurial.selenic.com/ 13
  • 18. Branching Strategies Common patterns: • Feature branches • Version branches • Live/integration branches 14
  • 19. Traditional Centralised Source Control repo checkout checkout checkout 15
  • 20. Distributed Source Control repo repo repo repo repo 16
  • 21. Database Version Control No silver bullet to keep code and database schema in sync Strategies: • All db changes done via script • Scripts are numbered • Database knows what numbers it already has Tools: • homespun scripts • DbDeploy http://dbdeploy.com/ • Liquibase http://www.liquibase.org/ 17
  • 23. Development Platforms Requirements: • Safe area "sandpit" for developers to work • All software as-live • Isolated 19
  • 25. Task Tracking Once called ’bug tracking’. We can track what status everything is in. 21
  • 26. Task Tracking Once called ’bug tracking’. We can track what status everything is in. Developers understand bug trackers, bug trackers understand your workflow. 21
  • 27. Workflow Backlog Sprint Active Blocked Verify Complete 22
  • 28. Task Tracking Tools • Pivotal Tracker http://www.pivotaltracker.com/ • GreenHopper http://www.atlassian.com/software/greenhopper/ • Trac http://trac.edgewall.org/ 23
  • 30. How do you test a website ? 25
  • 31. How do you test a website repeatedly ? 26
  • 32. Automated Testing Gives repeatable results TDD Test-Driven Development BDD Behaviour-Driven Development 27
  • 33. Automated Testing Tools • Selenium: browser-based record and play of tests • Selenium IDE http://seleniumhq.org/projects/ide/ • Selenium RC http://seleniumhq.org/projects/remote-control/ • PHPUnit: unit testing and automation • http://phpunit.de • Also generates code coverage graphs 28
  • 34. My First Unit Test require_once '../src/models/MathUtilModel.php'; class MathUtilModelTest extends PHPUnit_Framework_TestCase { public function testAddNumbersWithNumbers() { $util = new MathUtilModel(); $result = $util->addNumbers(3,5); $this->assertEquals(8, $result); } } 29
  • 35. Running One Test To run our tests, from the tests directory do: phpunit models/MathUtilModel Output: PHPUnit 3.5.13 by Sebastian Bergmann. . Time: 0 seconds, Memory: 3.00Mb OK (1 test, 1 assertion) 30
  • 36. Testable Code • Testable code is clean and modular • Need to be able to separate elements to test • Each function does one thing • Not too many paths through the code • Dependencies are dangerous 31
  • 37. Dependency Injection Passing things in or looking them up. function getData() { $db = new MyDatabaseObject(); // sql and query } function getData($db) { // sql and query } 32
  • 38. Code Coverage What percentage of your code is tested? • Summary view • Drill in to see which lines are run by tests • Beware: 100% code coverage does not mean fully tested Use phpunit -coverage-html and specify where PHPUnit should write the report files Examples from http://jenkins.joind.in 33
  • 42. Static Analysis Evaluating code without running it Allows us to check for quality, commenting, coding standards 37
  • 43. Static Analysis Tools • PHP Code Sniffer: checks for coding standards • http://pear.php.net/PHP_CodeSniffer • PHP Mess Detector: detects ’bad smells’ • http://phpmd.org/ • PHP Lines of Code: project size, class count • https://github.com/sebastianbergmann/phploc 38
  • 44. phploc Sample Output (joind.in) Directories: 32 Files: 213 Lines of Code (LOC): 21339 Cyclomatic Complexity / Lines of Code: 0.10 Comment Lines of Code (CLOC): 4908 Non-Comment Lines of Code (NCLOC): 16431 Namespaces: 0 Interfaces: 0 Classes: 87 Abstract: 1 (1.15%) Concrete: 86 (98.85%) Average Class Length (NCLOC): 116 Methods: 532 Scope: Non-Static: 532 (100.00%) Static: 0 (0.00%) Visibility: Public: 501 (94.17%) Non-Public: 31 (5.83%) Average Method Length (NCLOC): 18 39
  • 45. API Documentation Another form of static analysis is to generate documentation • Commented documentation in each file, class, function • Automatically generate into readable documents • Tools: • PHPDocumentor http://www.phpdoc.org/ • DocBlox http://www.docblox-project.org/ 40
  • 47. PHPCS Examples Install: pear install PHP_CodeSniffer Run: phpcs --standard=PEAR example.php Examples taken from http://bit.ly/kedQrU 42
  • 48. PHPCS Examples Source code: class recipe { protected $_id; public $name; public $prep_time; function getIngredients() { $ingredients = Ingredients::fetchAllById($this->_id); return $ingredients; } } 43
  • 49. PHPCS Examples Sniffer output: FILE: /home/lorna/phpcs/recipe.class.php ---------------------------------------------------------------------- FOUND 8 ERROR(S) AND 0 WARNING(S) AFFECTING 5 LINE(S) ---------------------------------------------------------------------- 2 | ERROR | Missing file doc comment 3 | ERROR | Class name must begin with a capital letter 3 | ERROR | Missing class doc comment 6 | ERROR | Protected member variable "_id" must not be prefixed wit | | underscore 12 | ERROR | Missing function doc comment 12 | ERROR | Opening brace should be on a new line 13 | ERROR | Line indented incorrectly; expected at least 8 spaces, f 13 | ERROR | Spaces must be used to indent lines; tabs are not allowe ---------------------------------------------------------------------- 44
  • 51. Automated Deployment • How many times do you deploy an agile project? 46
  • 52. Automated Deployment • How many times do you deploy an agile project? • Fast • Hardened • Painless • Repeatable 46
  • 53. Automated Deployment Tools • Phing/Ant: easy automated build scripts • http://phing.info/ • http://ant.apache.org/ • Capistrano (or Webistrano): scripted releases (with web interface) • https://github.com/capistrano/capistrano 47
  • 54. Automating Deployment: Why • Minimise mistakes • Save time on each deploy • Better than documentation • Reliable process - use for different platforms • Scope for rollback 48
  • 55. Automating Deployment: What • Application code • minimal downtime or time in an inconsistent state • easy rollback • additional setup steps (upload files, etc) also automated • Database • apply database patches • include rollback patches • Config changes • useful for large or complex sites • config deploys separately, can update quickly and easily 49
  • 56. Code Deployment • Get a clean copy of code • Place in new directory on server • Perform any other preparation tasks • Change symlink in web directory to point to new version • Tools: shell script or ant/phing 50
  • 57. Config Deployment • Exactly like code deployment • Application needs to be designed with this in mind • Default to live config • Environment variables set in vhost 51
  • 58. Phing Example <?xml version="1.0" encoding="UTF-8"?> <project name="example" basedir="." default="deploy"> <property name="builddir" value="./build" /> <property name="appdir" value="./build/code" /> <tstamp><format property="date" pattern="%Y%m%d-%H%M" /></tsta <target name="deploy" depends="clean, prepare, export, putlive <target name="export"> <exec command="svn export ${repo} ${appdir}/${date}" /> </target> <target name="putlive"> <exec command="scp -r ${appdir}/${date} ${destination} > ${builddir}/logs/scp.log" /> </target> 52
  • 59. Phing Example Cont’d <target name="clean"> <delete dir="${builddir}" /> </target> <target name="prepare"> <mkdir dir="${builddir}" /> <mkdir dir="${builddir}/logs" /> </target> </project> Phing can also handle upload directories, database versioning, other deployment recipe steps and post deploy tasks 53
  • 61. Continuous Integration The glue that holds everything together! • Source control commit triggers: • Static analysis tools • Automated tests • Document generation • CI system centralises: • Deployment (to various platforms) • Other tasks, cron jobs • Centralised dashboard and reporting 55
  • 62. Continuous Integration Tools • Jenkins (née Hudson) • http://jenkins-ci.org/ • PHPUnderControl (PHP-specific CruiseControl project) • http://phpundercontrol.org/ 56
  • 63. Tool Up Your LAMP Stack
  • 64. The Main Ingredients for LAMP Preparation time: some years Ingredients: • Source control • Development platforms • Task tracking • Automated testing • Static analysis • Automated deployment • Continuous integration 58
  • 66. Thanks • Website: http://lornajane.net • Twitter: @lornajane 60
  • 67. Image Credits • LAMP http://www.flickr.com/photos/sewpixie/2059308961 • Sandpit http://www.flickr.com/photos/giltastic/3159081924 61