SlideShare a Scribd company logo

Ploigos - How It Works, and Why.pdf

Bill Bensing
Bill Bensing

Covers the implementation and architecture for Ploigos.

Technology
1 of 21
Download to read offline
v1.0.0 Software Engineering applied to the Software Development Lifecycle Ploigos Ecosystem Bill Bensing March 2, 2022 1
v1.0.0 Symptoms of a Diseased SDLC 2 ▸ Inability extend SDLC workflow, or swap technologies (at scale) without investments that resemble large re-write efforts ▸ High Toil, linear, or exponential, increase in effort as use of system increases.
v1.0.0 The Organization Problem 3 1. Low SDLC Cohesion a. Little or no design, a series of tools & integration b. No formalized business architecture (workflow) 2. Highly Coupled & Brittle Implementation a. Low, or no, testability b. Approach to scale - copy “business logic” 3. Attestable Information a. Hard tell what happened, or when b. Very high toil
v1.0.0 Workflow, Tools, & Services Enabling Constraints - Gold Path Workflow 4 The same thing, the same way, regardless of tech stack ▸ Minimum - Most Basic Flow ▸ Typical - Shift-Left Security ▸ Everything - 100% Automated Governance
v1.0.0 SOLID Software Delivery Lifecycle 5 Why Not Apply Software Engineering Principles? ▸ S - Single Responsibility ▸ O - Open-Closed Principle ▸ L - Liskov Substitution ▸ I - Interface Segregation ▸ D - Dependency Inversion
v1.0.0 What If There Was… 6 A technology-agnostic canonical implementation of SDLC tooling, with default workflow implementations, that allows one to layer in current, and future unknown concerns, which are independent of SDLC tool execution?
v1.0.0 Ploigos Step Runner 7 A technology-agnostic canonical implementation of SDLC tooling, with default workflow implementations, that allows one to layer in current, and future unknown concerns, which are independent of SDLC tool execution.
v1.0.0 Ploigos Ecosystem 8 https://github.com/ploigos
v1.0.0 Ploigos Step Runner 9 How It Works CI Tool Static Scanning Lines & Lines of Imperative Logic
v1.0.0 Ploigos Step Runner 10 How It Works CI Tool $ psr static-scan Ploigos Step Runner Step Runner Config Retrieve Configuration Invoke Tools
v1.0.0 Ploigos Step Runner 11 How It Works ▸ Procedural ▸ Declarative ▸ SOLID ・ S - Single Responsibility ・ O - Open-Closed Principle ・ L - Liskov Substitution ・ I - Interface Segregation ・ D - Dependency Inversion
v1.0.0 Ploigos Step Runner 12 Source: Step Runner Diagram
v1.0.0 The Modern Governance Strategy - Coherent Actions 13 Unit Tested Workflow Advantages Integration Tested Tools A workflow & tool set as a service
v1.0.0 Ploigos Step Runner 14 How It Works - Automated Governance CI Tool $ psr static-scan Ploigos Step Runner Step Runner Config Retrieve Configuration Collect, Serialize, Sign,& Persist Outcomes Invoke Tools Store Outcome Attestation
v1.0.0 Ploigos Step Runner 15 How It Works Evidence Attestation Persisted Evidence Cross Reference Eachother
v1.0.0 16 The Modern Governance Strategy - Coherent Actions Automated Control Gate Activity Collect Material Normalized Material Retrieve Attestation Validate & Audit Attestation Attest To (Sign) Material & Persist Retrieve Policy Evidence & Attestation Procedure Policy Enforcement Point Procedure
v1.0.0 The Modern Governance Strategy - Coherent Actions Serialize Material is Key to Externalized Policy 17 Evidence & Attestation - How to Codify Policy, Security, & Compliance
v1.0.0 The Modern Governance Strategy - Coherent Actions Externalize Governance - Audit Against Business Interface 18 Policy Enforcement Point - How to Codify Policy, Security, & Compliance
v1.0.0 The Modern Governance Strategy - Coherent Actions Continuous Integration as Evidence 19 Evidence Collection & Attestation of CI Process & Outcomes
v1.0.0 The Modern Governance Strategy - Coherent Actions Validateable Continuous Deployment 20 Audits Are the First Part of the Deployment Process
v1.0.0 The Modern Governance Strategy - Coherent Actions 100% Automated - Commit to Production 21 Automated Governance = Compliance as Code + Policy as Code

Recommended

LeanIX Architecture Gathering 2018
LeanIX Architecture Gathering 2018LeanIX Architecture Gathering 2018
LeanIX Architecture Gathering 2018LeanIX GmbH
 
Webinar - Devops platform for the evolving enterprise
Webinar - Devops platform for the evolving enterpriseWebinar - Devops platform for the evolving enterprise
Webinar - Devops platform for the evolving enterpriseDBmaestro - Database DevOps
 
DevOps for the Discouraged
DevOps for the Discouraged DevOps for the Discouraged
DevOps for the Discouraged James Wickett
 
Automation and Release in Federal
Automation and Release in FederalAutomation and Release in Federal
Automation and Release in FederalSerena Software
 
SDLC & DevOps Transformation with Agile
SDLC & DevOps Transformation with AgileSDLC & DevOps Transformation with Agile
SDLC & DevOps Transformation with AgileAbdel Moneim Emad
 
Taking AppSec to 11 - BSides Austin 2016
Taking AppSec to 11 - BSides Austin 2016Taking AppSec to 11 - BSides Austin 2016
Taking AppSec to 11 - BSides Austin 2016Matt Tesauro
 
Desmistificando Tecnologias
Desmistificando TecnologiasDesmistificando Tecnologias
Desmistificando TecnologiasJuliano Martins
 
Building and Delivering Software in a Faster and More Consistent Way
Building and Delivering Software in a Faster and More Consistent WayBuilding and Delivering Software in a Faster and More Consistent Way
Building and Delivering Software in a Faster and More Consistent WayDevOps Indonesia
 

Recommended

LeanIX Architecture Gathering 2018
LeanIX Architecture Gathering 2018LeanIX Architecture Gathering 2018
LeanIX Architecture Gathering 2018LeanIX GmbH
 
Webinar - Devops platform for the evolving enterprise
Webinar - Devops platform for the evolving enterpriseWebinar - Devops platform for the evolving enterprise
Webinar - Devops platform for the evolving enterpriseDBmaestro - Database DevOps
 
DevOps for the Discouraged
DevOps for the Discouraged DevOps for the Discouraged
DevOps for the Discouraged James Wickett
 
Automation and Release in Federal
Automation and Release in FederalAutomation and Release in Federal
Automation and Release in FederalSerena Software
 
SDLC & DevOps Transformation with Agile
SDLC & DevOps Transformation with AgileSDLC & DevOps Transformation with Agile
SDLC & DevOps Transformation with AgileAbdel Moneim Emad
 
Taking AppSec to 11 - BSides Austin 2016
Taking AppSec to 11 - BSides Austin 2016Taking AppSec to 11 - BSides Austin 2016
Taking AppSec to 11 - BSides Austin 2016Matt Tesauro
 
Desmistificando Tecnologias
Desmistificando TecnologiasDesmistificando Tecnologias
Desmistificando TecnologiasJuliano Martins
 
Building and Delivering Software in a Faster and More Consistent Way
Building and Delivering Software in a Faster and More Consistent WayBuilding and Delivering Software in a Faster and More Consistent Way
Building and Delivering Software in a Faster and More Consistent WayDevOps Indonesia
 
Making Runtime Data Useful for Incident Diagnosis: An Experience Report
Making Runtime Data Useful for Incident Diagnosis: An Experience ReportMaking Runtime Data Useful for Incident Diagnosis: An Experience Report
Making Runtime Data Useful for Incident Diagnosis: An Experience ReportQAware GmbH
 
Robert Mircea & Virgil Chereches: Our Journey To Continuous Delivery at I T.A...
Robert Mircea & Virgil Chereches: Our Journey To Continuous Delivery at I T.A...Robert Mircea & Virgil Chereches: Our Journey To Continuous Delivery at I T.A...
Robert Mircea & Virgil Chereches: Our Journey To Continuous Delivery at I T.A...Mozaic Works
 
Test Automation at the Speed of Agile: Making It Work Every Build
Test Automation at the Speed of Agile: Making It Work Every BuildTest Automation at the Speed of Agile: Making It Work Every Build
Test Automation at the Speed of Agile: Making It Work Every BuildTechWell
 
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things Better
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things BetterTaking AppSec to 11: AppSec Pipeline, DevOps and Making Things Better
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things BetterMatt Tesauro
 
Our Journey To Continuous Delivery
Our Journey To Continuous DeliveryOur Journey To Continuous Delivery
Our Journey To Continuous DeliveryRobert Mircea
 
Thinking DevOps in the era of the Cloud - Demi Ben-Ari
Thinking DevOps in the era of the Cloud - Demi Ben-AriThinking DevOps in the era of the Cloud - Demi Ben-Ari
Thinking DevOps in the era of the Cloud - Demi Ben-AriDemi Ben-Ari
 
Dev ops and safety critical systems
Dev ops and safety critical systemsDev ops and safety critical systems
Dev ops and safety critical systemsLen Bass
 
DevOps Training - Ho Chi Minh City
DevOps Training - Ho Chi Minh CityDevOps Training - Ho Chi Minh City
DevOps Training - Ho Chi Minh CityChristian Trabold
 
Webinar: “Mai sentito parlare di Continuous Delivery per il database? Ecco co...
Webinar: “Mai sentito parlare di Continuous Delivery per il database? Ecco co...Webinar: “Mai sentito parlare di Continuous Delivery per il database? Ecco co...
Webinar: “Mai sentito parlare di Continuous Delivery per il database? Ecco co...Emerasoft, solutions to collaborate
 
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)DevOps CD and Multispeed IT in regulated industries (FUG Presentation)
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)Serena Software
 
Achieving a Serverless Development Experience
Achieving a Serverless Development ExperienceAchieving a Serverless Development Experience
Achieving a Serverless Development ExperienceIvan Dwyer
 
What DevOps Isn't
What DevOps Isn'tWhat DevOps Isn't
What DevOps Isn'tFrank Lamantia
 
Intro to DevOps 4 undergraduates
Intro to DevOps 4 undergraduates Intro to DevOps 4 undergraduates
Intro to DevOps 4 undergraduates Liran Levy
 
Keeping Your DevOps Transformation From Crushing Your Ops Capacity
Keeping Your DevOps Transformation From Crushing Your Ops Capacity Keeping Your DevOps Transformation From Crushing Your Ops Capacity
Keeping Your DevOps Transformation From Crushing Your Ops Capacity Rundeck
 
Business Case Calculator for DevOps Initiatives - Leading credit card service...
Business Case Calculator for DevOps Initiatives - Leading credit card service...Business Case Calculator for DevOps Initiatives - Leading credit card service...
Business Case Calculator for DevOps Initiatives - Leading credit card service...Capgemini
 
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)Hui (Henry) Chen
 
My Dad Won't Buy Me DevOps
My Dad Won't Buy Me DevOpsMy Dad Won't Buy Me DevOps
My Dad Won't Buy Me DevOpsXebiaLabs
 
2014-10 DevOps NFi - Why it's a good idea to deploy 10 times per day v1.0
2014-10 DevOps NFi - Why it's a good idea to deploy 10 times per day v1.02014-10 DevOps NFi - Why it's a good idea to deploy 10 times per day v1.0
2014-10 DevOps NFi - Why it's a good idea to deploy 10 times per day v1.0Joakim Lindbom
 
Rundeck Overview
Rundeck OverviewRundeck Overview
Rundeck OverviewRundeck
 
AUG NYC June 12 - Event Presentations
AUG NYC June 12 - Event PresentationsAUG NYC June 12 - Event Presentations
AUG NYC June 12 - Event PresentationsMadhusudhan Matrubai
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 

More Related Content

Similar to Ploigos - How It Works, and Why.pdf

Making Runtime Data Useful for Incident Diagnosis: An Experience Report
Making Runtime Data Useful for Incident Diagnosis: An Experience ReportMaking Runtime Data Useful for Incident Diagnosis: An Experience Report
Making Runtime Data Useful for Incident Diagnosis: An Experience ReportQAware GmbH
 
Robert Mircea & Virgil Chereches: Our Journey To Continuous Delivery at I T.A...
Robert Mircea & Virgil Chereches: Our Journey To Continuous Delivery at I T.A...Robert Mircea & Virgil Chereches: Our Journey To Continuous Delivery at I T.A...
Robert Mircea & Virgil Chereches: Our Journey To Continuous Delivery at I T.A...Mozaic Works
 
Test Automation at the Speed of Agile: Making It Work Every Build
Test Automation at the Speed of Agile: Making It Work Every BuildTest Automation at the Speed of Agile: Making It Work Every Build
Test Automation at the Speed of Agile: Making It Work Every BuildTechWell
 
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things Better
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things BetterTaking AppSec to 11: AppSec Pipeline, DevOps and Making Things Better
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things BetterMatt Tesauro
 
Our Journey To Continuous Delivery
Our Journey To Continuous DeliveryOur Journey To Continuous Delivery
Our Journey To Continuous DeliveryRobert Mircea
 
Thinking DevOps in the era of the Cloud - Demi Ben-Ari
Thinking DevOps in the era of the Cloud - Demi Ben-AriThinking DevOps in the era of the Cloud - Demi Ben-Ari
Thinking DevOps in the era of the Cloud - Demi Ben-AriDemi Ben-Ari
 
Dev ops and safety critical systems
Dev ops and safety critical systemsDev ops and safety critical systems
Dev ops and safety critical systemsLen Bass
 
DevOps Training - Ho Chi Minh City
DevOps Training - Ho Chi Minh CityDevOps Training - Ho Chi Minh City
DevOps Training - Ho Chi Minh CityChristian Trabold
 
Webinar: “Mai sentito parlare di Continuous Delivery per il database? Ecco co...
Webinar: “Mai sentito parlare di Continuous Delivery per il database? Ecco co...Webinar: “Mai sentito parlare di Continuous Delivery per il database? Ecco co...
Webinar: “Mai sentito parlare di Continuous Delivery per il database? Ecco co...Emerasoft, solutions to collaborate
 
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)DevOps CD and Multispeed IT in regulated industries (FUG Presentation)
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)Serena Software
 
Achieving a Serverless Development Experience
Achieving a Serverless Development ExperienceAchieving a Serverless Development Experience
Achieving a Serverless Development ExperienceIvan Dwyer
 
Intro to DevOps 4 undergraduates
Intro to DevOps 4 undergraduates Intro to DevOps 4 undergraduates
Intro to DevOps 4 undergraduates Liran Levy
 
Keeping Your DevOps Transformation From Crushing Your Ops Capacity
Keeping Your DevOps Transformation From Crushing Your Ops Capacity Keeping Your DevOps Transformation From Crushing Your Ops Capacity
Keeping Your DevOps Transformation From Crushing Your Ops Capacity Rundeck
 
Business Case Calculator for DevOps Initiatives - Leading credit card service...
Business Case Calculator for DevOps Initiatives - Leading credit card service...Business Case Calculator for DevOps Initiatives - Leading credit card service...
Business Case Calculator for DevOps Initiatives - Leading credit card service...Capgemini
 
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)Hui (Henry) Chen
 
My Dad Won't Buy Me DevOps
My Dad Won't Buy Me DevOpsMy Dad Won't Buy Me DevOps
My Dad Won't Buy Me DevOpsXebiaLabs
 
2014-10 DevOps NFi - Why it's a good idea to deploy 10 times per day v1.0
2014-10 DevOps NFi - Why it's a good idea to deploy 10 times per day v1.02014-10 DevOps NFi - Why it's a good idea to deploy 10 times per day v1.0
2014-10 DevOps NFi - Why it's a good idea to deploy 10 times per day v1.0Joakim Lindbom
 
Rundeck Overview
Rundeck OverviewRundeck Overview
Rundeck OverviewRundeck
 
AUG NYC June 12 - Event Presentations
AUG NYC June 12 - Event PresentationsAUG NYC June 12 - Event Presentations
AUG NYC June 12 - Event PresentationsMadhusudhan Matrubai
 

Similar to Ploigos - How It Works, and Why.pdf (20)

Making Runtime Data Useful for Incident Diagnosis: An Experience Report
Making Runtime Data Useful for Incident Diagnosis: An Experience ReportMaking Runtime Data Useful for Incident Diagnosis: An Experience Report
Making Runtime Data Useful for Incident Diagnosis: An Experience Report
 
Robert Mircea & Virgil Chereches: Our Journey To Continuous Delivery at I T.A...
Robert Mircea & Virgil Chereches: Our Journey To Continuous Delivery at I T.A...Robert Mircea & Virgil Chereches: Our Journey To Continuous Delivery at I T.A...
Robert Mircea & Virgil Chereches: Our Journey To Continuous Delivery at I T.A...
 
Test Automation at the Speed of Agile: Making It Work Every Build
Test Automation at the Speed of Agile: Making It Work Every BuildTest Automation at the Speed of Agile: Making It Work Every Build
Test Automation at the Speed of Agile: Making It Work Every Build
 
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things Better
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things BetterTaking AppSec to 11: AppSec Pipeline, DevOps and Making Things Better
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things Better
 
Our Journey To Continuous Delivery
Our Journey To Continuous DeliveryOur Journey To Continuous Delivery
Our Journey To Continuous Delivery
 
Thinking DevOps in the era of the Cloud - Demi Ben-Ari
Thinking DevOps in the era of the Cloud - Demi Ben-AriThinking DevOps in the era of the Cloud - Demi Ben-Ari
Thinking DevOps in the era of the Cloud - Demi Ben-Ari
 
Dev ops and safety critical systems
Dev ops and safety critical systemsDev ops and safety critical systems
Dev ops and safety critical systems
 
DevOps Training - Ho Chi Minh City
DevOps Training - Ho Chi Minh CityDevOps Training - Ho Chi Minh City
DevOps Training - Ho Chi Minh City
 
Webinar: “Mai sentito parlare di Continuous Delivery per il database? Ecco co...
Webinar: “Mai sentito parlare di Continuous Delivery per il database? Ecco co...Webinar: “Mai sentito parlare di Continuous Delivery per il database? Ecco co...
Webinar: “Mai sentito parlare di Continuous Delivery per il database? Ecco co...
 
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)DevOps CD and Multispeed IT in regulated industries (FUG Presentation)
DevOps CD and Multispeed IT in regulated industries (FUG Presentation)
 
Achieving a Serverless Development Experience
Achieving a Serverless Development ExperienceAchieving a Serverless Development Experience
Achieving a Serverless Development Experience
 
What DevOps Isn't
What DevOps Isn'tWhat DevOps Isn't
What DevOps Isn't
 
Intro to DevOps 4 undergraduates
Intro to DevOps 4 undergraduates Intro to DevOps 4 undergraduates
Intro to DevOps 4 undergraduates
 
Keeping Your DevOps Transformation From Crushing Your Ops Capacity
Keeping Your DevOps Transformation From Crushing Your Ops Capacity Keeping Your DevOps Transformation From Crushing Your Ops Capacity
Keeping Your DevOps Transformation From Crushing Your Ops Capacity
 
Business Case Calculator for DevOps Initiatives - Leading credit card service...
Business Case Calculator for DevOps Initiatives - Leading credit card service...Business Case Calculator for DevOps Initiatives - Leading credit card service...
Business Case Calculator for DevOps Initiatives - Leading credit card service...
 
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)
NYIT DSC/ Spring 2021 - Introduction to DevOps (CI/CD)
 
My Dad Won't Buy Me DevOps
My Dad Won't Buy Me DevOpsMy Dad Won't Buy Me DevOps
My Dad Won't Buy Me DevOps
 
2014-10 DevOps NFi - Why it's a good idea to deploy 10 times per day v1.0
2014-10 DevOps NFi - Why it's a good idea to deploy 10 times per day v1.02014-10 DevOps NFi - Why it's a good idea to deploy 10 times per day v1.0
2014-10 DevOps NFi - Why it's a good idea to deploy 10 times per day v1.0
 
Rundeck Overview
Rundeck OverviewRundeck Overview
Rundeck Overview
 
AUG NYC June 12 - Event Presentations
AUG NYC June 12 - Event PresentationsAUG NYC June 12 - Event Presentations
AUG NYC June 12 - Event Presentations
 

Recently uploaded

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)Samir Dash
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....rightmanforbloodline
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceIES VE
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaWSO2
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingWSO2
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseWSO2
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceWSO2
 

Recently uploaded (20)

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
 

Ploigos - How It Works, and Why.pdf

  • 1. v1.0.0 Software Engineering applied to the Software Development Lifecycle Ploigos Ecosystem Bill Bensing March 2, 2022 1
  • 2. v1.0.0 Symptoms of a Diseased SDLC 2 ▸ Inability extend SDLC workflow, or swap technologies (at scale) without investments that resemble large re-write efforts ▸ High Toil, linear, or exponential, increase in effort as use of system increases.
  • 3. v1.0.0 The Organization Problem 3 1. Low SDLC Cohesion a. Little or no design, a series of tools & integration b. No formalized business architecture (workflow) 2. Highly Coupled & Brittle Implementation a. Low, or no, testability b. Approach to scale - copy “business logic” 3. Attestable Information a. Hard tell what happened, or when b. Very high toil
  • 4. v1.0.0 Workflow, Tools, & Services Enabling Constraints - Gold Path Workflow 4 The same thing, the same way, regardless of tech stack ▸ Minimum - Most Basic Flow ▸ Typical - Shift-Left Security ▸ Everything - 100% Automated Governance
  • 5. v1.0.0 SOLID Software Delivery Lifecycle 5 Why Not Apply Software Engineering Principles? ▸ S - Single Responsibility ▸ O - Open-Closed Principle ▸ L - Liskov Substitution ▸ I - Interface Segregation ▸ D - Dependency Inversion
  • 6. v1.0.0 What If There Was… 6 A technology-agnostic canonical implementation of SDLC tooling, with default workflow implementations, that allows one to layer in current, and future unknown concerns, which are independent of SDLC tool execution?
  • 7. v1.0.0 Ploigos Step Runner 7 A technology-agnostic canonical implementation of SDLC tooling, with default workflow implementations, that allows one to layer in current, and future unknown concerns, which are independent of SDLC tool execution.
  • 9. v1.0.0 Ploigos Step Runner 9 How It Works CI Tool Static Scanning Lines & Lines of Imperative Logic
  • 10. v1.0.0 Ploigos Step Runner 10 How It Works CI Tool $ psr static-scan Ploigos Step Runner Step Runner Config Retrieve Configuration Invoke Tools
  • 11. v1.0.0 Ploigos Step Runner 11 How It Works ▸ Procedural ▸ Declarative ▸ SOLID ・ S - Single Responsibility ・ O - Open-Closed Principle ・ L - Liskov Substitution ・ I - Interface Segregation ・ D - Dependency Inversion
  • 13. v1.0.0 The Modern Governance Strategy - Coherent Actions 13 Unit Tested Workflow Advantages Integration Tested Tools A workflow & tool set as a service
  • 14. v1.0.0 Ploigos Step Runner 14 How It Works - Automated Governance CI Tool $ psr static-scan Ploigos Step Runner Step Runner Config Retrieve Configuration Collect, Serialize, Sign,& Persist Outcomes Invoke Tools Store Outcome Attestation
  • 15. v1.0.0 Ploigos Step Runner 15 How It Works Evidence Attestation Persisted Evidence Cross Reference Eachother
  • 16. v1.0.0 16 The Modern Governance Strategy - Coherent Actions Automated Control Gate Activity Collect Material Normalized Material Retrieve Attestation Validate & Audit Attestation Attest To (Sign) Material & Persist Retrieve Policy Evidence & Attestation Procedure Policy Enforcement Point Procedure
  • 17. v1.0.0 The Modern Governance Strategy - Coherent Actions Serialize Material is Key to Externalized Policy 17 Evidence & Attestation - How to Codify Policy, Security, & Compliance
  • 18. v1.0.0 The Modern Governance Strategy - Coherent Actions Externalize Governance - Audit Against Business Interface 18 Policy Enforcement Point - How to Codify Policy, Security, & Compliance
  • 19. v1.0.0 The Modern Governance Strategy - Coherent Actions Continuous Integration as Evidence 19 Evidence Collection & Attestation of CI Process & Outcomes
  • 20. v1.0.0 The Modern Governance Strategy - Coherent Actions Validateable Continuous Deployment 20 Audits Are the First Part of the Deployment Process
  • 21. v1.0.0 The Modern Governance Strategy - Coherent Actions 100% Automated - Commit to Production 21 Automated Governance = Compliance as Code + Policy as Code