How can you make a successful digital transformation in your company using Azure, Visual Studio, Git and other tools? What is your approach?
Acme is a successful accountancy firm based in the UK which is currently going through a digital transformation programme of work to modernise its legacy systems, using a proper approach for a real digital transformation scenario.
As part of the programme, Acme wants to become more “agile” and embrace new approaches and technology to deliver more modern and efficient services to its clients.
One of the key components of the transformation programme is an “Integration Platform” that will provide integration between core operational systems.
The Integration Platform will provide a scalable messaging layer that offers Acme the ability to decouple applications from each other such that, in the future, changing a system will not require the reimplementation of point-to-point services, but instead the fulfilment of a particular contract with the Integration Platform.
As part of its digital transformation programme, Acme has adopted a cloud first strategy and Microsoft Azure is their chosen public cloud, integrated with Visual Studio and Git.
Acme’s small team of developers are relatively inexperienced in their approaches and in the past have typically only worked in isolation or in pairs to deliver projects with no formal process.
The developers have experience of using .NET Core and React and currently use Azure DevOps for managing their source code.
The architecture of the Integration Platform is based around the Message Broker pattern using a “publish and subscribe” model to pass messages from one system (publisher) to another (subscriber).
|On-ramp||A set of Azure logic apps and functions that are triggered by an event in a publisher system and send a message to the Message Broker.|
|Message Broke||An Azure function which is called by an on-ramp process and performs data transformation and enrichment operations on messages before placing them on an Azure service bus|
|Off-ramp||A set of Azure logic apps and functions that are triggered by a message being placed on an Azure service bus.|
|Admin||A web application providing administrative and monitoring capabilities for the Integration Platform. The application should be implemented using a React frontend with a .NET Core Web API backend.|
- The Architecture team have defined that the platform must use a “serverless” approach by default and use .NET Core for backend functions and APIs.
- Each component should be independently testable and deployable.
- Passwords and/or secrets for production systems must not be stored in source control or in plain text configuration settings.
Explain your view
Please describe how you would approach the delivery of Acme’s new integration platform in terms of your proposed:
- approach to managing work items and / progress
- structure of the source code repo(s) and what approach you would take to managing branches
- approach to ensuring code quality is maintained and what tools/frameworks you would use
- development toolset
- approach to managing deployments including the required Azure resources
- approach for managing passwords and secrets
- Benefits to Acme of the approaches above
- Any key risks or assumptions
Digital transformation scenario: what is your approach? My explanation
Proposed approach to managing work items and / progress
In the developer’s world, Agile methodology is the common way to manage the work and the workflow. Agile is a practice that promotes continuous iteration of development and testing throughout the software development lifecycle of the project.
Agile – Scrum
The architecture of Agile methodology is based on the same simple steps in a specific period of time. The time is usually 2 weeks and it is called Spring. The main steps are:
- Sprint planning: the team estimates each user story and decide what tasks will be included in the next sprint.
- Sprint: the period of time, usually 2 weeks, where the team is working on the tasks on the board
- Daily Scrum Meet: every day, usually in the morning, the team is gathered and each person explains what he did the day before and the issues or blockers had faced
- Sprint Review Meet is held at the end of the sprint to inspect the increment and adapt the product backlog if needed
- Sprint Retrospective Meet: the team talks and analyses how the sprint went and highlighted what went well, wrong and could be improved. An easy free tool online is IdeaBoardz
During the sprint, the team has a board. For each user story, there are one or more tasks to complete. At the beginning of the sprint, all tasks are in the status of new.
So, each developer peeks up one ticket each time. When a developer picks up one ticket, he changes the status of the ticket to Active or In progress.
When the developer completes the task, he has to change the status in code completed. In some cases, the task can be moved in the Resolved status.
The ticket is now ready for the testers. Testers are responsible to check the functionalities and if the acceptance criteria are satisfied.
Then, the task is completed and it is possible to close it and change its status to Complete.
This process has simple steps. Every company can organize the process and the label of this process as it is more convenient.
Microsoft Azure DevOps
As developers, Azure DevOps offers a good integrated platform to manage the Agile ceremony.
Therefore, other tools are more business oriented like Jira. In a digital transformation scenario this are important tools to define at the beginning of your approach.
Important note is Azure DevOps is integrated in Visual Studio and it is also possible to browse you Git repository.
Discriminating Epics, Features and User stories
After that, it is difficult to understand the different among these 3 parts of the process. Apparently, epics, features and user stories are all forms of expressing user need and implied benefit, but at different level of abstraction.
While there is no rigorous way to determine whether a “think you know you want to do” is an epic, feature and user story, the following table of discriminators should help:
|Type of information||Description||Responsibility||Time frame & Sizing||Expression format||Testable|
|Strategic Product Theme||BIG, hairy, audacious, game changing, initiatives. Differentiating, and providing competitive advantage.||Portfolio fiduciaries||San strategic planning horizon, 12-28+ months. Not sized, controlled by percentage investment||Any: text, prototype, PPT, video, conversation||No|
|Epic||Bold, impactful, marketable differentiators||Program and product management, business owners||6-12 months. Sized.||Most any, including prototype, mockup, declarative form or user story canonical form||No|
|Feature||Short, descriptive, value delivery and benefit oriented statement. Customer and marketing understandable.||Product Manager and Product Owner||Fits in an internal release, divide into incremental sub-features as necessary. Sized in points.||Declarative form or user story canonical form. May be elaborated with system use cases.||Yes|
|User story||Small atomic. Fit for team and detailed user understanding||Product Owner and Team||Fits in a single iteraion. Sized in story points.||User story canonical form||Yes|
Proposed structure of the source code repo(s) and what approach you would take to managing branches
As a developer, I like to have an integrate environment for repositories, deployment and resources such as web app and/or server less applications.
For this reason, I’m using Azure DevOps: it is free for unlimited repositories but max 5 users.
For each repository, I’m following a common structure that allows you to manage the master branch, a developer branch, tagged releases and hot fixes. This is Gitflow.
In our repository’s structure you have some main folders:
- feature: for creating new tasks
- bug: fix some exists functionalities
- hotfix: fix some bugs in production
In the configuration of the CD/CI, there is a peer to peer review for merging a branch to the develop branch or master.
When a new branch is merged in the develop branch, the CD/CI process, automatically prepare the build and start the deployment.
In Agile point of view, each developer is responsible for a single task at the time. For this task, the developer has to create a branch. Common practice is naming each branch with the task number and a short description in the right folder. For example
When a developer completes a task has to create a new Pull Request to merge his changes to the develop branch. If the developers finished the peer to peer review, the branch is merged on develop.
For admin purposes, each branch could be associated with a task in the board. So, when a branch is merged, the correspond task is closed.
Every developer can manage this Git flow in the Azure DevOps and also directly in Visual Studio.
Proposed approach to ensuring code quality is maintained and what tools/frameworks you would use
As developer, you know you have to learn constantly: every day new technologies come up, new tools, new environments. The interaction between developers is important because we can teach each other something new. Also, developers (and no developers) can use Visual Studio to browse the dashboard in Azure DevOps and Git repositories.
For this reason, show your code to other developers is always a good way to improve the quality of your code and at the same time to learn something new. Nonetheless, websites like Github are so popular with a lot of users. In your team, peer-to-peer review is the simple way to check your code and find new implementation or structures. To be on the same page, a weekly meeting to share information should have an important impact in your team.
In Visual Studio, Code Analysis is an integrate tools. The Code Analysis feature of Visual Studio performs static code analysis to help developers identify potential design, globalization, interoperability, performance, security, and a host of other categories of potential problems.
You can run Code Analysis manually at any time from within the Visual Studio IDE, or even setup to automatically run as part of check-in policy for Azure DevOps Server.
Linters and Code Analysis
GCop is a fairly new set of C# code analysis rules (with really nice setup, use and rules documentation) from Geeks Ltd., which may be worth checking out if you’re not entirely satisfied with other code analysis rulesets (or perhaps using alongside of those other rules for extended coverage).
GCop is intended to be installed in your project as a NuGet package. To allow for rules that can’t run from a package, Paymon has released a GCop.Extra Visual Studio 2017 extension for use with GCop.
The extension enables GCop rules such as Minimum Scope that detect whether methods that are more visible than they need to be.
MultiLinter, by Giovanni Lambiase, enables you to replace the (already outdated) linters built into Visual Studio 2017 with the standard linters available through Node.js including (but not limited to) ESLint, JSLint, JSHint, Stylelint, CssLint and Sass-lint.
MultiLinter lets you turn verbose debugging on, configure which linters to use (including running multiple linters against a file at the same time), update linters and linting rules, set rule severity warnings, and much more.
XamRight, from Critical Hit Tech, is an extension for Visual Studio 2015 and 2017 that brings design-time code analysis and coding assistance to Xamarin.Forms XAML development.
You get IntelliSense, warnings, view model and data binding analysis and debugging, navigation tools for moving between XAML and C# model definitions, custom view implementations and more, along with navigation from XAML resource references to definitions.
XamRight can analyze your own model-view model binding, but also includes built-in support for popular MVVM frameworks including MVVMCross, MVVMLight, FreshMVVM, Prism and Caliburn.Micro.
A 30-day free trial is available and licensing is available on a monthly or yearly basis.
NDepend, one of the most popular commercial static code analysis tools for .NET Framework development, recently released a substantial update including support for .NET Core 2.1, ubiquitous language checks in Domain Driven Design (DDD), performance improvements for Visual Studio 2017 and over a dozen new or improved code analysis rules.
A key new feature for NDepend is real-time technical debt estimation that’s updated as you code. Proud of that new method? Guess what, you just added 30 minutes of future technical debt. Maybe check NDepend’s analysis and spend a minute refactoring. I love it. NDepend offers a free 14-day trial and per-developer or per-build machine licensing.
Async Method Name Fixer is an effective little tool for doing a simple but often overlooked task: making sure your async methods are named appropriately.
In a nutshell, it looks for methods defined as async and, if you haven’t given the method a name with “Async” on the end, the extension flags all instances of the method and calls to it.
Code Coverage and Testing
AxoCover, by axodox (Péter Major), provides Visual Studio integration for code coverage and unit testing with OpenCover. AxoCover lets you run, debug and check code coverage for unit tests in .NET Framework projects for Windows.
You can browse and analyse coverage by test in a hierarchical view and dig down into line-by-line coverage and test results. AxoCover supports the MSTest, xUnit and NUnit test frameworks.
SmartTests Extension, by Ludovic Dubois, is an extension to show current and missing tests for NUnit, Xunit and MSTest within Visual Studio.
SmartTests integrates into your Visual Studio environment the Pretty Objects SmartTests library, which helps you write smart unit tests, and the SmartTests.Analyzer, a Roslyn Analyzer to display missing tests as warnings.
The extension shows tests in a centralized window, lets you see current tests and any missing tests, and lets you navigate quickly to specific tests.
SmartBear’s TestLeft UI test automation framework supports Visual Studio 2013, 2015 and 2017. TestLeft integrates directly into the Visual Studio development environment, enabling you to create tests as you code.
A built-in object spy gives you the ability to create tests that support over 500 common Web and desktop UI controls.
You can create automated tests for a variety of popular development frameworks including .NET Framework, Winforms, WPF, Java, HTML5 and AngularJS.
Further test coverage includes controls from Infragistics, DevExpress, Syncfusion and Telerik, along with cross-browser testing with legacy versions of Internet Explorer, Edge, Firefox and Chrome.
Tests created in TestLeft can be migrated into TestComplete for automated testing as part of your continuous integration and release management processes.
Register online for a free 30-day trial. Yearly per-node and floating licenses are available from SmartBear.
Selenium is an umbrella project for a range of tools and libraries that enable and support the automation of web browsers.
It provides extensions to emulate user interaction with browsers, a distribution server for scaling browser allocation, and the infrastructure for implementations of the W3C WebDriver specification that lets you write interchangeable code for all major web browsers.
Selenium is made possible by volunteer contributors who have put in thousands of hours of their own time, and made the source code freely available for anyone to use, enjoy, and improve.
Testing with BDD
Digital transformation could drive you to change approach on testing.
Behavior Driven Development (BDD) is an agile software development practice – introduced by Dan North in 2006 – that encourages collaboration between everyone involved in developing software.
So, developers, testers, and business representatives such as product owners or business analysts.
In other words, BDD aims to create a shared understanding of how an application should behave by discovering new features based on concrete examples. Key examples are then formalized with natural language following a Given/When/Then structure.
Gherkin is the most commonly used syntax for describing examples with Given/When/Then in plain text files, called feature files.
Gherkin scenarios can be automated to validate the expected behavior. At this point, BDD tools – such as SpecFlow – come in handy. Automated acceptance tests, however, are an optional by-product of using BDD, not the sole purpose.
SpecFlow is the #1 .NET open source framework for Behavior Driven Development, Acceptance Test Driven Development and Specification by Example.
In SpecFlow, specifications are written in plain, simple language which is defined by the Gherkin Syntax (Given-When-Then).
SpecFlow provides a whole ecosystem of tools to use BDD on Azure DevOps and the Microsoft .NET platform. Besides SpecFlow and SpecFlow+Runner, there is also a SpecFlow Visual Studio Extension that provides a Gherkin editor and build integration.
SpecMap and SpecFlow+LivingDoc are Azure DevOps extensions that support the team in the overall BDD process with managing their backlog using story maps and accessing their living documentation.
VisualSOS.Extension also gives you menu access to those features instead of having to remember the commands and option flags. Visual SOS is available as both a Visual Studio 2017 extension and a stand-alone debugger.
To learn more, see Hernandez’s blog post Visual SOS – Visual Studio extension to debug managed applications through SOS for an overview and some tips for more effective debugging with SOS.
LINQBridgeVs, from Coding Adventures, provides a Custom Debugger Visualizer within Visual Studio that creates a bridge between your Visual Studio debugging session and the external LINQPad scratchpad and test environment.
After rebuilding your project, you can right-click on any public classes or structs in the project and open the related debugging data within LINQPad.
Microsoft Visual Studio Live Share
Microsoft’s Visual Studio Live Share, provides a collaborative development environment, enabling you to share code, collaboratively edit, securely share local servers and even collaboratively debug your code in real-time.
It’s not a screen share service or centralized codebase; you’re able to work independently in your local Visual Studio environment while collaborating on code editing and debugging.
As we go to press, the VS Live Share is in limited preview: anyone can download the extension, run it and join a session, but permission to share a session requires registration and acceptance into the preview.
Finally, the integration among Azure DevOps, Git and Visual Studio allows developers to use only one tools for coding and manage branches and share code and knowledge.
Proposed development toolset
Visual Studio is the main tool for developer and Microsoft releases it in different flavour:
- Community: basic functionalities for developers for creating desktop application, web applications, mobile applications, libraries and much more with .NET and other languages.
- Professional: more tools dev oriented for debugging, integration and team interconnection
- Enterprise: developer’s dream, everything is here
- Visual Studio Core: editing and debugging on any OS in a simplify environment
- Visual Studio for Mac: develop apps and games for iOS, Android, and web using .NET (Xamarin)
Most important, Visual Studio is really cloud oriented: there is a total integration with Azure, the Microsoft Cloud, and Git. You can explore all Azure resources directly from your Visual Studio.
Microsoft Azure, the cloud
Azure is the Microsoft Cloud. You can deploy every kind of applications built with any languages, not only .NET: it is a very friendly environment and easy to use, in the usual Microsoft style.
In Azure you can create different subscription (you can think a subscription as an environment, for example a subscription for test, another for stage and another for production).
There are some tools to explore better some Azure resources:
- Service Bus Explorer: the Service Bus Explorer allows users to connect to a Service Bus namespace and administer messaging entities in an easy manner. The tool provides advanced features like import/export functionality or the ability to test topic, queues, subscriptions, relay services, notification hubs and events hubs. Source code on Github.
- Azure Media Services Explorer (AMSE) is a Winforms/C# application for Windows that does upload, download, encode and stream VOD and live content with Azure Media Services v3. Source code on Github
- Azure Storage Explorer: easily manage the contents of your storage account with Azure Storage Explorer. Upload, download, and manage blobs, files, queues, tables, and Cosmos DB entities. Gain easy access to manage your virtual machine disks. Work with either Azure Resource Manager or classic storage accounts, plus manage and configure cross-origin resource sharing
Now, Azure Functions and Logic Apps are very popular in the Microsoft world. Both developers and non-developers can create very complex workflows with few clicks.
I said I propose to use Gitflow to manage branches. There are a lot of tools for that. Also, Visual Studio has one and you can install it from the Visual Studio Installer but this has very basic functionalities. I recommend one of the following tools:
- Sourcetree simplifies how you interact with your Git repositories so you can focus on coding. Visualize and manage your repositories through Sourcetree’s simple Git GUI. This tool is free
- Gitkraken is very simple and the look is quite pretty. For free, you have better functionalities than Visual Studio and it is easy to manage your branches. There is an extension for Gitflow but only for the version with licence.
Generally speaking, if you want to create apps for iOS and Android, I really recommend to have some physical devices. Android is the tricky one because it supports a lot of different devices with different screen sizes.
Therefore, if you want to create apps for the iOS world, you must have a Mac to compile and test your application.
Deploy and test an application on a Simulator is free but if you want to test your application on a real device, you must pay the fee as developer to Apple.
To build and distribute your app, you can use Microsoft AppCenter: it is simple to use, efficient and it collects the data of usage and crashes for you in a simple interface.
In Visual Studio you have a perfect integration of mobile with Xamarin but also with Azure DevOps and Git repositories.
Proposed approach to managing deployments including the required Azure resources
I mentioned before Gitflow that you can use to manage your repositories in Azure DevOps. Also, DevOps allows you to create pipelines to deploy your projects directly into your cloud resources such as web application, Logic Apps, Azure Functions and so on.
For example, you can create a pipeline based on events. For example, when a branch is merged in develop branch, DevOps automatically starts the build and the deployment. There is a document on Microsoft to How to create your first pipeline in Azure DevOps.
The developers can create every resource in Azure via an ARM script. I discussed that in another post on this blog. So, during the deployment, Azure DevOps is also able to generate the environment before deploying your projects. You can write your ARM scripts or use the template and script generator in the Azure Portal.
In Visual Studio, developers can create the Azure Resource Manager (ARM) script, save in a Git repository and deploy everything in the company environment.
Proposed approach for managing passwords and secrets
A common approach to manage password was to create a sealed class in C# where they store all password. Very insecure way to protect your password for your environment. Another approach is the create app.settings for different environments but again this is not secure at all.
In Azure for resources like web application and Azure functions, there is a Configuration section. If you add your configuration for a specific environment, Azure rewrites the settings in the application with these values. Only if you have access to this resource in Azure, you can see the real values.
For instance, if you are using Azure DevOps, the pipeline has a parameter section where you put the settings based on the environment. So, when DevOps is building your project, it uses the proper configuration for the environment.
The most secure way to store your password is Azure KeyVault. Create a KeyVault in Azure is pretty simple but the protection KeyVault offers is very high. Every application has only a name and a client key to access to your KeyVault and the real password or certificate or secrets won’t never revealed.
It is easy to integrate Azure KeyVault with Visual Studio in your project and also publish your code, in a safe way, in your Git repositories without exposing your credentials.
Benefits to Acme of the approaches above
What I describe in this post is based on my experience in several companies and also, I ran my own company for more than 15 years. I saw and used this approach and I guarantee that our team can have a very positive benefit introducing this your new approach for the digital transformation.
Your team and your company could face at the beginning a couple of weeks of assessment because you have to understand how to implement these new changes and use new tools but it is worth.
All companies are using or going to use a similar approach: it is very common, there are a lot of tutorial and how to that you can read and follow and even books. Also, there are a lot of consultants and specialists can help you to adopt new behaviours to digital transform your company in better.
In addition, in developers’ point of view, there is a great integration using Visual Studio with Azure and Git repositories (Git is now a Microsoft product). Then your team has a consistent environment for desktop applications, mobile applications, web applications and cloud tools.
Any key risks or assumptions
Change the direction of a company is always a challenge. It is a good opportunity to involve people in something new, show to your team the company wants innovate because people are really the heart of your company.
As usual, at the beginning could be harsh because you have to introduce new tools and new behaviour. After a couple of months, you and your company will see the result, how the productivity is increased and people happy.
In addition, it is important to underline again, the integrating environment your company can use with Visual Studio, Azure, Git and other tools like Xamarin.
Human risk is the big factor in this scenario because sometimes people don’t want to change, in particular if they are in the company for as long time and they have their habit.
In conclusion, a digital transformation allows the company to be competitive and share common values with clients and other competitors.