search

wulfland / AccelerateDevOps

This is the companion repository for my book Accelerate DevOps with GitHub (2022). You can find all hands-on labs and other examples from the book here. Please reach out to me if something is broken.
https://www.amazon.com/dp/B0B4DW7NSL/ref=cm_sw_r_tw_dp_B4DR80D2BBERYNSQ5V9C
MIT License
42 stars 78 forks source link
devops github

readme

Accelerate DevOps with GitHub

Enhance Software Delivery Performance with GitHub Issues, Projects, Actions, and Advanced Security

This is the companion repository for my book Accelerate DevOps with GitHub. You can find all hands-on labs and other examples from the book here. I also provide all the links and references from the chapters.

Part 1: Lean Management and Collaboration

In Part 1 you will learn how to reduce ballast from your development process and move to a lean and collaborative way of working that allows your teams to accelerate their value delivery. You’ll learn how to use GitHub to work together from everywhere effectively and use work insights and the right metrics to optimize your engineering productivity.

Chapter 1: Metrics that Matter

In this chapter I explain how to measure engineering velocity and developer productivity and how to make your DevOps acceleration measurable. The following topics will are covered in this chapter:

References and Links - Srivastava S., Trehan K., Wagle D. & Wang J. (April 2020). [Developer Velocity: How software excellence fuels business performance]( https://www.mckinsey.com/industries/technology-media-and-telecommunications/our-insights/developer-velocity-how-software-excellence-fuels-business-performance). - Forsgren N., Smith D., Humble J., Frazelle J. (2019). [DORA State of DevOps Report](https://www.devops-research.com/research.html#reports) - Brown A., Stahnke M. & Kersten N. (2020). [2020 State of DevOps Report](https://puppet.com/resources/report/2020-state-of-devops-report/) - Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press. - Coupland M (2021). DevOps Adoption Strategies: Principles, Processes, Tools, and Trends: Embracing DevOps through effective culture people, and processes (1st ed.) [E-book]. Packt. - Dina Graves Portman (2020). [Are you an Elite DevOps performer? Find out with the Four Keys Project]( https://cloud.google.com/blog/products/devops-sre/using-the-four-keys-to-measure-your-devops-performance) - Forsgren N., Storey M.-A., Maddila C., Zimmermann T., Houck B., & Butler J. (2021). [The SPACE of Developer Productivity]( https://queue.acm.org/detail.cfm?id=3454124) - Grove, A. S. (1983). High Output Management (1st ed.). Random House Inc. - Grove, A. S. (1995). High Output Management (2nd ed.). Vintage. - Doerr, J. (2018). Measure What Matters: OKRs: The Simple Idea that Drives 10x Growth. Portfolio Penguin

Chapter 2: Plan, Track, and Visualize Your Work

In this chapter we will focus on organizing your work inside your team and apply Lean Principles. You’ll learn how GitHub Issues and Projects can help you to simplify your flow of work.

In this chapter we will cover the following topics:

Highlights:

Board Status

Board Status

References and Links - Tregubov A., Rodchenko N., Boehm B. & Lane J.A. (2017). [Impact of Task Switching and Work Interruptions on Software Development Processes]( https://www.researchgate.net/publication/317989659_Impact_of_task_switching_and_work_interruptions_on_software_development_processes) - Weinberg G.M. (1991), Quality Software Management: Systems Thinking (1st ed.). Dorset House - [GitHub issues](https://guides.github.com/features/issues/) and [about GitHub issues](https://docs.github.com/en/issues/tracking-your-work-with-issues/about-issues) - [Markdown](https://guides.github.com/features/mastering-markdown/) - [Issue templates](https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/about-issue-and-pull-request-templates) - [GitHub projects](https://docs.github.com/en/issues/trying-out-the-new-projects-experience/about-projects) - [GitHub Jira integration](https://github.com/atlassian/github-for-jira) - [GitHub Azure Boards integration](https://docs.microsoft.com/en-us/azure/devops/boards/github)

Chapter 3: Teamwork and Collaborative Development

A high performing team is more than the sum of its members, and it takes a high performing team to build products that people love. In this chapter you’ll learn how to set up your team for high collaborative development using pull requests. You’ll learn what a pull request is and what features can help you to get a good code review workflow for your team. The following are the core topics that we will cover in this chapter:

Hands-on exercices: ✋

  1. Create a pull request
  2. Review Changes
References and Links Link to the video on [how GitHub uses GitHub to collaborate](https://youtu.be/HyvZO5vvOas?t=3189). - Coyle D. (2018). The Culture Code: The Secrets of Highly Successful Groups (1st ed.). Cornerstone Digital - Kim G., Humble J., Debois P. & Willis J. (2016). The DevOps Handbook: How to Create World-Class Agility, Reliability, and Security in Technology Organizations (1st ed.). IT Revolution Press - Scott Prugh (2014), [Continuous Delivery](https://www.scaledagileframework.com/guidance-continuous-delivery/). - Chacon S. & Straub B. (2014). [Pro Git (2nd ed.)](https://git-scm.com/book/de/v2). Apress. - Kaufmann M. (2021), Git für Dummies (1st ed., German). Wiley-VCH - [Git](https://en.wikipedia.org/wiki/Git) - [Pull requests](https://docs.github.com/en/github/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests) - [Code owners](https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/creating-a-repository-on-github/about-code-owners) - [Branch protection](https://docs.github.com/en/github/administering-a-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#about-branch-protection-rules) - [Code review assignments](https://docs.github.com/en/organizations/ organizing-members-into-teams/managing-code-review-assignment-for-your-team) - [Auto-Merge](https://docs.github.com/en/github/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request) - [Pull request reviews](https://docs.github.com/en/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews)

Chapter 4: Asynchronous Work: Collaborate from Anywhere

In this chapter we’ll focus on synchronous and asynchronous work and how you can use the benefits of asynchronous workflows for a better collaboration in distributed, remote, and hybrid teams and a better cross-team collaboration. The following are the topics that will be covered in the chapter:

Highlights:

References and Links - [History of communication 1](https://en.wikipedia.org/wiki/History_of_communication) - [History of communication 2](https://www.g2.com/articles/history-of-communication) - [Time capsule: 150 years](https://www.elon.edu/u/imagining/time-capsule/150-years/) - [History in general](https://www.dhm.de/lemo/kapitel) (in German) - [World population growth](https://ourworldindata.org/world-population-growth) - [Hybrid work](https://www.microsoft.com/en-us/worklab/work-trend-index/hybrid-work) - [Work trend index](https://www.microsoft.com/en-us/worklab/work-trend-index) - [GitHub Discussions](https://docs.github.com/en/discussions) - [GitHub Pages](https://docs.github.com/en/pages) - [GitHub Mobile](https://github.com/mobile)

Chapter 5: The Influence of Open and Inner Source on Software Delivery Performance

In this chapter I explain the history of free and open-source software and why it has become so important over the last years. I will explain the impact it can have on your engineering velocity and how you can use the principles of open source for better cross-team collaboration in your company (inner source). The chapter will cover:

Featured open-source projects to sponsor:

At the time writing the book, GitHub Sponsors was new and I worked with some of the mainters mentioned to set this up in a good way. So not all projects made it here - for example oh-my-zsh, which I use every day and which was the inspiration for oh-my-posh.

References and Links - Greene T. C. (2001). [Ballmer: Linux is a cancer](https://www.theregister.com/2001/06/02/ballmer_linux_is_a_cancer/) - Warren T. (2020). [Microsoft: we were wrong about open source](https://www.theverge.com/2020/5/18/21262103/microsoft-open-source-linux-history-wrong-statement) - Raymond, E. S. (1999). The Cathedral and the Bazaar: Musings on Linux and Open Source by an Accidental Revolutionary. O'Reilly Media. - O’Reilly (1998). FREEWARE LEADERS MEET IN FIRST-EVER SUMMIT O'Reilly Brings Together Creators of Perl, Apache,Linux and Netscape's Mozilla. [Press Release](https://www.oreilly.com/pub/pr/636) - OSI (2018). [Open Source Initiative - History of the OSI](https://opensource.org/history) - Richard S. (2021). [Why Open Source Misses the Point of Free Software](https://www.gnu.org/philosophy/open-source-misses-the-point.en.html) - Volpi M. (2019). [How open-source software took over the world](https://techcrunch.com/2019/01/12/how-open-source-software-took-over-the-world/) - Ahlawat P., Boyne J., Herz D., Schmieg F., & Stephan M. (2021). [Why You Need an Open Source Software Strategy](https://www.bcg.com/publications/2021/open-source-software-strategy-benefits) - [Inner Source](https://en.wikipedia.org/wiki/Inner_source) - [GitHub Sponsors](https://github.com/sponsors)

Part 2: Engineering DevOps Practices

Part 2 explains the most important engineering practices for effective DevOps. You’ll learn how to use GitHub Actions to automate your release pipelines and other engineering tasks, how to work trunk-based and with feature-flags and how to shift left security and quality assurance.

Chapter 6: Automation with GitHub Actions

This chapter explains the importance of automation for quality and speed. It introduces you to GitHub Actions and how you can use them for any kind of automation – not only continuous delivery.

References and Links - Humble J., & Farley, D. (2010). Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation. Addison-Wesley Professional. - Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press. - [YAML](https://yaml.org/) - [GitHub Actions](https://docs.github.com/en/actions) - [GitHub Learning Lab](https://lab.github.com) - [Workflow syntax](https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions) - [GitHub Marketplace](https://github.com/marketplace)

Chapter 7: Running Your Workflows

In this chapter, I’ll show you the different options for running your workflows. We’ll investigate hosted and self-hosted runners, and I’ll explain how you can tackle hybrid-cloud scenarios or hardware-in-the-loop tests using the different hosting options. I’ll also show you how to set up, manage, and scale self-hosted runners, and I’ll show you how you can approach monitoring and troubleshooting. The following are the core topics that we will cover in this chapter:

References and Links - [Using GitHub-hosted runners](https://docs.github.com/en/actions/using-github-hosted-runners) - [Virtual environments](https://github.com/actions/virtual-environments) - [Hosting your own runners](https://docs.github.com/en/actions/hosting-your-own-runners) - A [curated list](https://jonico.github.io/awesome-runners) of awesome self-hosted GitHub Action runner solutions in a large comparison matrix.

Chapter 8: Managing Dependencies Using GitHub Packages

This chapter describes how you can use GitHub Packages, semantic Versioning together with GitHub Actions to manage dependencies between your teams and products. The main topics are as follows:

References and Links - [Semantic versioning](https://semver.org/) - [Billing and pricing](https://docs.github.com/en/billing/managing-billing-for-github-packages/about-billing-for-github-packages) - [Access control and visibility](https://docs.github.com/en/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility) - [Working with the registry (Container, Apache Maven, Gradle. NuGet, npm, RubyGems)](https://docs.github.com/en/packages/working-with-a-github-packages-registry)

Chapter 9: Deploy to Any Platform

In this chapter I'll show you how you can easily deploy to any cloud and any platform in a secure and compliant way. The chapter will cover:

References and Links - [CI/CD](https://azure.microsoft.com/en-us/overview/continuous-delivery-vs-continuous-deployment/) - [Deployment rings](https://docs.microsoft.com/en-us/azure/devops/migrate/phase-rollout-with-rings) - [Deploying to Azure App Service](https://docs.github.com/en/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure-app-service) - [Deploying to Google Kubernetes Engine](https://docs.github.com/en/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine) - [Deploy to AWS Elastic Container Service](https://docs.github.com/en/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service) - [Security hardening your deployments](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments) - [Kubernetes Deployments](https://kubernetes.io/docs/concepts/workloads/controllers/) - [Kubernetes Deployment Strategies](https://github.com/ContainerSolutions/k8s-deployment-strategies) - [Helm](https://helm.sh/) - [Kustomize](https://kustomize.io/) - [Infrastructure as Code](https://en.wikipedia.org/wiki/Infrastructure_as_code) - [Infrastructure as Code and environment or configuration drift](https://docs.microsoft.com/en-us/devops/deliver/what-is-infrastructure-as-code) - [Workflow templates](https://docs.github.com/en/actions/learn-github-actions/creating-workflow-templates) - [Reusable workflows](https://docs.github.com/en/actions/learn-github-actions/reusing-workflows) - [Four Keys Project](https://github.com/GoogleCloudPlatform/fourkeys/)

Chapter 10: Feature Flags and the Feature Lifecycle

This chapter explains how Feature Flags – or Feature Toggles - can help you to reduce complexity and manage the lifecycle of features and your software.The main topics of this chapter are:

References and Links - Martin Fowler (2017). [Feature-Toggles (aka Feature Flags)](https://martinfowler.com/articles/feature-toggles.html) - [Comparison of Feature Flag Solutions](https://wulfland.github.io/FeatureFlags/) - [LaunchDarkly](https://launchdarkly.com/) - [Switchover](https://switchover.io/) - [VWO](https://vwo.com/) - [Split](https://www.split.io/) - [Flagship](https://www.flagship.io/) - [Unleash](https://www.getunleash.io/) and [on GitHub](https://github.com/Unleash/unleash)

Chapter 11: Trunk-based Development

This chapter explains the benefits of trunk-based development and introduces you to the best git workflows to accelerate your software delivery.

The chapter covers:

References and Links - Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press. - [Trunk-based development]( https://trunkbaseddevelopment.com) - Git flow: Vincent Driessen (2010), [A successful Git branching model](https://nvie.com/posts/a-successful-git-branching-model/) - [GitLab flow](https://docs.gitlab.com/ee/topics/gitlab_flow.html) - Edward Thomson (2018). [Release Flow: How We Do Branching on the VSTS Team](https://devblogs.microsoft.com/devops/release-flow-how-we-do-branching-on-the-vsts-team/) - Aman Gupta (2015). [Deploying branches to GitHub.com](https://github.blog/2015-06-02-deploying-branches-to-github-com/) - [GitHub flow](https://docs.github.com/en/get-started/quickstart/github-flow) - [GitHub CLI](https://cli.github.com/)

Part 3: Release with Confidence

Part 3 explains how you can accelerate even further and release frequently with confidence by baking quality assurance and security into your release pipelines. This includes concepts like shifting left testing and security, testing in production, chaos engineering, DevSecOps, securing your software supply chain, and ring-based deployments.

Chapter 12: Shift Left Testing for Increased Quality

takes a closer look at the role of quality assurance and testing on developer velocity and shows how you can shift left testing with test automation. The chapter also covers testing in production and chaos engineering.

Main topics in the chapter are:

References and Links - Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press. - Eran Kinsbruner (2018), Continuous Testing for DevOps Professionals: A Practical Guide From Industry Experts (Kindle Edition). CreateSpace Independent Publishing Platform. - Sam Laing (2015), [The Testing Manifesto](https://www.growingagile.co.za/2015/04/the-testing-manifesto/). - Wolfgang Platz, Cynthia Dunlop (2019), Enterprise Continuous Testing: Transforming Testing for Agile and DevOps (Kindle Edition), Independently published. - Tilo Linz (2014): Testing in Scrum (E-book), Rocky Nook. - Kaner C., Falk J., H. Q. Nguyen (1999), Testing Computer Software (2nd Edition) Wiley. - Roy Osherove (2009), The Art of Unit Testing (1st edition), Manning. - Martin Fowler (2007), [Mocks Aren't Stubs](https://martinfowler.com/articles/mocksArentStubs.html). - Müller, Matthias M.; Padberg, Frank (2017). About the Return on Investment of Test-Driven Development (PDF). Universität Karlsruhe, Germany. - Erdogmus, Hakan; Morisio, Torchiano (2014). On the Effectiveness of Test-first Approach to Programming. Proceedings of the IEEE Transactions on Software Engineering, 31(1). January 2005. (NRC 47445). - [Shift left to make testing fast and reliable](https://docs.microsoft.com/en-us/devops/develop/shift-left-make-testing-fast-reliable). - Martin Fowler (2011), [Eradicating Non-Determinism in Tests](https://martinfowler.com/articles/nonDeterminism.html). - Jordan Raine (2020). [Reducing flaky builds by 18x](https://github.blog/2020-12-16-reducing-flaky-builds-by-18x/). - John Micco (2016). [Flaky Tests at Google and How We Mitigate Them](https://testing.googleblog.com/2016/05/flaky-tests-at-google-and-how-we.html). - [Shift right to test in production](https://docs.microsoft.com/en-us/devops/deliver/shift-right-test-production). - Michael Nygard (2018). Release It! Design and Deploy Production-Ready Software (2nd Edition). O'Reilly.

Chapter 13, Shift Left Security ad DevSecOps

This chapter takes a broader look at the role of security in software development and how you can bake security into the process and practice DevSecOps, zero-trust, and how you can shift left security. The chapter looks at common attack scenarios and how you can practice security and create awareness using attack simulations and red team | blue team exercises. The chapter also introduces you to GitHub Codespaces as a secure development environment in the cloud.

The key points that we will cover in this chapter are:

References and Links - IC3 (2020). [Internet Crime Report 2020](https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf). - IC3 (2019). [Internet Crime Report 2019](https://www.ic3.gov/Media/PDF/AnnualReport/2019_IC3Report.pdf). - [Data reaches in 2020](https://www.identityforce.com/blog/2020-data-breaches). - [Data breaches in 2021](https://www.identityforce.com/blog/2021-data-breaches). - Terranova & Microsoft (2021). [Gone Phishing Tournament - Phishing Benchmark Global Report 2021](https://terranovasecurity.com/gone-phishing-tournament/). - [GitHub Codespaces](https://docs.github.com/en/codespaces/). - [devcontainer.json reference](https://code.visualstudio.com/docs/remote/devcontainerjson-reference).

Chapter 14, Securing Your Code

This chapter describes how you can use GitHub Advanced Security to eliminate bugs, security, and compliance issues by performing static code analysis with CodeQL and other tools, successfully manage your software supply chain with Dependabot, and eliminate secrets in your code base using Secret Scanning.

The key topics in this chapter are:

References and Links - Keith Collins (2016). [How one programmer broke the internet by deleting a tiny piece of code](https://qz.com/646467/how-one-programmer-broke-the-internet-by-deleting-a-tiny-piece-of-code/). - Tyler Eon (2016). [Kik, Left-Pad, and NPM — Oh My!](https://medium.com/@kolorahl/kik-left-pad-and-npm-oh-my-e6f216a22766) - Maya Kaczorowski (2020). [Secure at every step: What is software supply chain security and why does it matter?](https://github.blog/2020-09-02-secure-your-software-supply-chain-and-protect-against-supply-chain-threats-github-blog/) - [About the dependency graph](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph). - [About dependabot version updates](https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates). - [About secret scanning](https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning). - [About GitHub Advanced Security](https://docs.github.com/en/get-started/learning-about-github/about-github-advanced-security). - [About Code Scanning](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning). - GitHub Blog (2021). [CodeQL code scanning: new severity levels for security alerts](https://github.blog/changelog/2021-07-19-codeql-code-scanning-new-severity-levels-for-security-alerts/). - [Common Vulnerability Scoring System (CVSS)](https://www.first.org/cvss/v3.1/specification-document) - [CodeQL documentation](https://codeql.github.com/docs/) - [CodeQL Language Reference](https://codeql.github.com/docs/ql-language-reference)

Chapter 15, Securing Your Deployments

This chapter shows how you can secure deployments to your environments and how you can automate your complete release pipeline in a secure, compliant way to also meet regulatory requirements. The chapter covers Software Bills of Meterials (SBoM), code and commit signing, dynamic application security testing, and security hardening your release pipelines. We will cover the following main topics in this chapter:

References and Links - Kim G., Humble J., Debois P. & Willis J. (2016). The DevOps Handbook: How to Create World-Class Agility, Reliability, and Security in Technology Organizations (1st ed.). IT Revolution Press - Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press. - Oladimeji S., Kerner S. M. (2021). [SolarWinds hack explained: Everything you need to know](https://whatis.techtarget.com/feature/SolarWinds-hack-explained-Everything-you-need-to-know). - Sudhakar Ramakrishna (2021). [New Findings From Our Investigation of SUNBURST](https://orangematter.solarwinds.com/2021/01/11/new-findings-from-our-investigation-of-sunburst/). - Crowdstrike blog (2021). [SUNSPOT: An Implant in the Build Process](https://www.crowdstrike.com/blog/sunspot-malware-technical-analysis/). - Eckels S., Smith J. & Ballenthin W. (2020). [SUNBURST Additional Technical Details](https://www.mandiant.com/resources/sunburst-additional-technical-details) - Souppaya M., Morello J., & Scarfone K. (2017). [Application Container Security Guide](https://doi.org/10.6028/NIST.SP.800-190). - National Telecommunications and Information Administration (NTIA), [Software Bill of Materials](https://www.ntia.gov/sbom). - Thomas Claburn (2018). [Check your repos... Crypto-coin-stealing code sneaks into fairly popular NPM lib (2m downloads per week)]( https://www.theregister.com/2018/11/26/npm_repo_bitcoin_stealer/). - Haymore A., Smart I., Gazdag V., Natesan D., & Fernick J. (2022). [10 real-world stories of how we’ve compromised CI/CD pipelines]( https://research.nccgroup.com/2022/01/13/10-real-world-stories-of-how-weve-compromised-ci-cd-pipelines/). - Rob Bos (2022). [Setup an internal GitHub Actions Marketplace](https://devopsjournal.io/blog/2021/10/14/GitHub-Actions-Internal-Marketplace.html)

Part 4: Software Architecture

Part 4 is about the correlation of your software architecture and the communication in your organization. You’ll learn how to transform your monolith gradually to a loosely coupled, event-based architecture.

Chapter 16: Loosely Coupled Architecture and Microservices

In this chapter I’ll give you an overview of loosely coupled systems and how you can evolve your software and system design to achieve a high engineering velocity. The following topics will be covered in this chapter:

References and Links - Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press. - Lewis J. & Fowler M. (2014). [Microservices](https://martinfowler.com/articles/microservices.html). - Eric Evans (2003). Domain-Driven Design: Tackling Complexity in the Heart of Software. Addison-Wesley Professional. - Martin Fowler (2004). [StranglerFigApplication](https://martinfowler.com/bliki/StranglerFigApplication.html). - Michael T. Nygard (2017). Release It!: Design and Deploy Production-Ready Software. Pragmatic Programmers - Martin Fowler (2005). [Event Sourcing](https://martinfowler.com/eaaDev/EventSourcing.html). - Lucas Krause (2015). Microservices: Patterns and Applications – Designing Fine-Grained Services By Applying Patterns [Kindle Edition].

Chapter 17: Empower Your Teams

This chapter is about the correlation of the communication structure of your organization and your system architecture (Conway’s law) and how you can use this to improve architecture, organization structure, and software delivery performance. It covers the two-pizza team, the Inverse Conway Maneuver, and a mono- versus multi-repo strategy for your code. The following are the core topics in this chapter:

References and Links - Conway, Melvin (1968). [How do committees invent](http://www.melconway.com/Home/pdf/committees.pdf). - Raymond, Eric S. (1996). The New Hacker's Dictionary [3rd ed.]. MIT Press. - Amazon (2020): [Introduction to DevOps on AWS - Two-Pizza Teams](https://docs.aws.amazon.com/whitepapers/latest/introduction-devops-aws/two-pizza-teams.html). - Willink, J. & Leif Babin, L. (2017). Extreme Ownership: How U.S. Navy SEALs Lead and Win. Macmillan. - Miller, G. A. (1956). [The magical number seven, plus or minus two: Some limits on our capacity for processing information](http://psychclassics.yorku.ca/Miller/). - Cohn M. (2009). Succeeding with Agile: Software Development Using Scrum. Addison-Wesley - QSM (2011). [Team Size Can Be the Key to a Successful Software Project](https://www.qsm.com/process_improvement_01.html). - Karau, S. J., & Williams, K. D. (1993). [Social loafing: A meta-analytic review and theoretical integration. Journal of Personality and Social Psychology, 65(4), 681–706](https://doi.org/10.1037/0022-3514.65.4.681). - Robbins S. (2005). Essentials of organizational behavior. Prentice Hall. - Steiner, I. D. (1972). Group process and productivity. Academic Press Inc. - Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press. - Skelton M., and Pais M. (2019). Team Topologies: Organizing Business and Technology Teams for Fast Flow. IT Revolution. - Reinertsen D. (2009). The Principles of Product Development Flow: Second Generation Lean Product Development. Celeritas Publishing. - Medina A. M. (2021). [Remote debugging on Kubernetes using VS Code](https://developers.redhat.com/articles/2021/12/13/remote-debugging-kubernetes-using-vs-code).

Part 5: Lean Product Management

In Part 5 you’ll learn the importance of lean product management, how to integrate customer feedback into your flow of work, and how to combine hypothesis-driven development with OKR.

Chapter 18: Lean Product Development and Lean Startup

This chapter is about the importance of lean product management at a product and feature level. It shows how you can incorporate customer feedback into your product management, create Minimal Viable Products, and how you can manage your enterprise portfolio. This chapter covers:

References and Links - Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press. - Ward, Allen (2007). Lean Product and Process Development. Lean Enterprise Institute, US - Ries, Eric (2011). The Lean Startup: How Today's Entrepreneurs Use Continuous Innovation to Create Radically Successful Businesses [Kindl Edition]. Currency - Humble J., Molesky J. & O’Reilly B. (2015). Lean Enterprise: How High Performance Organizations Innovate at Scale [Kindle Edition]. O'Reilly Media. - Osterwalder, Alexander (2004). [The Business Model Ontology: A Proposition In A Design Science Approach](http://www.hec.unil.ch/aosterwa/PhD/Osterwalder_PhD_BM_Ontology.pdf). - Goodwin, Kim (2009). Designing for the Digital Age - How to Create Human-Centered Products and Services. Wiley.

Chapter 19: Experimentation and A|B-Testing

This chapter explains how you can evolve and continuously improve your products by conducting experiments to validate hypotheses through evidence-based DevOps practices like A|B-testing. It also explains how you can leverage OKR to empower your teams to conduct the right experiments and to build the right products. The following topics will be covered in this chapter:

References and Links - [The Scientific Method](https://en.wikipedia.org/wiki/Scientific_method) - [Ring-based Deployments](https://docs.microsoft.com/en-us/azure/devops/migrate/phase-rollout-with-rings) - [Optimizely](https://www.optimizely.com/) - [Hubspot](https://www.hubspot.com/) - [GrowthBook](https://github.com/growthbook/growthbook) - [Flagger](https://flagger.app/) - Stefan Prodan: [GitOps recipe for Progressive Delivery with Flux v2, Flagger and Istio](https://github.com/stefanprodan/gitops-istio)

Part 6: GitHub for your Enterprise

In Part 6 you’ll learn about the different hosting and pricing options of GitHub, how you can migrate to GitHub from other platforms, and best practices for structuring your teams and products inside GitHub Enterprise.

Chapter 20: GitHub: The Home for All Developer

This chapter explains how GitHub can serve as the holistic, open platform for your teams. It explains the different hosting options, pricing, and how you can integrate it in your existing toolchain. The key topics are:

References and Links - [Pricing](https://github.com/pricing) - [GitHub AE](https://docs.github.com/en/github-ae@latest/admin/overview/about-github-ae) - [SCIM](https://docs.github.com/en/enterprise-cloud@latest/rest/reference/scim) - [Enterprise Managed Users](https://docs.github.com/en/enterprise-cloud@latest/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/about-enterprise-managed-users) - [Audit logs](https://docs.github.com/en/enterprise-cloud@latest/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise) - [GitHub Learning Lab](https://lab.github.com) - [Microsoft Learn](https://docs.microsoft.com/en-us/learn)

Chapter 21: Migrating to GitHub

If you are not a start-up, then you always have existing tools and processes that must be considered when moving to a new platform. In this chapter, we will discuss different strategies related to migrating to GitHub from different platforms. In this chapter, we will cover the following:

References and Links - [GitHub Importer](https://docs.github.com/en/get-started/importing-your-projects-to-github/importing-source-code-to-github/importing-a-repository-with-github-importer). - [GitHub Enterprise Importer CLI](https://github.com/github/gh-gei). - [GitHub Valet CLI](https://github.com/github/gh-valet). - [migrating with GitHub Enterprise Importer](https://docs.github.com/en/early-access/github/migrating-with-github-enterprise-importer). - [GitHub Enterprise Server Importer](https://docs.github.com/en/enterprise-server@3.4/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations) - [ghe-migrator](https://docs.github.com/en/enterprise-server@3.4/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations). - [Tasktop](https://www.tasktop.com/). - [git-svn](https://git-scm.com/docs/git-svn). - [git-tfs](https://github.com/git-tfs/git-tfs).

Chapter 22: Organize Your Teams

In this chapter you’ll learn best-practices to structure your repositories and teams into organizations and enterprises to foster collaboration and facilitate administration. The chapter covers:

References and Links - [About teams](https://docs.github.com/en/organizations/organizing-members-into-teams/about-teams). - [Base permissions](https://docs.github.com/en/organizations/managing-access-to-your-organizations-repositories/setting-base-permissions-for-an-organization). - [Custom roles](https://docs.github.com/en/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization). - [Outside collaborators](https://docs.github.com/en/organizations/managing-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization). - [Managing access to your repository](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#inviting-a-team-or-person).

Chapter 23: Transform Your Enterprise

The last chapter puts all the pieces together. The book gives you a lot of tools that you can use to drive a successful transformation and to gain developer velocity. But only if all pieces are put together the transformation will succeed. The chapter will explain, why many transformations fail, and what you shoud do to make your transformation a success.

We will cover the following topics:

References and Links - Simon Sinek (2011), Start With Why – How Great Leaders Inspire Everyone to Take Action, Penguin - Simon Sinek (2019), The Infinite Game, Penguin - Nadella, S., Shaw, G. & Nichols, J. T. (2017), Hit Refresh: The Quest to Rediscover Microsoft's Soul and Imagine a Better Future for Everyone, Harper Business - Srivastava S., Trehan K., Wagle D. & Wang J. (April 2020). [Developer Velocity: How software excellence fuels business performance](https://www.mckinsey.com/industries/technology-media-and-telecommunications/our-insights/developer-velocity-how-software-excellence-fuels-business-performance). - Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press. - John P. Kotter (2008), A Sense of Urgency, Harvard Business Review Press - John P. Kotter (2012), Leading Change, Harvard Business Review Press - Volkswagen (2019): [Volkswagen with New Corporate Mission Statement Environment "goTOzero"](https://www.volkswagenag.com/en/news/2019/07/goTOzero.html). - Mezedes-Benz Group Media (2019): [“Ambition2039”: Our path to sustainable mobility](https://group-media.mercedes-benz.com/marsMediaSite/ko/en/43348842). - [Theory of constraints](https://www.leanproduction.com/theory-of-constraints). - Small World (2016): [Theory of constraints – Drum-Buffer-Rope](https://www.smallworldsocial.com/theory-of-constraints-104-balance-flow-not-capacity/). - de Vries, M., & van Osnabrugge, R. (2022): [Together we build an Engineering Culture](https://xpirit.com/together-we-build-an-engineering-culture/). XPRT Magazine #12.