Nick Williams, Morgan Stanley: Open Source in the Enterprise.
All enterprises consume open source in some fashion. Open Source takes its life from contributions and so by contributing code back to open source, it reduces risk to organizations by keeping that software alive and relevant. However the mechanics, the risks, the best practices for contribution are often unclear and that doubt and uncertainty can hold back organizations from contributing. The aim of this talk is to cover experiences, best practices that I have seen work well for contributing, advice on making open source that can be easily adapted to other enterprises, and some ideas on building a community. Each of these sections aim to provide specific actionable steps that be adopted or adapted by different organizations.
3. [OPTIONAL DESCRIPTOR] [PRESENTATION NAME AND | OR DATE] 3
Case Study in Contribution:TheAutomounter
• Integrating new versions took considerable time.
• More than 10 versions of the automounter released in the last 15 years, still going
strong.
• By contributing our patches and working with the community, we have:
– Saved effort on integrating new versions.
– More rapidly adopted new versions.
– Able to adopt new distributions with minimal risk.
– Collaborated over problems with the community.
4. [OPTIONAL DESCRIPTOR] [PRESENTATION NAME AND | OR DATE] 4
Benefits of Contribution
• Open source allows you to avoid private forks that cause a non-competitive
maintenance burden.
• Contributing demonstrates that your enterprise is an active participant in the
community.
• Open source mitigates risk from:
– Software obsolescence.
– Vulnerabilities or bugs through insufficient review.
6. [OPTIONAL DESCRIPTOR] [PRESENTATION NAME AND | OR DATE] 6
Contributor:Managing the Distribution
Software Contributions
• Data leakage protection:
– Code review.
– DLP tools.
• How do you get the software to the manager of the
software? Email, GIT pull request, etc?
• Need to bring in next version containing
contribution and validate successful integration.
Managed Projects
• Data leakage protection:
– Code review.
– DLP tools.
• How do you push software to the external
repository?
• How do you manage pull requests/patch
submissions?
• How do you manage bug reports?
7. [OPTIONAL DESCRIPTOR] [PRESENTATION NAME AND | OR DATE] 7
Legal & Compliance:Managing the Distribution
Software Contributions
• Reviewing target contribution agreement (if one
exists).
• Reviewing:
– Code review.
– DLP tools.
• How do you get the software to the manager of the
software? Email, GIT pull request, etc?
• Need to bring in next version containing
contribution and validate successful integration.
Managed Projects
• Data leakage protection:
– Code review.
– DLP tools.
• How do you push software to the external
repository?
• How do you manage pull requests/patch
submissions?
• How do you manage bug reports?
8. [OPTIONAL DESCRIPTOR] [PRESENTATION NAME AND | OR DATE] 8
Legal & Compliance:Questions for the Contributor
• What license do you want to use?
• Who wrote the code? Under what contracts?
• What artefacts with their own licenses are distributed with this software?
• What forums will the team use for discussion of this open source?
• How to manage a contribution agreement?
10. [OPTIONAL DESCRIPTOR] [PRESENTATION NAME AND | OR DATE] 10
Community Challenges
Forums
• Who can communicate? Approvals? Review?
Documentation
• What is it?
• In open source, customers are disconnected from
providers. Documentation is all that they get…
• “Hello World” – show something fast!
• Documentation aimed at the audience.
• Label experimental code.
• Documentation is the priority.
Activity
• Where is the canonical source?