development strategies for web applications jonathan babbage national superconducting cyclotron...
TRANSCRIPT
![Page 1: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/1.jpg)
Development Strategies for Web Applications
Jonathan Babbage
National Superconducting Cyclotron Laboratory
![Page 2: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/2.jpg)
Background
• Started with PHP/MySQL in 2000
• BS and MS in computer science from MSU• What I missed in the process
• Six years of web development at NSCL
• Why did I decide to give this talk?
![Page 3: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/3.jpg)
Initial Configuration
• Production web server• Production database server• Development web server with debugging enabled• Development database server• Network accessible production code• Network accessible development code• Copy script to move files from development to
production
![Page 4: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/4.jpg)
What problems are we trying to solve?
• Passwords open to public or developers
• Code changes need to move to production
• Developers overwriting each others code
• Development code affecting production
• No way to confirm defects or behavior
• No way to go back to a working version
• Updates to database schema made by hand
![Page 5: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/5.jpg)
Three Tier Model
• Each tier will have its own configuration file for passwords, database server, and paths
• Production• Only updated with source control checkout
• Test / QA• Configured the same as production• Limited access
• Development• Every developers desktop
![Page 6: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/6.jpg)
What problems are we trying to solve?
Passwords open to public or developersCode changes need to move to production
• Developers overwriting each others code
• Development code affecting production
• No way to confirm defects or behavior
• No way to go back to a working version
• Updates to database schema made by hand
![Page 7: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/7.jpg)
Apache Friends on the Desktop
• Free cross platform PHP enabled web, MySQL, and mail server
• Allows the developer to schema changes
• Mail is only delivered locally
• Database changes will not impact production
• Limited path into production
![Page 8: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/8.jpg)
Development
• Each developer modifies her own configuration file
• Check out the most recent version for version control
• Deploy a backup of production database or use a dummy schema if security dictates
• Developer commits code based on your own standards
![Page 9: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/9.jpg)
What problems are we trying to solve?
Passwords open to public or developersCode changes need to move to productionDevelopers overwriting each others codeDevelopment code affecting production
• No way to confirm defects or behavior
• No way to go back to a working version
• Updates to database schema made by hand
![Page 10: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/10.jpg)
Test / QA
• Important to be kept up to date• All code needs to go through QA
• Those in charge of testing have access• After testing concludes, code is tagged as a
release version • Code can be replaced with production at
any time
![Page 11: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/11.jpg)
What problems are we trying to solve?
Passwords open to public or developersCode changes need to move to productionDevelopers overwriting each others codeDevelopment code affecting productionNo way to confirm defects or behavior
• No way to go back to a working version
• Updates to database schema made by hand
![Page 12: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/12.jpg)
Communication Between Developers
• Concurrent development is possible since each user has their own version
• Identify independent portions of a project to break it up
• Code merging must be regularly practiced
![Page 13: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/13.jpg)
Version Control
• Much more than just source code
• All database schemas (create statements)
• All database changes (edit statements)
• Stored Procedures, Triggers, and Views
• Ability to reproduce database corresponding to code version
• Could also include documentation
![Page 14: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/14.jpg)
Rollout Procedure
• After testing has been completed and version created
• Mark all features implemented and bugs fixed with this version
• Do a checkout of code to production
• Run updates on production schema
![Page 15: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/15.jpg)
What problems are we trying to solve?
Passwords open to public or developersCode changes need to move to productionDevelopers overwriting each others codeDevelopment code affecting productionNo way to confirm defects or behaviorNo way to go back to a working versionUpdates to database schema made by hand
![Page 16: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/16.jpg)
Considerations
• Time to deploy updates should remain short
• Convincing others of the benefits associated with the additional cost of development
• Rollout is a two step process
![Page 17: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/17.jpg)
Other Ideas
• Bug tracking
• Consistency of input
• Database class (mysqli, PDO, custom)
• Security http://shiflett.org/php-security.pdf
![Page 18: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/18.jpg)
Stored Procedures and Views
• SP’s are a contentious issue• Pros (security, limiting traffic, abstraction) • Cons (new api, hide business process, no
objects, testing, error reporting)
• Views for temporal tables
![Page 19: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/19.jpg)
Open Questions
• What does it mean to roll back a schema?
• How to improve the testing phase?
• How to handle file uploads?
![Page 20: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/20.jpg)
Demo
• Tortoise
• WinMerge
![Page 21: Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e725503460f94b70c2b/html5/thumbnails/21.jpg)
Software
• www.apachefriends.org• www.tortoisecvs.org• winmerge.org• dev.mysql.com/downloads/gui-tools/5.0.html• PuTTY (Pageant)• Firefox Plugins
• Web Developer• Firebug