Between spending hours (or days!) making sure you can code and test locally and the difficulties of keeping remote environments up to date, sometimes we find ourselves falling back on "It works on my machine!". Getting rid of the difficulties in making new development environments and maintaining testing infrastructure is really key to banishing the dreaded phrase. In this session, we'll take you through some of the recent tools and techs that will not only make your life easier but will mean you never have to say "works on my machine" ever again.
5. M I C R O S O F T
Current infrastructure remains a bottleneck to
agility by limiting productivity and security
Complex setup
Onboarding new developers is error-prone and
time-consuming, and if configured incorrectly,
issues take weeks to emerge
Inefficient environments
Mixing configurations from a variety of projects
slows down workstations and can result in issues
that are hard to diagnose
Lack of compute scalability
Developers working on single, physical machines
are limited to that device’s compute resources and
can’t easily multitask between projects
Security of remote devices
Remote developer teams working on a variety of
devices make it harder for IT technicians to control
access to sensitive source code
Increased risk of exposure
IT technicians can’t manage the uptime of dev
workstations running remotely, putting them at
greater risk of exposure
Varying industry standards
Compliance standards differ across industries,
requiring a variety of approaches to the deployment
and management of dev workstations
!
6. What does modern development look like?
Dev Environment
Setup
Test Code
Change
Merge Code
Change
Deploy to
Production
Top Tech Company 2 Days 4 - 8 Days 2 - 3 Days 2 - 3 Days
Top Enterprise 3 Days 14 Days 3 - 5 Days 5 Days
Digital Native 30 Minutes 2 Minutes 30 - 60 Minutes 1 - 2 Hours
7. Frequency of building new application
versions
Days between updates to customers
Sources: Forrester, AppAnnie
About half of teams build daily ...and release rates are accelerating
Increasing rate of change
9. MICROSOFT
Options scale by complexity of needs
Cloud Developer Machines
VSCode.dev/GitHub.dev
In-browser IDE
GitHub Codespaces
In-browser IDE + Live preview
Microsoft Dev Box
All IDEs and apps
10. M I C R O S O F T
Facilitates auditing by making it easier to trace
what was deployed, when, and how
Provides consistent environments from release
to release.
Greater consistency across development, test,
and production environments.
Provides code review and unit-testing
capabilities to help manage infrastructure
changes.
Allows configurations to be version controlled.
Make every environment reproducible
Infrastructure as Code
11. Reduce mean time to code
GitHub Codespaces
Container based
Terminals
In-browser
Fave IDE
Automagic containers from repo
contents
Great for projects that use the
CLI eg npm, hugo
No need for device setup and
maintenance
One of most popular IDEs for
rapid onboarding
12.
13. Enable self-service development with Microsoft Dev Box
Provide developers with self-service access to high-performance,
cloud-based workstations preconfigured and ready-to-code for
specific projects
Ready to Code
Self-service dev boxes preconfigured for specific projects.
Managed and Secured
Centralize governance of dev boxes running anywhere.
Flexible, but Controlled
Customizable dev boxes based on organizational standards.
14. GitHub Codespaces and Microsoft Dev Box
What platform do your
developers use?
Microsoft Dev Box GitHub Codespaces
Windows-based dev machine Linux-based dev environment
What tools do you need
support for?
Any IDE, SDK, version control system, or tool that
runs on Windows—including internal tools
Visual Studio Code and GitHub repos
What are you building?
• Any apps, including:
• Desktop and mobile apps
• Embedded apps
• Gaming
• IoT
• Web and cloud-based apps
• Backend development
• APIs
18. M I C R O S O F T
Continuous Integration and Continuous Delivery
CI/CD
In your dev collaboration tool
Code, collaboration, packages, and CI/CD - all
in one place for your developers
Automated workflows with Azure
Native support for deployments to Azure
Kubernetes Service, Azure Web Apps, Azure
Container Registry, and more
Accelerate with your preferred
languages and environment
Any language plus your choice of package
format. Hosted runners on Windows, Linux, and
MacOS, with x86 and ARM for self-hosted
runners
19. M I C R O S O F T
Continuous Integration and Continuous Delivery
Scale
validation
Scale best practices with code
Define and scale processes, security, and
compliance policies for your organization, across
teams, repos, and throughout the software
lifecycle
End-to-end traceability + governance
Plan and track work in Azure Boards linked to
GitHub, and monitor your code deployed to Azure
from GitHub Actions
Unified authentication
Sign into Azure with your GitHub credentials and
authenticate to GitHub Enterprise with Azure AD
20. Development Build Test/QA Production Breach
Remediation
Costs
SDLC
Stages
Develop Build Tes
t
Deploy Breach
$80 $240
$960
$7,600
$ Millions
Sources: NIST, Polemon Institute
● Unchecked dependencies (80-90% of your code)
● Employee error (exposed access tokens, unsafe code patterns)
● 570x more developers than security researchers
● Damage is exponentially greater if it reaches production
“Works (and secure) on my machine”
21. M I C R O S O F T
The world’s most advanced semantic code
engine
Allows you to query your code’s logic to find
vulnerabilities
Queries can be quickly customized to adapt to
your specific threat topology
Community-driven query set powers every
project with a world-class security team
Move from 45% fix rate in 90 days to 72% fix
rate during the PR
Check online rather than locally
CodeQL
Source: Veracode
22. Manage testing at scale
Azure Test Plans
Capture rich data
End-to-end traceability
Browser
Test across web and
desktop
Scenario data, user stories,
test cases directly from your
exploratory test sessions.
Single set of test tools across
your engineers and UAT
stakeholders.
Run tests and log defects from
your browser. Track quality
throughout your testing lifecycle.
Test your application where it
lives. Test on-premises from the
cloud and vice-versa.
23. M I C R O S O F T
Blue Green Deployments
Canary Releases
Dark Launching
A/B Testing
Progressive Exposure Deployment / Ring
Based Deployments
Deploy different to minimise risk
Deployment strategies
25. Control deployments
Deployment slots Mechanism to separate feature deployment from
feature exposure
A.k.a. feature flippers, feature flags, feature
switch, conditional feature, etc.
Why use them?
It enables you to give control back to the business on when to release
the feature
Enables A/B testing, canary releases and dark launching
It provides an alternative to keeping multiple branches in version control
Enables change without redeployment
26. Reduce risk if something goes wrong
Traffic Manager Traffic manager provides the ability to route traffic
between Azure app services
Within an app service, routes traffic between deployment
slots
Why use it?
It enables failover and load distribution capabilities
It enables you to deploy to a slot and then slowly move traffic
over to the other slot
28. Build in observability of your applications
Azure Monitor & Application Insights
Track
Action
Explore
Demonstrate
Detect & diagnose issues
across apps and dependencies
with App Insights
Operationalize at scale with
Smart Alerts & Automated
Actions
Drill down with Log Analytics for
troubleshooting & deeper
diagnostics
Create visualizations with Azure
Dashboards & Workbooks
29. Metrics
Logs
Application Container VM Monitoring
Solutions
Insights
Dashboards Views Power BI Workbooks
Visualize
Metrics Explorer Log Analytics
Analyze
Alerts Autoscale
Respond
Event Hubs Ingest &
Export APIs
Logic Apps
Integrate
Azure Monitor
Custom Sources
Applications
Operating System
Azure Resources
Azure Subscriptions
Azure Tennant
Holistic approach
30. M I C R O S O F T
Load testing
Load testing is used to find out how a system
performs with many concurrent users, large amounts of
data, and over a time period
Performance testing
Performance testing looks at how responsive an
application is, how efficiently it uses resources, how
stable and reliable it is
Recommendations
Should be done early and often, so developers can
implement the feedback
Should be part of your planning, right from the start
Often requires tools or suites of tools
Testing production
31. M I C R O S O F T
Load test before production
Simplify load tests by eliminating
infrastructural complexities and unlocking
the full power of Apache JMeter
Generate high-scale
load with ease
Optimize app performance with custom
analytics and a comprehensive view of
client and server metrics on a single
dashboard
Optimize performance at
scale
Integrate load testing into CI/CD workflows
to catch and block performance issues early
in the development lifecycle
Build load testing into
DevOps workflows
Azure Load Testing
32. ● Fully managed service
● Infrastructure-as-code
● observability tools
● library of faults
● real-world scenarios
● Roll back experiments grant granular fault permissions
Azure Chaos Studio Measure, understand, improve, and maintain product
resilience
34. M I C R O S O F T
Move online
Use alternatives to a manually configured desktop
Build quality guard rails
Use CI/CD to build and test software
Increase visibility of prod
Leverage observability and rollout capabilities to
validate production
Get rid of “works on my machine”
35. Visualise your process to support understanding
DevOps Workflow Generator
See your toolchain.
Optimize your
toolchain.
Understand your
toolchain.
Multi-vendor
aka.ms/workflowgenerator